clipwatching.com/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
104.21.235.153301 Moved Permanently 0 B URL HTTP/1.1 clipwatching.com/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
IP 104.21.235.153:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html HTTP/1.1
Host: clipwatching.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 21:52:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 06 Oct 2022 22:52:30 GMT
Location: https://clipwatching.com/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCUN45RajQ7WEDRlPS0ZgjWUObby%2BJwd6h9psE3FOVtRn3bqFjz5kD3KTJmNxKw9WEhwNXyeOvuyAHF%2BMSY%2B%2FkHgM4nOC0thNI4lbSn3O%2BJbXZ5iL3ryPJwFEuptq7kPMqXL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75619fe00fdc7478-LHR
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ij_h5BXZoYpWNucyxa98s13VDj7qNw0VK8XCGwxpyqQUwFarsJdkCg==
Age: 108312
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2227
Expires: Thu, 06 Oct 2022 22:29:37 GMT
Date: Thu, 06 Oct 2022 21:52:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5443
Expires: Thu, 06 Oct 2022 23:23:14 GMT
Date: Thu, 06 Oct 2022 21:52:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dLbeNqcFst21ydFyeAJyB2eHS/8bs7+v4FO0HNm5IA6fvGSNGahA5MXjeFUiWw8kKRBWHIX/xOI=
x-amz-request-id: YJPF35N9VHF41VQV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 20:58:53 GMT
age: 3218
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:52:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash cc36869bfbb58d66209b37ff80884154
ab026c404a3dc432390b5ee5e138a6a9a08bb287
e40e4b6945e2fa30524ebd551d325955e5b6c5829e09ee95b988df4db2f80187
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 10 Oct 2022 20:17:46 GMT
ETag: "ab026c404a3dc432390b5ee5e138a6a9a08bb287"
Last-Modified: Thu, 06 Oct 2022 20:17:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 433
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75619fe34a3db500-OSL
clipwatching.com/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
104.21.235.154301 Moved Permanently 8.9 kB URL HTTP/2 clipwatching.com/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
IP 104.21.235.154:0
Hash 245da65756def04d3d2922cca6b1e101
7c5d995ac49a2df47aae5c0234a941fc5dd2df8b
541a94ec4c11cc849713e08782e60514c464482b4ecd963e5121602e28632a84
GET /fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html HTTP/1.1
Host: clipwatching.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Thu, 06 Oct 2022 21:52:31 GMT
content-type: text/html
location: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8O%2Fq1dFSaTR8iMtgh9YRQqvWC4QHV9eLKvKHASeDQQaQIi2N0gpsM9Nzty5q3supiYodIaAPEtsG7EsKzii6cwHqwEHYAH9xylikFWDgEEE0xZa87C%2FLLZi1RCFYi4SeoHKf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75619fe24889dc2d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
highstream.tv/css/main.css
109.202.108.222200 OK 5.5 kB URL HTTP/1.1 highstream.tv/css/main.css
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type assembler source, ASCII text
Hash afcc23aecd584b2a00d8e83fd1b7913f
87a848a90af26e4fe68c17e0cec4d48fb982d626
11bb2603c43a60b332a1b6c6a630f078cea3f839ec1d3b3a4f5fc7bb219b3fdd
GET /css/main.css HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: text/css
Last-Modified: Fri, 17 Aug 2018 15:50:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5b76eea8-4e07"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/css/style.css
109.202.108.222200 OK 5.7 kB URL HTTP/1.1 highstream.tv/css/style.css
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
Hash 8d04a7b3ff56b8ee23670cc3d4520a88
8de1812e67208f6341a4a686948a076ee38f0eb1
cd013a6eada3d82aa919bb567c7b8003ca2761ceb41ec1bfbc65b5fce39de015
GET /css/style.css HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: text/css
Last-Modified: Sun, 11 Jun 2017 08:38:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"593d0168-6e2a"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/js/jquery.cookie.js
109.202.108.222200 OK 1.5 kB URL HTTP/1.1 highstream.tv/js/jquery.cookie.js
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
Hash a97ea0f204750cd6b13416e7747ee08f
8e0e51d693ff88cff61fac65a3dcbb83fd9f19e2
545936dc5b61a110b0597c79b8df450faab9ca5b7f1ee8d19b3468bce44d66ac
GET /js/jquery.cookie.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 31 May 2011 13:23:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"4de4ebb4-10eb"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/js/modernizr.custom.04022.js
109.202.108.222200 OK 3.1 kB URL HTTP/1.1 highstream.tv/js/modernizr.custom.04022.js
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type HTML document, ASCII text, with very long lines (6808)
Hash f404d47735b8e5059a1ed116644d1b21
735fe86d45794a4f15ebe12062f872db13031ade
511fb46623c49666edd74b143b07c207dfe2d76abfa192679d7bab558a9d3d25
GET /js/modernizr.custom.04022.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 02 Feb 2015 21:56:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"54cff270-1b0d"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/js/xupload.js?v=3
109.202.108.222200 OK 3.6 kB URL HTTP/1.1 highstream.tv/js/xupload.js?v=3
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
Hash ae5e98ec26b157c8186717851984318f
6742cc0677e68b55262aa6702cc39c2c91e81bb4
d8f7c01e480a5c34517eb510f9ec02be53d6d2ed7d91092b4139c7272da90046
GET /js/xupload.js?v=3 HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 27 Jun 2016 20:10:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"57718818-2765"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/css/bootstrap-custom.css
109.202.108.222200 OK 926 B URL HTTP/1.1 highstream.tv/css/bootstrap-custom.css
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type assembler source, ASCII text
Hash e549e62953e9d78accfc37de7830dd31
709373ff9f5d63f93f63536865710e8775c028c9
43ea0c105aee839297b453788850103d3a9349d35edbcccfcdf13a76c412f172
GET /css/bootstrap-custom.css HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: text/css
Last-Modified: Fri, 26 May 2017 23:35:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5928bba4-d5f"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/css/font-awesome.min.css
109.202.108.222200 OK 7.1 kB URL HTTP/1.1 highstream.tv/css/font-awesome.min.css
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type ASCII text, with very long lines (30837)
Hash 0ebb760c7d229fd1d2b3a63493306569
58961c039962ea4f5215caa2e0127a8658bcf847
18eecad8f04af6784d466cd2cad0337dea530bef457e6a7b3da473eea589b134
GET /css/font-awesome.min.css HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: text/css
Last-Modified: Thu, 22 Dec 2016 14:50:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"585be818-7918"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cdn.tapioni.com/asg_embed.js
205.185.216.10200 OK 34 kB URL HTTP/1.1 cdn.tapioni.com/asg_embed.js
IP 205.185.216.10:0
File type Unicode text, UTF-8 text, with very long lines (37787), with NEL line terminators
Hash 0bfc926c8717a33d199bd68e1b75af88
8cf397d588f3f00adc9606838b33df88646c38a8
e0a1a633931c7aa2cb79662bdd9c0a78ab87132ca6e549ec64366cf6095e146e
GET /asg_embed.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:52:31 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 34358
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 14:12:29 GMT
Accept-Ranges: bytes
Server: nginx
ETag: "632c6d4d-8636"
Cache-Control: max-age=315360000, public
X-HW: 1665093151.dop224.sk1.t,1665093151.cds240.sk1.shn,1665093151.dop224.sk1.t,1665093151.cds237.sk1.c
Access-Control-Allow-Origin: *
highstream.tv/js/jquery.min.js
109.202.108.222200 OK 33 kB URL HTTP/1.1 highstream.tv/js/jquery.min.js
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type ASCII text, with very long lines (32086)
Hash ece879ee496f4d73786b4f086d20495b
f0dddf54755394aceb56dc377ab5879015b1b92f
56c5badd7be6180bd27a9a542803f82fe4a4d589b96253add8f187be20117997
GET /js/jquery.min.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 19 Nov 2014 22:10:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"546d1538-1762a"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/js/pop.js
109.202.108.222200 OK 36 B IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type ASCII text, with CRLF line terminators
Hash 2f8fefc6a5aed3327c395f43db6be62d
8594728c9e75e88e1a759e8c8466df832323d963
ff687e2177537cc8e021014af056c22a44036a19c9101350dedf64a6666d47ba
GET /js/pop.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 36
Last-Modified: Thu, 14 May 2015 20:27:00 GMT
Connection: keep-alive
ETag: "55550514-24"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
highstream.tv/js/tabber.js
109.202.108.222200 OK 1.9 kB URL HTTP/1.1 highstream.tv/js/tabber.js
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type ASCII text, with very long lines (538)
Hash b31fc1f9ca614a773f7fd4205230544f
da6e1be87d51d725981ef85f2cd88a2e19596d58
706666ebb3e583d74e800574b78a1dca4bd9c0e63a9a902738abfb7f5ea21a2c
GET /js/tabber.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Jul 2010 19:18:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"4c338168-1803"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/player8/jwplayer.js
109.202.108.222200 OK 32 kB URL HTTP/1.1 highstream.tv/player8/jwplayer.js
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type ASCII text, with very long lines (65502)
Hash 5269e01598bbd804d0f49f7c0bd080bf
9233e2f7fb024f0973b098f56e310ca9998f6c5f
9398176c5782058ec492f67fb4cd7a38f0b1c3f307bf0b2607cf332ed8ebb08d
GET /player8/jwplayer.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 23 Apr 2019 15:02:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5cbf28e8-18a5c"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/images/cancel.png
109.202.108.222200 OK 3.0 kB URL HTTP/1.1 highstream.tv/images/cancel.png
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f7aec314e1916bf12a46caf55ea947ac
0b5fe01203ea843d9ce57ec076deba6686b972fc
0cc597764a839c1e419b7f3b6ab0beab426a5104fea8c8503d8e6335e964b4d1
GET /images/cancel.png HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: image/png
Content-Length: 2960
Last-Modified: Sat, 23 Oct 2010 00:43:00 GMT
Connection: keep-alive
ETag: "4cc22f94-b90"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
highstream.tv/img/highstream.tv3.png
109.202.108.222200 OK 10 kB URL HTTP/1.1 highstream.tv/img/highstream.tv3.png
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type PNG image data, 803 x 209, 8-bit/color RGBA, non-interlaced\012- data
Hash bab4da931029e32a4d7774549b39ecb4
64c94d3bf2cc25756b01059105ccb4d4c2931bc0
55c52450d468027a04c91d89f7e7e00d12334a96ce06d2507249de1f35556202
GET /img/highstream.tv3.png HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: image/png
Content-Length: 10472
Last-Modified: Fri, 02 Apr 2021 14:33:10 GMT
Connection: keep-alive
ETag: "60672b26-28e8"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 74904ed5d1a80b0aadf08c224bf43fd5
dacab68ae284c8c1767882f3292c1f3e522f7204
270e4df4d167f478a1a9eb4071a27259b5b43a842195c1adb20ea55a809e26c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "270E4DF4D167F478A1A9EB4071A27259B5B43A842195C1ADB20EA55A809E26C3"
Last-Modified: Wed, 05 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3661
Expires: Thu, 06 Oct 2022 22:53:32 GMT
Date: Thu, 06 Oct 2022 21:52:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 21:01:58 GMT
Expires: Thu, 06 Oct 2022 21:07:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: n67njSOZRNrpSvnZTQ3TGrEKwuApe1WsX9YIvKatlLy-S7Del8bYnw==
Age: 3033
highstream.tv/img/flags.png
109.202.108.222200 OK 15 kB URL HTTP/1.1 highstream.tv/img/flags.png
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type PNG image data, 1248 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e7e0406e09ea913dc344ca9974ec94a
084fcf2d8e96661354a7e563f64801dfd13bead7
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
GET /img/flags.png HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/css/style.css
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: image/png
Content-Length: 15180
Last-Modified: Tue, 03 Feb 2015 22:16:00 GMT
Connection: keep-alive
ETag: "54d148a0-3b4c"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
highstream.tv/player8/lightsout.js
109.202.108.222200 OK 1.6 kB URL HTTP/1.1 highstream.tv/player8/lightsout.js
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type C source, ASCII text, with CRLF line terminators
Hash 755a7ec2a12779f6383dce9f75cd177f
eddf4c0dcb9ef8f47e81035bc2912c6ed145d3c1
f577b1025cf9b5bdd0074eaf0346ea6202532204628ec2b11df7282c8e73f968
GET /player8/lightsout.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 02 Nov 2015 08:19:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"56371c74-1336"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/player8/vast.js
109.202.108.222200 OK 29 kB URL HTTP/1.1 highstream.tv/player8/vast.js
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 104ebd4e3206def27924dfd9669e0824
ab38c96a780c225634914d5dce122948c1120821
1923022e6ca53f8d4aa60d1fbfbbddf73f789ed80734eefdae78d99b67643476
GET /player8/vast.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 23 Apr 2019 14:05:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5cbf1b8c-17474"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
104.18.11.207200 OK 18 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
IP 104.18.11.207:0
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
GET /bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:31 GMT
content-type: font/woff2
content-length: 18028
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 08/03/2021 23:23:50
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: b51bcdad1a52715d1dc58a616a38ba73
cdn-cache: HIT
cf-cache-status: HIT
age: 8134633
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75619fe72c01b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
highstream.tv/player8/jwplayer.core.controls.js
109.202.108.222200 OK 67 kB URL HTTP/1.1 highstream.tv/player8/jwplayer.core.controls.js
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type Unicode text, UTF-8 text, with very long lines (65134)
Hash d75658cda8e63cafb4001ed05f1b7b2d
b2b0d1c6bec071ebb492afce4b2e1bbcb54d906c
60aaa32d675d5959b869992c73f6b27d5fddc2dbb462d5322f04e4ae5a596d6c
GET /player8/jwplayer.core.controls.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 23 Apr 2019 15:26:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5cbf2e88-4361d"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
highstream.tv/player8/related.js
109.202.108.222200 OK 26 kB URL HTTP/1.1 highstream.tv/player8/related.js
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type ASCII text, with very long lines (65142)
Hash 84464002a3e2150d505f139dbf4b84a7
077917c0eda140319e92ead45fe28f175ae6e723
6e3f92eb499a13d0072b02bebae9d610eeb9f242e6d176ec395f61b20fe99a22
GET /player8/related.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 22 Apr 2019 18:04:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5cbe0210-1caa1"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5601
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:31 GMT
Last-Modified: Thu, 06 Oct 2022 20:19:10 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
highstream.tv/player8/provider.hlsjs.js
109.202.108.222200 OK 87 kB URL HTTP/1.1 highstream.tv/player8/provider.hlsjs.js
IP 109.202.108.222:0
ASN #49453 Global Layer B.V.
File type ASCII text, with very long lines (37591)
Hash d94b808263bf54c18d5c169be07d0c10
c9c1cff1ed50e056839f0216b8649ae329777a6b
e84ed4ff22ac8b621d4c0e5e6556e4d0ccdc89313de5d501b93b629980e8ccb5
GET /player8/provider.hlsjs.js HTTP/1.1
Host: highstream.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/fhzxh9igqkzd/15375)_Zodiac_-_Die_Spur_des_Killers.mp4.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 22 Apr 2019 18:04:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5cbe0210-4c598"
Expires: Thu, 13 Oct 2022 21:52:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fff02f64b033181b55ac105423234d2a
b390034ef27c83dcf99092b45ab17b44358a7f8a
831eacd19f7d10037c0b47e26b156912e96c83856c12a4f1236df414bc02e921
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "831EACD19F7D10037C0B47E26B156912E96C83856C12A4F1236DF414BC02E921"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3979
Expires: Thu, 06 Oct 2022 22:58:50 GMT
Date: Thu, 06 Oct 2022 21:52:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fff02f64b033181b55ac105423234d2a
b390034ef27c83dcf99092b45ab17b44358a7f8a
831eacd19f7d10037c0b47e26b156912e96c83856c12a4f1236df414bc02e921
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "831EACD19F7D10037C0B47E26B156912E96C83856C12A4F1236DF414BC02E921"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3978
Expires: Thu, 06 Oct 2022 22:58:50 GMT
Date: Thu, 06 Oct 2022 21:52:32 GMT
Connection: keep-alive
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wEGxdnbiUxUU8VXpcjLq+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ATljwTl5BVUVX1jmv2RjBGIHsv8=
jillbuildertuck.com/71/c3/54/71c354f77d8d844c8c201df227b29508.js
192.243.61.225200 OK 20 kB URL HTTP/1.1 jillbuildertuck.com/71/c3/54/71c354f77d8d844c8c201df227b29508.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59415), with no line terminators
Hash 6ea1ba9ede81dda2fefbe3b5fbca5651
ad417606c2b9f06f394f1ed57f2a7d8bdf6e56dd
944e5526aabdec300b0880a57e0ce3ca7affcec5f999102957a8c1c1e3e5d62e
Analyzer Verdict Alert quad9 Sinkholed
GET /71/c3/54/71c354f77d8d844c8c201df227b29508.js HTTP/1.1
Host: jillbuildertuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8db86c8ccfaf8686985f4f708efbcc4a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jillbuildertuck.com/74/79/d1/7479d1734c3b1eb0af5112f9464d0f7c.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 jillbuildertuck.com/74/79/d1/7479d1734c3b1eb0af5112f9464d0f7c.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37143), with no line terminators
Hash bd9e754fef371380b1f15da47a092d4f
f54d2bdaea295eb6d741420b6bbaa5dcb44d1dc6
4b46c4e0f3402547e8b1a5be9c73d031b308e661f120758402feba09f655f8cb
Analyzer Verdict Alert quad9 Sinkholed
GET /74/79/d1/7479d1734c3b1eb0af5112f9464d0f7c.js HTTP/1.1
Host: jillbuildertuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d3fc1b2686217902f2334d4515ccea57
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea4077b4028301e1328a9cd7cc9a0e5
d1706e77c7658796dd9f758c82dd8b430ba37320
7279aa45dc4a241c2d9328d2b54d9813d6187ce4873b67a4523ac1d3821f372b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7279AA45DC4A241C2D9328D2B54D9813D6187CE4873B67A4523AC1D3821F372B"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16500
Expires: Fri, 07 Oct 2022 02:27:32 GMT
Date: Thu, 06 Oct 2022 21:52:32 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 0487695e0218f07012260b1c4679cfb2
2ef42a2e4d45ec28d1811f8f435e8357054601c8
094e6e226db6fe1a0739438731be603ebeca76abe32254cc54b23bd2e7589efb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 21:52:32 GMT
Last-Modified: Thu, 06 Oct 2022 20:49:29 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MHtOYy3fV_yE-bYfvmgAvZb3IpvMF1zjg386XjebfHRBY3V0jxlRkg==
Age: 3783
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 0487695e0218f07012260b1c4679cfb2
2ef42a2e4d45ec28d1811f8f435e8357054601c8
094e6e226db6fe1a0739438731be603ebeca76abe32254cc54b23bd2e7589efb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 21:52:32 GMT
Last-Modified: Thu, 06 Oct 2022 20:40:13 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3KXlNKX2fGFjP1DIuVsOt1Nrf57krlrBU_JK6rMLrlk4cnPsTFC1WA==
Age: 4339
simplewebanalysis.com/stats
3.67.146.56200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.67.146.56:0
File type ASCII text, with no line terminators
Hash 4b4c2388d0e98190383c08f5c15cd414
6835f9d9414e28db0959668265aaf64e88c0de05
0402bfdf3aa70d3dc71950625d8d98240f15aa99dd67449d2f3f06f344e3a2f3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://highstream.tv
access-control-allow-credentials: true
set-cookie: uid_id2=b4c8fc98-16ca-408f-8913-188bee94e401:2:1; expires=Sun, 03 Oct 2032 21:52:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.67.146.56200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.67.146.56:0
File type ASCII text, with no line terminators
Hash 5158fe4d8fc5a050cc6dc002888147f0
637eed10b9bd0dda9be0fe533b0ac178890d0d6a
0ad6a9e170471657ed5f842730be18f2249ee483c55a44448b3c4054fa782da5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://highstream.tv
access-control-allow-credentials: true
set-cookie: uid_id2=22b0b162-0acc-445e-ab0a-f0ff463aedc2:3:1; expires=Sun, 03 Oct 2032 21:52:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5f0ced54b9ae7a7afe4603677f93d2d0
7ff186cf50afa0081b453040709b83b7ef5b4cd4
4deb2a759df140215a2493860a2893949243cd479ad76909198ccfffd8a3deab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DEB2A759DF140215A2493860A2893949243CD479AD76909198CCFFFD8A3DEAB"
Last-Modified: Wed, 05 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8177
Expires: Fri, 07 Oct 2022 00:08:49 GMT
Date: Thu, 06 Oct 2022 21:52:32 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea4077b4028301e1328a9cd7cc9a0e5
d1706e77c7658796dd9f758c82dd8b430ba37320
7279aa45dc4a241c2d9328d2b54d9813d6187ce4873b67a4523ac1d3821f372b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7279AA45DC4A241C2D9328D2B54D9813D6187CE4873B67A4523AC1D3821F372B"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16500
Expires: Fri, 07 Oct 2022 02:27:32 GMT
Date: Thu, 06 Oct 2022 21:52:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 77813dae498fa3d28a5590f0a6d54f05
d05b47e7e68968dfc32d06693cde8b8e9789f28d
5c1576ea01d7446b3be388a8d9403fb9cd49a24b34d2de5f00b155e96e37f134
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C1576EA01D7446B3BE388A8D9403FB9CD49A24B34D2DE5F00B155E96E37F134"
Last-Modified: Tue, 04 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3671
Expires: Thu, 06 Oct 2022 22:53:43 GMT
Date: Thu, 06 Oct 2022 21:52:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7bb6ac20f893e7d9660d472aff46ab81
8d40162a3bfda14eac9a717db86a40b598c551cd
3c377861ee40ea7b3aa43b03867f9abb11746e9fe1cacd37039899a717eb4695
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C377861EE40EA7B3AA43B03867F9ABB11746E9FE1CACD37039899A717EB4695"
Last-Modified: Tue, 04 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6217
Expires: Thu, 06 Oct 2022 23:36:09 GMT
Date: Thu, 06 Oct 2022 21:52:32 GMT
Connection: keep-alive
oblongseller.com/6e/9b/2d/6e9b2de0e0c9cf172257e704ef7cef6c.js
192.243.61.225200 OK 29 kB URL HTTP/1.1 oblongseller.com/6e/9b/2d/6e9b2de0e0c9cf172257e704ef7cef6c.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 47a7833f6637d37ee2f29ee15410fd84
4652eefd73e313c628e9ea03cc3b884d90eebe00
17a706eca7f1fbd428ed8b09dc8c118179483fd8c1c05e40019c45fea9d7f54a
Analyzer Verdict Alert quad9 Sinkholed
GET /6e/9b/2d/6e9b2de0e0c9cf172257e704ef7cef6c.js HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e05b522d217bde6eb4ade0c1d89960b7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
3.67.146.56200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.67.146.56:0
File type ASCII text, with no line terminators
Hash 5158fe4d8fc5a050cc6dc002888147f0
637eed10b9bd0dda9be0fe533b0ac178890d0d6a
0ad6a9e170471657ed5f842730be18f2249ee483c55a44448b3c4054fa782da5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Cookie: uid_id2=22b0b162-0acc-445e-ab0a-f0ff463aedc2:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://highstream.tv
access-control-allow-credentials: true
X-Firefox-Spdy: h2
specialityharmoniousgypsy.com/pixel/purst?dl=0&th=0&sc=0&rs=1714&rd=1714&fd=970&bv=22.8.v.1&tmpl=70
192.243.61.225200 OK 0 B URL HTTP/1.1 specialityharmoniousgypsy.com/pixel/purst?dl=0&th=0&sc=0&rs=1714&rd=1714&fd=970&bv=22.8.v.1&tmpl=70
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1714&rd=1714&fd=970&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: specialityharmoniousgypsy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
banquetunarmedgrater.com/advertisers.js
173.233.137.52200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 06 Oct 2022 21:52:32 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 15cb68daa9ada3c6472ab2865b8b0673
Strict-Transport-Security: max-age=0; includeSubdomains
oblongseller.com/sbar.json?key=7479d1734c3b1eb0af5112f9464d0f7c
192.243.61.225200 OK 4.3 kB URL HTTP/1.1 oblongseller.com/sbar.json?key=7479d1734c3b1eb0af5112f9464d0f7c
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5983), with no line terminators
Hash a50555057bd242d2506d0405e931136d
5a3b0777b9072bf29872557783211b21f3e2725e
daa2d4cbbcce35f0949cd8180b8f3d505165f3b89816afd5ac7095c47b1d1ab2
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=7479d1734c3b1eb0af5112f9464d0f7c HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:33 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://highstream.tv
Access-Control-Allow-Origin: https://highstream.tv
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16092274; expires=Fri, 07 Oct 2022 21:52:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 07 Oct 2022 21:52:33 GMT; secure; SameSite=None
uncs=1; expires=Fri, 07 Oct 2022 21:52:33 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 07 Oct 2022 21:52:33 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 07 Oct 2022 21:52:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8939823c3aeb1f6e2fae45383b3a490e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
oblongseller.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3dzES8qiyCojLcVZNLdM%2BnOuIfgGiPBmKy7ih4Eqa6qmdSmuqup6h%2BTnIIrssiC43%2FQ%2BU6yQY2yXsSLi%2FSsCAaEjKcczMWDNy%2FLLp5EZjYYfVC8V%2FX9Fnzeq%2Fp4Jz8hLnJ6vPim3pJK0dm5ptu4%2BJ7nXWqsyCTvN%2FrzwQdB%2B1LDFC93gqb7YuN1wTb0rO96ruu5XmNJGtHV%2FdmJCJkedLxmx222%2FaY310bf%2FH9vcweWOuDFCXkKko9n7jkXIFmNJL6zKOxGptOXXotzRTNtUPD9d5KNRJcJ4rOyaxx0k%2F1TN7Q9WroLnexNcaGLf42RHBPnp7uIkv1TSETF7pQzUhAJIv44yqKGUDUkrcH0DUh%2BRADGsbqGJL69qk1JNx%2BpdKKOyczD%2B5DlmMz8dgFJ%2FPVlJfuNa1rlmdSJRb9bQfZryF6NNB8h2zoHWY7Asg8h%2BS9k9uEKknh3zSoNyatp71LWkN0aSgxArYN8sqSDvOsgTx3E%2FLjBPM8LXc6oO99hrMVDEQXc9WjY9ajnBvPI2QRvgCwdgKkBmNlGaraxIQcw%2BQ%2Bw6xUsd2CzMXHe2kbBK5SCoLQEJSUoJUGZEZRFtceV9W11myubR95p9k9zqxrqrLdD93TWEwnZSU%2FIk9O5PLhlsCGOG2E77HAvbLVZK%2FJE5NLunOf53U47aHO3GzJYWUHac9NWt%2BSYPP2HRCrHhIx%2BR0RHsGoEJp8AzZ8DLYeh74KuD9vzLraSr9Zlb91mRtC4mRXgukKazSDbdHbUCXlmChL4f0Gww4Uf60%2Ffv%2FhgBGYqpKbCdXmPoKduDq%2Fqkuxe1aUl36ylmYzlFp083rWMZuL8F2%2BIzVIbvrxoB5%2B%2FwibCpDx4W9hshSZcJj1LvrwsORdmSRsmyPfL9l0RXcnt%2BuXcJHm6cuXVpeU4NcJaqZMaVB7ZW2ByTB6jevorn73%2BHaSpYfIKcX5ITgNS12DpNmx6Rm%2F1eRh15olSB2VeDY0fnR0qOSb%2B%2FZ%2BhxOHCnU8%2B%2Bvvgz29BowpW%2FOfiWb1jb6JnngfNbiCJKxSmQqEqUDWAzc8Ps9QcLvzamgYi5QwjZZzdSBn12aPxWnncCFstlwadOS8MqQijtj%2FfDTxOqd8O%2FCCgLWR2zBZWX%2FgHAAD%2F%2FwEAAP%2F%2FZdQgbmQEAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 oblongseller.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3dzES8qiyCojLcVZNLdM%2BnOuIfgGiPBmKy7ih4Eqa6qmdSmuqup6h%2BTnIIrssiC43%2FQ%2BU6yQY2yXsSLi%2FSsCAaEjKcczMWDNy%2FLLp5EZjYYfVC8V%2FX9Fnzeq%2Fp4Jz8hLnJ6vPim3pJK0dm5ptu4%2BJ7nXWqsyCTvN%2FrzwQdB%2B1LDFC93gqb7YuN1wTb0rO96ruu5XmNJGtHV%2FdmJCJkedLxmx222%2FaY310bf%2FH9vcweWOuDFCXkKko9n7jkXIFmNJL6zKOxGptOXXotzRTNtUPD9d5KNRJcJ4rOyaxx0k%2F1TN7Q9WroLnexNcaGLf42RHBPnp7uIkv1TSETF7pQzUhAJIv44yqKGUDUkrcH0DUh%2BRADGsbqGJL69qk1JNx%2BpdKKOyczD%2B5DlmMz8dgFJ%2FPVlJfuNa1rlmdSJRb9bQfZryF6NNB8h2zoHWY7Asg8h%2BS9k9uEKknh3zSoNyatp71LWkN0aSgxArYN8sqSDvOsgTx3E%2FLjBPM8LXc6oO99hrMVDEQXc9WjY9ajnBvPI2QRvgCwdgKkBmNlGaraxIQcw%2BQ%2Bw6xUsd2CzMXHe2kbBK5SCoLQEJSUoJUGZEZRFtceV9W11myubR95p9k9zqxrqrLdD93TWEwnZSU%2FIk9O5PLhlsCGOG2E77HAvbLVZK%2FJE5NLunOf53U47aHO3GzJYWUHac9NWt%2BSYPP2HRCrHhIx%2BR0RHsGoEJp8AzZ8DLYeh74KuD9vzLraSr9Zlb91mRtC4mRXgukKazSDbdHbUCXlmChL4f0Gww4Uf60%2Ffv%2FhgBGYqpKbCdXmPoKduDq%2Fqkuxe1aUl36ylmYzlFp083rWMZuL8F2%2BIzVIbvrxoB5%2B%2FwibCpDx4W9hshSZcJj1LvrwsORdmSRsmyPfL9l0RXcnt%2BuXcJHm6cuXVpeU4NcJaqZMaVB7ZW2ByTB6jevorn73%2BHaSpYfIKcX5ITgNS12DpNmx6Rm%2F1eRh15olSB2VeDY0fnR0qOSb%2B%2FZ%2BhxOHCnU8%2B%2Bvvgz29BowpW%2FOfiWb1jb6JnngfNbiCJKxSmQqEqUDWAzc8Ps9QcLvzamgYi5QwjZZzdSBn12aPxWnncCFstlwadOS8MqQijtj%2FfDTxOqd8O%2FCCgLWR2zBZWX%2FgHAAD%2F%2FwEAAP%2F%2FZdQgbmQEAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3dzES8qiyCojLcVZNLdM%2BnOuIfgGiPBmKy7ih4Eqa6qmdSmuqup6h%2BTnIIrssiC43%2FQ%2BU6yQY2yXsSLi%2FSsCAaEjKcczMWDNy%2FLLp5EZjYYfVC8V%2FX9Fnzeq%2Fp4Jz8hLnJ6vPim3pJK0dm5ptu4%2BJ7nXWqsyCTvN%2FrzwQdB%2B1LDFC93gqb7YuN1wTb0rO96ruu5XmNJGtHV%2FdmJCJkedLxmx222%2FaY310bf%2FH9vcweWOuDFCXkKko9n7jkXIFmNJL6zKOxGptOXXotzRTNtUPD9d5KNRJcJ4rOyaxx0k%2F1TN7Q9WroLnexNcaGLf42RHBPnp7uIkv1TSETF7pQzUhAJIv44yqKGUDUkrcH0DUh%2BRADGsbqGJL69qk1JNx%2BpdKKOyczD%2B5DlmMz8dgFJ%2FPVlJfuNa1rlmdSJRb9bQfZryF6NNB8h2zoHWY7Asg8h%2BS9k9uEKknh3zSoNyatp71LWkN0aSgxArYN8sqSDvOsgTx3E%2FLjBPM8LXc6oO99hrMVDEQXc9WjY9ajnBvPI2QRvgCwdgKkBmNlGaraxIQcw%2BQ%2Bw6xUsd2CzMXHe2kbBK5SCoLQEJSUoJUGZEZRFtceV9W11myubR95p9k9zqxrqrLdD93TWEwnZSU%2FIk9O5PLhlsCGOG2E77HAvbLVZK%2FJE5NLunOf53U47aHO3GzJYWUHac9NWt%2BSYPP2HRCrHhIx%2BR0RHsGoEJp8AzZ8DLYeh74KuD9vzLraSr9Zlb91mRtC4mRXgukKazSDbdHbUCXlmChL4f0Gww4Uf60%2Ffv%2FhgBGYqpKbCdXmPoKduDq%2Fqkuxe1aUl36ylmYzlFp083rWMZuL8F2%2BIzVIbvrxoB5%2B%2FwibCpDx4W9hshSZcJj1LvrwsORdmSRsmyPfL9l0RXcnt%2BuXcJHm6cuXVpeU4NcJaqZMaVB7ZW2ByTB6jevorn73%2BHaSpYfIKcX5ITgNS12DpNmx6Rm%2F1eRh15olSB2VeDY0fnR0qOSb%2B%2FZ%2BhxOHCnU8%2B%2Bvvgz29BowpW%2FOfiWb1jb6JnngfNbiCJKxSmQqEqUDWAzc8Ps9QcLvzamgYi5QwjZZzdSBn12aPxWnncCFstlwadOS8MqQijtj%2FfDTxOqd8O%2FCCgLWR2zBZWX%2FgHAAD%2F%2FwEAAP%2F%2FZdQgbmQEAAA%3D HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Cookie: u_pl=16092274; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:33 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0f18e9e28c47664d422832959b5624a7
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 39a707000f339fcdc7ac3ee2907e3a8a
eb11a5d140624aefd527e63c79c074d82ad7ce93
b50981fb27d8c9842202999d5d2c931ac96bbe22a5f9eb6bc6ef417bf73fd06a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B50981FB27D8C9842202999D5D2C931AC96BBE22A5F9EB6BC6EF417BF73FD06A"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6083
Expires: Thu, 06 Oct 2022 23:33:56 GMT
Date: Thu, 06 Oct 2022 21:52:33 GMT
Connection: keep-alive
creepingbrings.com/sfp.js
172.64.128.12200 OK 28 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.128.12:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 7cb045097a42e6fcb97f0e92b91d9712
e54af4ea18c16514cf6d9170d05e595a2c47b772
0dcf5dc17fda3f67754d9ad3982481648b734237286b3ad3607d723809b275bd
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: fff6b544247ff5242b1943e2ed28184d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 06 Oct 2022 21:52:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2zRMyZL0ZQe9qAJrZmJ4uIMRmNPtpjUO0ge3qkImqfyq9RorEooLv1247VwnAdI5p5dXokXJ1Xj0E2mhAqiyAyJ3eRGGOR2Ei%2B1aBNrRChly38rOdH5AHaprO6U7WNTlGYz3mE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75619feaff5f71de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ca9f0a1e7b1654478d5598bd84e69a47
4d2d5dd9704d5c31decffbce76f3ed81fd5bc7f8
011737b5d1116b27b596c17b6939e044b6af45ee995cbed0da7a905c68faa9e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "011737B5D1116B27B596C17B6939E044B6AF45EE995CBED0DA7A905C68FAA9E7"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6945
Expires: Thu, 06 Oct 2022 23:48:18 GMT
Date: Thu, 06 Oct 2022 21:52:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
45.133.44.3200 OK 1.0 kB URL HTTP/2 cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash c5632c2f19fca18734ba6180dfdfdb5c
930632ece5f5deb4199e0b10e23f7d5cc7db01ea
2ffe7b94801486821de8b13af683ae62100d8a8d91dadc0fde9ca7118e3d5d55
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:33 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 12:54:16 GMT
etag: W/"602fb4f8-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 06 Oct 2022 22:52:33 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13638
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:52:33 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 06 Oct 2022 20:41:09 GMT
expires: Thu, 06 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 4284
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13638
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:52:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13638
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:52:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:27:43 GMT
age: 62690
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: 13fcd792-1fcc-44b5-aa9e-d2773a60fe77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHrbIAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5b5f5d781b9d651b68c04f2e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wfnbRpTKni8hbAmJXO9vdisV6ZPoRP-eBb3wP4RzPS7MlXvp7282dw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:36:43 GMT
age: 950
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 488ec5b4267ccb1cdc4e6e08556f7f3b
42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 9b3b52d6-08b4-4893-962b-3dfe67e2f11d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjTijF0vIAMFq3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dffa9-0a128734418b6c4d6375e2ac;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 22:05:29 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iRuujAZLL_0mf5_-FhMXpuWwHy-jidhBkFuBIZLo0tLlJArZgFEcbA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 16:10:55 GMT
age: 20498
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:38:07 GMT
age: 866
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.211.2200 OK 54 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (2910)
Hash 252589bfe8d83d379cabc8903d52f736
913bfc078c8d01ca2e8fd1ee56f375119c7b848b
72607c883ab77f2f028cc23f4472ebbddda1dbe695a07273c77e2b048ff33264
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 06 Oct 2022 21:52:33 GMT
expires: Thu, 06 Oct 2022 21:52:33 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6268444504301428170
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54535
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 86153
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:36:43 GMT
age: 950
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
intimidatekerneljames.com/pixel/purst?dl=0&th=0&sc=0&rs=2332&rd=2332&fd=575&bv=22.8.v.2&tmpl=136
192.243.59.20200 OK 0 B URL HTTP/1.1 intimidatekerneljames.com/pixel/purst?dl=0&th=0&sc=0&rs=2332&rd=2332&fd=575&bv=22.8.v.2&tmpl=136
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2332&rd=2332&fd=575&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: intimidatekerneljames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 21:52:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da32fcedc22c3f8071079610e24227d2
b80c8b3315fe0dfdbf02cb1e46ec49fce2e6d858
3dbffb2bb666ae31dbbb9611ad68b92c6bc7da1750d5bac1c0dea372f34f39e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3DBFFB2BB666AE31DBBB9611AD68B92C6BC7DA1750D5BAC1C0DEA372F34F39E8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6763
Expires: Thu, 06 Oct 2022 23:45:16 GMT
Date: Thu, 06 Oct 2022 21:52:33 GMT
Connection: keep-alive
oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=416
192.243.61.225200 OK 0 B URL HTTP/1.1 oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=416
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=416 HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Cookie: u_pl=16092274; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da32fcedc22c3f8071079610e24227d2
b80c8b3315fe0dfdbf02cb1e46ec49fce2e6d858
3dbffb2bb666ae31dbbb9611ad68b92c6bc7da1750d5bac1c0dea372f34f39e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3DBFFB2BB666AE31DBBB9611AD68B92C6BC7DA1750D5BAC1C0DEA372F34F39E8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6763
Expires: Thu, 06 Oct 2022 23:45:16 GMT
Date: Thu, 06 Oct 2022 21:52:33 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
172.64.201.2200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
IP 172.64.201.2:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f2dadba8019fd4ee5c1fdd6f1c6ab933
1464d487b499523d63a17288ddb3f24f03665b1c
2573f3a8dab1cb119f7b2a384c38e91d1f07f8f9663f8803619dcbfc52557008
GET /sb/ssp/utility/social-media/whatsapp/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:33 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:19:43 GMT
etag: W/"60254b0f-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5572103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9ByxK%2BsYUYCUp8zlCHFKhW4lioxm1oPni2Xo2jt9u6vZtJ42AfgYUwWR6ep3S5HiYkqJaKDcSQfS2uR5UVF9XP%2FwdE4eQSB9SEsYPPdJ%2Fvd5pCwxqDwy%2Fqf5%2BK5UquKC0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75619ff34a187765-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
172.64.201.2200 OK 122 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
IP 172.64.201.2:0
Size 122 kB (122043 bytes)
Hash 4fbc4f8c32c0465cf98e9296b1305b0a
1c300b65a90988ac69102e717942aecf46fa76c7
92c592773e583dde29c876d3cda8df26938ab94a72f8142cf3b56ca9adf94a92
GET /sb/ssp/utility/social-media/whatsapp/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:33 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2973795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nn7Wqt%2BFmUqIiErUkYkFe3t9SPpAJbo3KFzjhV%2BbDLfT7%2FZY3%2FNmdAFSxwTlZIe0TjJuDAEyn0Gf2f8S8Q83UxtGBIvHAZwvF6ozuS2Jf1ySBTM5WUuR3N2ZX68Lv9OWXgw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75619ff329d57765-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 942e73f03b374c0adc3f69e0fa8d99c0
7e356c191072d5a8f4496b387e04ad5486762bba
a5cb8c201c57fd48e813ec365a1ad715380c6a711c19f6588728b87622b2d59f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5CB8C201C57FD48E813EC365A1AD715380C6A711C19F6588728B87622B2D59F"
Last-Modified: Wed, 05 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8960
Expires: Fri, 07 Oct 2022 00:21:53 GMT
Date: Thu, 06 Oct 2022 21:52:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
172.64.201.2200 OK 18 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
IP 172.64.201.2:0
Hash 7f8690d1289d61c00c2840b464def17c
4d91acae77e3ffda2f80ce26fe52e41950211c14
9daae83341c4592c6c17fcf871bf3a28f628346f24fc98729e70e47179b79f82
GET /sb/ssp/utility/social-media/whatsapp/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:33 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:30:40 GMT
etag: W/"6128daf0-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 852083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjv04oMhd%2BA0a3GFhMA9%2FEpMhu1VXAJ40cKIo7MY3P0xfcUPIsYxywO%2B9LvPmbj22pBUxwB%2BvSjS%2BlZROdhR9di3vtpPIcP3f9WRxn8S%2FOtJQE1%2F%2BAELT2iw5iVaeunaML4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75619ff319b37765-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
172.64.201.2200 OK 870 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
IP 172.64.201.2:0
Hash eb5fb26e4177414ec503846624a62987
fbe6b3ebe2bd46bdf3beead0b036f5fb4a5f50ef
3be2d73d50c27cdf851da7b900e5e82ceb79109147959e76b474e2150f644bda
GET /sb/ssp/utility/social-media/whatsapp/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:33 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5570449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6YSsG0Nt76TUrrskuoy92OaJqIN2OWZi92bx74%2BzUBTbH7Lm815W4aoQwxaxtudFavUVmmGzKWKZyhnO7dp8WdBj%2FYHpu4kYod9vXJQO0hS8WfmDVdQTuK63I0MN8JkdSs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75619ff309b07765-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=114
192.243.61.225200 OK 0 B URL HTTP/1.1 oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=114
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=114 HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Cookie: u_pl=16092274; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
adservice.google.no/adsid/integrator.js?domain=highstream.tv
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=highstream.tv
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=highstream.tv HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:52:34 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=highstream.tv
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=highstream.tv
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=highstream.tv HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:52:34 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=129
192.243.61.225200 OK 0 B URL HTTP/1.1 oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=129
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=129 HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Cookie: u_pl=16092274; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a.shukriya90.com/api/spots/313196?host=highstream.tv&ev=196&wh=939&ww=1280&kw=15375)%2Czodiac%2Cdie%2Cspur%2Cdes%2Ckillers%2Cmp4&s1=%25subid1%25
135.181.208.216200 OK 343 B URL HTTP/2 a.shukriya90.com/api/spots/313196?host=highstream.tv&ev=196&wh=939&ww=1280&kw=15375)%2Czodiac%2Cdie%2Cspur%2Cdes%2Ckillers%2Cmp4&s1=%25subid1%25
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (325)
Hash 7557d7c4072fc92d698800215c2bb12f
1ed7f759f626764f0d99b2bbc7710e568ce03082
2f405f26c942bc0eb54129d2932f952fc714509f2ad6361f694273310f1e0a15
GET /api/spots/313196?host=highstream.tv&ev=196&wh=939&ww=1280&kw=15375)%2Czodiac%2Cdie%2Cspur%2Cdes%2Ckillers%2Cmp4&s1=%25subid1%25 HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:52:34 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=XPA3UQtZScx7M3chOkNM; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68cae76ca08d4e9629466fe6e31c4401
174a7298fb239a33068a15a2e900956dee1f5c2c
e0a2fb0dd6b622408d720f55ba8a8e21edd3d6ab6072aaa716e13ae6af3f6381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=highstream.tv&callback=_gfp_s_&client=ca-pub-3404431671571864
172.217.21.162200 OK 203 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=highstream.tv&callback=_gfp_s_&client=ca-pub-3404431671571864
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash dca8e303c64e0992270093d253ea0b19
056d253bc976929214a2dc2f9e41d7b6b2b75b59
994c7330b8cff31ca866859f1d81401f2ec132ffe32881fbbbf7b273188f2c6b
GET /gampad/cookie.js?domain=highstream.tv&callback=_gfp_s_&client=ca-pub-3404431671571864 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:52:34 GMT
server: cafe
cache-control: private
content-length: 203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 94706
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 94706
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oblongseller.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3dzES8qiyCojLcVZNI9v8c9BNcYCcZk3VX0IEj96kltqruaqu7pSU7BFVlkwfE%2F6Hwn2aBGWS%2FixUV6VgQDQsZTDubiwZuXZRdPIjMbjD4o3qv6fgs%2B71V9vJOdEB8ZPV5802wprel8s%2BpXLr4XBJcqKyrOBpVBp%2FVBq3GpYvsvd1tV%2F8XK65JvmPmaH%2Fh%2B4AeVJWVlaAbzUxEqOegG1a5fbdSqQbOBgf3%2F3mUeHPUg%2BifkKSgxmbvnXYDiJeLozqJ0G6lJXnotyjRNjUVf7L8Tb8QmjxGdlaH1EMb7p24Yd7R0Fybem%2BHC9P81MjUh3k93weL9U0iw%2Fu6Mk2nIGEw8jrxfQuoSipbg5gaUOCIAF1hdQxzdXjU2p5uPVDpVJ2Tu4X2ofELmfruAOPr6slaDyjWjs1SZ2GEQFlCDEqpXIsnGSLfOQeVj8PRDKPELmX%2B4gjjaXXPaQIli1rtSJVRYQsshqPOQTZfykIUessRDJI4rPAiCti849TtdzuuiLVlL%2BAFthwEN%2FFYHGZ%2FiDZEmQ3A9BLfbSOw2NtQQNvsBbr2AEx5cOiHeW9voiwK5JMgdQU4JckWQpwR5v9gT2tVccVtol7HgNNdOc70YmbS3Q%2FdM2pMx2UlOyJOzuTy4ZbEhjyvtRrsrgna9wesskMynYTMIamG30WoIP2xzOFVAuXOzVrfUhDz9h0KiJoSMfwejYzg9BldPgGbPgeajds0HXR81Oj624q%2FWVW%2FdpVbSqJr2IUyBJJ1Duunt6BPyzAykVfsLkh8u%2FFh%2B%2Bv7FB2NwWyCxBa6rewQ9fXN01eRk96rJHflmLUlVpLbo9PGupTSV5794Q27mxorlRTf8%2FBU%2BFablwdvSpSs0FiruOfLlZSWEtEvGckm%2BX3bvSnYlc%2BuXMxtnycqVV5eWo8RK55SJS1B15G6Bqwl5jJrZr3z2%2BndQtoTNCkTZITkNKFOCJ9twyRm9M%2Bdh9ZmHJR7yrBjZGjs71GpCavd%2FhpaHC3c%2B%2Bejvgz%2B%2FBWUFnPzPxbN6x91Ezz4Pmt5AHBXo2wJ9XYDqIVx2fpQm9nDh1%2FoswLQ3Ytp6u0xb%2Fdmj8Tp1XKn7os1kKNtMNpqNUHLBmk3m85Czuuh0OFI34QurL%2FwDAAD%2F%2FwEAAP%2F%2F5QD1hmQEAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 oblongseller.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3dzES8qiyCojLcVZNI9v8c9BNcYCcZk3VX0IEj96kltqruaqu7pSU7BFVlkwfE%2F6Hwn2aBGWS%2FixUV6VgQDQsZTDubiwZuXZRdPIjMbjD4o3qv6fgs%2B71V9vJOdEB8ZPV5802wprel8s%2BpXLr4XBJcqKyrOBpVBp%2FVBq3GpYvsvd1tV%2F8XK65JvmPmaH%2Fh%2B4AeVJWVlaAbzUxEqOegG1a5fbdSqQbOBgf3%2F3mUeHPUg%2BifkKSgxmbvnXYDiJeLozqJ0G6lJXnotyjRNjUVf7L8Tb8QmjxGdlaH1EMb7p24Yd7R0Fybem%2BHC9P81MjUh3k93weL9U0iw%2Fu6Mk2nIGEw8jrxfQuoSipbg5gaUOCIAF1hdQxzdXjU2p5uPVDpVJ2Tu4X2ofELmfruAOPr6slaDyjWjs1SZ2GEQFlCDEqpXIsnGSLfOQeVj8PRDKPELmX%2B4gjjaXXPaQIli1rtSJVRYQsshqPOQTZfykIUessRDJI4rPAiCti849TtdzuuiLVlL%2BAFthwEN%2FFYHGZ%2FiDZEmQ3A9BLfbSOw2NtQQNvsBbr2AEx5cOiHeW9voiwK5JMgdQU4JckWQpwR5v9gT2tVccVtol7HgNNdOc70YmbS3Q%2FdM2pMx2UlOyJOzuTy4ZbEhjyvtRrsrgna9wesskMynYTMIamG30WoIP2xzOFVAuXOzVrfUhDz9h0KiJoSMfwejYzg9BldPgGbPgeajds0HXR81Oj624q%2FWVW%2FdpVbSqJr2IUyBJJ1Duunt6BPyzAykVfsLkh8u%2FFh%2B%2Bv7FB2NwWyCxBa6rewQ9fXN01eRk96rJHflmLUlVpLbo9PGupTSV5794Q27mxorlRTf8%2FBU%2BFablwdvSpSs0FiruOfLlZSWEtEvGckm%2BX3bvSnYlc%2BuXMxtnycqVV5eWo8RK55SJS1B15G6Bqwl5jJrZr3z2%2BndQtoTNCkTZITkNKFOCJ9twyRm9M%2Bdh9ZmHJR7yrBjZGjs71GpCavd%2FhpaHC3c%2B%2Bejvgz%2B%2FBWUFnPzPxbN6x91Ezz4Pmt5AHBXo2wJ9XYDqIVx2fpQm9nDh1%2FoswLQ3Ytp6u0xb%2Fdmj8Tp1XKn7os1kKNtMNpqNUHLBmk3m85Czuuh0OFI34QurL%2FwDAAD%2F%2FwEAAP%2F%2F5QD1hmQEAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3dzES8qiyCojLcVZNI9v8c9BNcYCcZk3VX0IEj96kltqruaqu7pSU7BFVlkwfE%2F6Hwn2aBGWS%2FixUV6VgQDQsZTDubiwZuXZRdPIjMbjD4o3qv6fgs%2B71V9vJOdEB8ZPV5802wprel8s%2BpXLr4XBJcqKyrOBpVBp%2FVBq3GpYvsvd1tV%2F8XK65JvmPmaH%2Fh%2B4AeVJWVlaAbzUxEqOegG1a5fbdSqQbOBgf3%2F3mUeHPUg%2BifkKSgxmbvnXYDiJeLozqJ0G6lJXnotyjRNjUVf7L8Tb8QmjxGdlaH1EMb7p24Yd7R0Fybem%2BHC9P81MjUh3k93weL9U0iw%2Fu6Mk2nIGEw8jrxfQuoSipbg5gaUOCIAF1hdQxzdXjU2p5uPVDpVJ2Tu4X2ofELmfruAOPr6slaDyjWjs1SZ2GEQFlCDEqpXIsnGSLfOQeVj8PRDKPELmX%2B4gjjaXXPaQIli1rtSJVRYQsshqPOQTZfykIUessRDJI4rPAiCti849TtdzuuiLVlL%2BAFthwEN%2FFYHGZ%2FiDZEmQ3A9BLfbSOw2NtQQNvsBbr2AEx5cOiHeW9voiwK5JMgdQU4JckWQpwR5v9gT2tVccVtol7HgNNdOc70YmbS3Q%2FdM2pMx2UlOyJOzuTy4ZbEhjyvtRrsrgna9wesskMynYTMIamG30WoIP2xzOFVAuXOzVrfUhDz9h0KiJoSMfwejYzg9BldPgGbPgeajds0HXR81Oj624q%2FWVW%2FdpVbSqJr2IUyBJJ1Duunt6BPyzAykVfsLkh8u%2FFh%2B%2Bv7FB2NwWyCxBa6rewQ9fXN01eRk96rJHflmLUlVpLbo9PGupTSV5794Q27mxorlRTf8%2FBU%2BFablwdvSpSs0FiruOfLlZSWEtEvGckm%2BX3bvSnYlc%2BuXMxtnycqVV5eWo8RK55SJS1B15G6Bqwl5jJrZr3z2%2BndQtoTNCkTZITkNKFOCJ9twyRm9M%2Bdh9ZmHJR7yrBjZGjs71GpCavd%2FhpaHC3c%2B%2Bejvgz%2B%2FBWUFnPzPxbN6x91Ezz4Pmt5AHBXo2wJ9XYDqIVx2fpQm9nDh1%2FoswLQ3Ytp6u0xb%2Fdmj8Tp1XKn7os1kKNtMNpqNUHLBmk3m85Czuuh0OFI34QurL%2FwDAAD%2F%2FwEAAP%2F%2F5QD1hmQEAAA%3D HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Cookie: u_pl=16092274; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d28b54cc93c3a58ac6b2902025b0ed42
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68cae76ca08d4e9629466fe6e31c4401
174a7298fb239a33068a15a2e900956dee1f5c2c
e0a2fb0dd6b622408d720f55ba8a8e21edd3d6ab6072aaa716e13ae6af3f6381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oblongseller.com/pixel/sbs?c=1
192.243.61.225200 OK 0 B URL HTTP/1.1 oblongseller.com/pixel/sbs?c=1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Cookie: u_pl=16092274; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 36b2ebb263a694be6b81a02818e3d9e4
b73b329f15a2fc2ab0d6ea468695b3f79c27be94
e76b12ed5b195fddd74ac3f63fd2f985e22fea47c025eec8b0260b5560f9c515
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 06 Oct 2022 21:52:34 GMT
expires: Thu, 06 Oct 2022 21:52:34 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 510 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash d9c4727f3cc6be2b42b73bd614d53aed
fbba523380b5a3d562e06c286c7bd0a84d5aa880
4bc945202abece8a0a2e247eccb0768f1c150dcd0cffd6a9a3ebf6d55aeee012
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 06 Oct 2022 21:52:34 GMT
date: Thu, 06 Oct 2022 21:52:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-mMEoag0comQbuYeCBF1VSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash af1f092cbee09527c29745a38b571ee5
c75b0c4481f19436b25a215850ca716bf7e13729
61faf23ee48d62ce62a8ec5001ed604f74a7a8b9a419d9b6b41eb67753364180
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61FAF23EE48D62CE62A8EC5001ED604F74A7A8B9A419D9B6B41EB67753364180"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11860
Expires: Fri, 07 Oct 2022 01:10:14 GMT
Date: Thu, 06 Oct 2022 21:52:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash af1f092cbee09527c29745a38b571ee5
c75b0c4481f19436b25a215850ca716bf7e13729
61faf23ee48d62ce62a8ec5001ed604f74a7a8b9a419d9b6b41eb67753364180
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61FAF23EE48D62CE62A8EC5001ED604F74A7A8B9A419D9B6B41EB67753364180"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11860
Expires: Fri, 07 Oct 2022 01:10:14 GMT
Date: Thu, 06 Oct 2022 21:52:34 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=22b0b162-0acc-445e-ab0a-f0ff463aedc2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=71c354f77d8d844c8c201df227b29508&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=22b0b162-0acc-445e-ab0a-f0ff463aedc2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=71c354f77d8d844c8c201df227b29508&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=22b0b162-0acc-445e-ab0a-f0ff463aedc2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=71c354f77d8d844c8c201df227b29508&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9389ebb4dcb81ffc92ce157324c0ca14
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=22b0b162-0acc-445e-ab0a-f0ff463aedc2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=6e9b2de0e0c9cf172257e704ef7cef6c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=22b0b162-0acc-445e-ab0a-f0ff463aedc2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=6e9b2de0e0c9cf172257e704ef7cef6c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=22b0b162-0acc-445e-ab0a-f0ff463aedc2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=6e9b2de0e0c9cf172257e704ef7cef6c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8dc3deaa759baedeb673c5de85c32956
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=22b0b162-0acc-445e-ab0a-f0ff463aedc2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7479d1734c3b1eb0af5112f9464d0f7c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=22b0b162-0acc-445e-ab0a-f0ff463aedc2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7479d1734c3b1eb0af5112f9464d0f7c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=22b0b162-0acc-445e-ab0a-f0ff463aedc2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7479d1734c3b1eb0af5112f9464d0f7c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:52:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96b99b57c866156b5733dc177a938fac
Strict-Transport-Security: max-age=0; includeSubdomains
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
IP 104.18.11.207:0
GET /bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/03/2021 14:28:52
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: a66efccb6d17dbe2e9bcc78078ba0437
cdn-cache: HIT
cf-cache-status: HIT
age: 10528490
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75619fe4ca00b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP 104.18.11.207:0
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-06-08 21:21:23
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 2330556811af2b51bb74c3d6ffc80b15
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 13355856
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75619fe4c9feb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highstream.tv
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 8f8ff045f37b75fe67e37c644e860320
cdn-cache: HIT
cf-cache-status: HIT
age: 10528489
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75619fe4c9fab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
172.64.100.4200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.100.4:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://highstream.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:52:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 88de35937b57ae59e4611f4b74a9fc28
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 06 Oct 2022 21:52:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHP9ZcaZkL4wOEyiQRjXmgUrBxBEQHwIleXxAD88tCAFWYkdzF1SMHsPAQs10v9JAug5V7XtDz%2BKq03czXrK7wMkYMuGkSRDSDWGrIr8%2Bh9rfbtA6jIg5THYVoCaisx4B0LSBaM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75619feb19f57779-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2