Report - gimytv.in/eps/201654753-hd.html

Report Overview

Submitted URL
gimytv.in/eps/201654753-hd.html
IP
172.67.129.103
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-26 13:22:27
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	393 B	104.16.56.101
gimytv.in	97214	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	822 B	1.3 kB	172.67.129.103
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	790 B	31 kB	104.17.25.14
rndskittytor.com	31865	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	46 kB	139.45.197.238
vod1.bdzybf7.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	736 B	1.5 kB	23.224.225.75
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	6.3 kB	104.21.84.149
offerimage.com	304078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	44 kB	104.22.33.172
cloudflareinsights.com	84344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	1.6 kB	104.16.56.101
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	16 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	93.184.220.29
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	172.64.155.188
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	1.9 kB	23.36.79.17
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.82.48.240
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	738 B	139.45.195.8
fleraprt.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	475 B	1.2 kB	139.45.195.254
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	69 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	rndskittytor.com	Sinkholed
2022-11-26	medium	fleraprt.com	Sinkholed
2022-11-26	medium	rndskittytor.com	Sinkholed
2022-11-26	medium	rndskittytor.com	Sinkholed

JavaScript (14)

	URL	Size	First Seen	Last Seen
	gimytv.in/eps/201654753-hd.html	468 B	2023-03-08	2023-09-10
Pretty URL gimytv.in/eps/201654753-hd.html IP 172.67.129.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:53:48 Last Seen2023-09-10 18:31:11 Times Seen2 Hash f33d0339905cc4965f03704b270ee2fd 4acb35d32c3837ed4c62ef3f66cd50b316e31c01 2cb9f02e1fa0098c04160166e7cc06ba3ab42f54ea9c319a02064ed021525ce0 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js	3.4 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2024-04-18 09:48:55 Times Seen4068 Hash 112c8d1b40b3e62e883c743e9d71e0bf 338318e930487b2791a7bcf53ad4601630cc41e2 ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e Loading...

	gimytv.in/eps/201654753-hd.html	180 B	2023-03-11	2023-03-11
Pretty URL gimytv.in/eps/201654753-hd.html IP 172.67.129.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:43:13 Last Seen2023-03-11 20:43:13 Times Seen1 Hash e4e9783bc0140de45527913edbe71a94 40bc3ff6921ccbbc6b041f6b1bbf091b452ecf26 18ccf683d1bbda3a4c5d0fdb8442d15647ed655e9144dd9bdf3982238bc22d93 Loading...

	tzegilo.com/stattag.js	13 kB	2023-03-08	2023-03-12
Pretty URL tzegilo.com/stattag.js IP 104.21.84.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:59 Last Seen2023-03-12 10:48:49 Times Seen1 Hash d0de06f954f7dedba242231b0ec4052d 188d75bb9077832384f889dd15584845790bc146 efae63871ebdeb69e7d64c6782924f72584f962d540b8c55237cba93c026af16 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-20 01:01:34 Times Seen105367 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	gimytv.in/eps/201654753-hd.html	338 B	2023-03-08	2023-09-10
Pretty URL gimytv.in/eps/201654753-hd.html IP 172.67.129.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:53:48 Last Seen2023-09-10 18:31:11 Times Seen2 Hash 119ecab46fcabb3c310697e770e908e1 1d922e2cc82b609db421b5c01a6041e220ac0c9b f8379ced45ed20e51b64517d2fcd83d51c155f1d841cef39717efe3dc382fe68 Loading...

	rndskittytor.com/400/5425629	82 kB	2023-03-11	2023-03-11
Pretty URL rndskittytor.com/400/5425629 IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:43:13 Last Seen2023-03-11 20:43:13 Times Seen1 Hash 6f50f6cc76f175cd4147dff501d20d21 b9bb8238f9a8083f1ca39927a69eed1f4c336ba2 80a657031f9081852d54d5c3d21dbfc91d81d9c07fb80f821f272e06a7ced257 Loading...

	gimytv.in/_watch/33962	2.3 kB	2023-03-08	2023-03-11
Pretty URL gimytv.in/_watch/33962 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:53:48 Last Seen2023-03-11 20:43:13 Times Seen1 Hash babd896fd100ee1b277150d3b5255065 537b2e76f3f8cc4464eeb1268e9e3f729c0d14a8 3c4b8f4d8652fffb86aa56361f84a1b15dac9e7d200521746cb9d221ddb06283 Loading...

	gimytv.in/_watch/33962	76 B	2023-03-11	2023-03-11
Pretty URL gimytv.in/_watch/33962 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:43:13 Last Seen2023-03-11 20:43:13 Times Seen1 Hash 83f7f5bbbbc140b52b3292d4d1ea06f6 8fa50b9ed45d026c8b2878afb737906028189797 17c103841c9d1a263af9222c858ff4468b93048ed0e6d36e19c00735157297ac Loading...

	gimytv.in/static/gimytv/js/bootstrap.min.js	37 kB	2023-03-07	2024-02-25
Pretty URL gimytv.in/static/gimytv/js/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:05:04 Last Seen2024-02-25 03:20:31 Times Seen120 Hash fe9ff4be11b0f4c9e35b04064397e96c faa4ffeb6397a57aa90282c3edc5ebe0005c38d7 4daf0c0d666f4312f0fc122b8fe57a55ef4191d72d3d40f58492442f89fdac63 Loading...

	gimytv.in/eps/201654753-hd.html	166 B	2023-03-08	2023-09-10
Pretty URL gimytv.in/eps/201654753-hd.html IP 172.67.129.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:53:49 Last Seen2023-09-10 18:31:11 Times Seen2 Hash 5c837d2378ba7cf62e658c2027485446 67a9b63c7fcdd1ea007c912cf6c6af8780dca94f 0a63e3ad6d404b1141c43c19001b569eb4635f49b1d2db4af2b37e1931eaa286 Loading...

	gimytv.in/eps/201654753-hd.html	218 B	2023-03-08	2023-03-11
Pretty URL gimytv.in/eps/201654753-hd.html IP 172.67.129.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:53:48 Last Seen2023-03-11 20:43:13 Times Seen1 Hash eaf8366a770982cfa75a68b2f9a2690c 6ff7da09ed0a0d06b208eeb8fe63f0dbdc331f59 096487d30d54b9f3757b03eede1eda5a870683bf5aff26f0a630555396545af1 Loading...

	static.cloudflareinsights.com/beacon.min.js	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.0/hls.min.js	335 kB	2023-03-08	2023-05-22
Pretty URL cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.0/hls.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:53:49 Last Seen2023-05-22 00:43:13 Times Seen5 Hash 931091661f8f7170024441176b995dcf 0ae21147c19419c230750057e5f1af094c532ffe bb1b5f888d11da2960cdf9c448673102c285d2826dc7603eeb2ad1af15c067b3 Loading...

HTTP Transactions (39)

URL IP Response Size

gimytv.in/eps/201654753-hd.html

172.67.129.103

301 Moved Permanently

0 B

URL HTTP/1.1
gimytv.in/eps/201654753-hd.html
IP
172.67.129.103:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /eps/201654753-hd.html HTTP/1.1
Host: gimytv.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 13:22:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 14:22:16 GMT
Location: https://gimytv.in/eps/201654753-hd.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3F%2Fb5Z46rakEBJ0j2IG0jbzP82qDDnQQsZVYEs%2F7%2FVvGZj0jm%2BAYn9kkTkVuDDQjowFjcw%2B%2Ftubv8Xe76WICFhW2yF%2F3i%2FLkH9QnRmIp1YVhdkfoq1P6CsWvcs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702ee931d33b51e-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13502
Expires: Sat, 26 Nov 2022 17:07:18 GMT
Date: Sat, 26 Nov 2022 13:22:16 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3401
Cache-Control: max-age=165933
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:22:16 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:27:49 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7701
Expires: Sat, 26 Nov 2022 15:30:37 GMT
Date: Sat, 26 Nov 2022 13:22:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 13:17:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 284
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Csjl4hIpQ/upiFdfCQ2sOkbCk5JzL2B1CEOcH9AS2KJIdDnlwySSNvRrxdo9LsptIbNvJlXl3EI=
x-amz-request-id: BR4V2YJM4EEBW9JJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 12:44:14 GMT
age: 2282
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:22:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 13:08:54 GMT
cache-control: public,max-age=3600
age: 802
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3898
Cache-Control: max-age=161372
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:22:17 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:11:49 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
27 kB (27433 bytes)
Hash
77bd61b98f7b67af56639229724f8dd4
f04f07dd8ff53e58c32b738f81b71a014bca441d
8ce54c3b77bf31899b27b29188ff4936b580f2bd2b3222d43dda2851ba272e24

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gimytv.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:22:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 286779
expires: Thu, 16 Nov 2023 13:22:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gvc3qruVd0c0WLXss0iIy0pIg7GvNxHxHzvI3GjoqrYi%2BZY0fJQXCzGA2VrXFwXatTHNHePC0AIAxtZXFN3%2F02o2VHlXyOQ6fGk5gCOQofOiPGtWgxNyb8v%2F8MOnP5cJD5P713wO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7702ee991b91b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js

104.17.25.14

200 OK

1.1 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3309)
Size
1.1 kB (1120 bytes)
Hash
db310084f6971d7dd40451b6f92b45fa
dfde84f68544ca488ce989127db9c3bed1949c07
efea7f70881a83096764db90d02d58a3cc5a79cc11f4a0635c7523a25373cfd2

HTTP Headers

GET /ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gimytv.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:22:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 1120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-d35"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5585077
expires: Thu, 16 Nov 2023 13:22:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVr0d3YB0aAqwOKPpSceamhtNP60SAwEUKi3eFs3s4224G7FTPWyxzQEaY0HSVlOHOVQwMdZSdS0uasQVgAWiaekYEMPEv6t87OJxrt46FRuvLohmIf9NW1XUud7iFwqkR0vogc4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7702ee991b95b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
0006b548fbd531537de0c77d02f99b1a
c6fa3623a3785bf6fd910c520e4ece72adcc87ba
6b5cf58f87641bb088d4a65c0ecba2e05c85b5098f96661b9c7981be3fb81757

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6054
Cache-Control: max-age=154877
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:22:17 GMT
Etag: "6381b560-118"
Expires: Mon, 28 Nov 2022 08:23:34 GMT
Last-Modified: Sat, 26 Nov 2022 06:42:40 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280

r3.o.lencr.org/

23.36.77.32

200 OK

11 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
11 kB (10759 bytes)
Hash
dd917d04a914354fa58f4ac1cacb0908
e529c99cfa45f552a2ab2d37ea2eafda5ec79da6
950e8442028e9e71e5e30afff787f0bcf5a865bb883d7c1f52288da691c53a46

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E1D69FAEF655188981C11F19BFF501CE2D3409F7B55428FA41CB16F28E3CB13"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7388
Expires: Sat, 26 Nov 2022 15:25:25 GMT
Date: Sat, 26 Nov 2022 13:22:17 GMT
Connection: keep-alive

push.services.mozilla.com/

35.82.48.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.82.48.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZeZ+r5jPSrqWd9M9dFElsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JhqEFiW9LvHwnimeFfA/4+gaWKM=

rndskittytor.com/400/5425629

139.45.197.238

200 OK

32 kB

URL HTTP/2
rndskittytor.com/400/5425629
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
data
Size
32 kB (31515 bytes)
Hash
837c3f62b4e2f652cb856a9c6db51f82
e2cb0bc6b8aa51dfe5371b241e000242c437c51f
02aa362540c4b5b2e7fc3eef84a5bdfd2edcb9223ef9f96c82921e4b0d3a724e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /400/5425629 HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gimytv.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:22:17 GMT
content-type: application/javascript
x-trace-id: f8bdbbca799b19fd751e951912c782f8
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=8282bf95f4654d4dbbaaf41549b36e16; expires=Sun, 26 Nov 2023 13:22:17 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.84.149

200 OK

5.5 kB

URL HTTP/2
tzegilo.com/stattag.js
IP
104.21.84.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12966), with no line terminators
Size
5.5 kB (5512 bytes)
Hash
cd5f3232635b28294772f4b523ae50d0
8b84e345518d5113f0ec1a395de84198c7d1b599
037c1fc18de9e888c811a8c43efe9cafa5bc832fc665ea948b7d63e020c84192

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gimytv.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:22:17 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSdGMqCV70oSF%2FR7gbc4k9OkZPGxVEheNq9NjkaazXQQ2PJUxBGTlI0p8Sio%2BZLr55balOM5TYBXSkcaRNGZkxR9viwwrfxKvr5VLOzujOAKKQfradb%2FQJzHp1fpqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7702ee9bafdab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
94d86bd8aa3fb64d5ef4ba39b2093f46
f6f8b969e6d14af88dcd584c72ad52d904d459e9
43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15446
Expires: Sat, 26 Nov 2022 17:39:43 GMT
Date: Sat, 26 Nov 2022 13:22:17 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
eb7b989b3377c96ae331f6deeab33ad6
e975c9f5121852023ef22cbee9738cd8db575686
234fb878cf2edc873b7e273491a9054db9ad1264e0e375f83e05a10bc9d60399

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:22:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 12:52:19 GMT
Expires: Thu, 01 Dec 2022 12:52:18 GMT
Etag: "e975c9f5121852023ef22cbee9738cd8db575686"
Cache-Control: max-age=429600,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7702ee9d4ff4b4f4-OSL

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
916b0c3de95bb339af1c63b4e1ba6dc1
fc985f6b939d017e13bff0301cdf9b20cbef2d95
459cdab1f240b6b26b64e87e5abf4cf39d8a43d622ba9e75e656bca94f7efa3a

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gimytv.in
Connection: keep-alive
Referer: https://gimytv.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:22:17 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://gimytv.in
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=25f0dd88d28a418fab320f4681b7d4b8; expires=Sun, 26 Nov 2023 13:22:17 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

708 B

URL HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
data
Size
708 B (708 bytes)
Hash
04bd2953313ff7ca8162cbe60b0d2908
6dbb29d270f70ab5b6c70092f1b7e4a628b435b2
30dedc096b6f1baff3e55ea6032ca259656f3355c836fa570f44dcd013babda9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 910
Origin: https://gimytv.in
Connection: keep-alive
Referer: https://gimytv.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 26 Nov 2022 13:22:19 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://gimytv.in
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

rndskittytor.com/500/5425629?excludes=&oaid=25f0dd88d28a418fab320f4681b7d4b8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fgimytv.in%2Feps%2F201654753-hd.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.238

200 OK

0 B

URL HTTP/2
rndskittytor.com/500/5425629?excludes=&oaid=25f0dd88d28a418fab320f4681b7d4b8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fgimytv.in%2Feps%2F201654753-hd.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/5425629?excludes=&oaid=25f0dd88d28a418fab320f4681b7d4b8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fgimytv.in%2Feps%2F201654753-hd.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://gimytv.in/
Origin: https://gimytv.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:22:18 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://gimytv.in
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
a4171706ee0c331e8d202abf75c8e9fb
098f643a87f1e79b7131e608c2246f8c0599e0fd
e30ca9f4a2d2cf167c1ddac5a64a8338e7330be77af93464aabb20b8a6eec50e

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=852
Date: Sat, 26 Nov 2022 13:22:18 GMT
Connection: keep-alive
X-N: S

offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png

104.22.33.172

200 OK

43 kB

URL HTTP/2
offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
IP
104.22.33.172:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (43157 bytes)
Hash
e27e78d3b01907b714b7d939d7eed85d
2d4aa0d84925e5031861258c341788450ba8b43c
37024bac32f0cc3299c2492471b40e6beb2fd7b3cb73b172d68207e87cdfd6e6

HTTP Headers

GET /www/images/e27e78d3b01907b714b7d939d7eed85d.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gimytv.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:22:18 GMT
content-type: image/png
content-length: 43157
last-modified: Sun, 27 Sep 2020 15:59:04 GMT
etag: "5f70b6c8-a895"
expires: Sun, 27 Nov 2022 09:10:38 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 15100
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7702eea07e6c98f7-ARN
X-Firefox-Spdy: h2

vod1.bdzybf7.com/20200910/MvF8G4eY/index.m3u8

23.224.225.75

429 Too Many Requests

598 B

URL HTTP/1.1
vod1.bdzybf7.com/20200910/MvF8G4eY/index.m3u8
IP
23.224.225.75:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
598 B (598 bytes)
Hash
1426fcdbfc6d8a7b57de930d59a615c5
a3f6aa5b98c49368e75f1cc1ab8f165324df4b5e
22fea9eba78576ad8487ec5ef05198bff9d55740669508f80b21d7223d65f606

HTTP Headers

GET /20200910/MvF8G4eY/index.m3u8 HTTP/1.1
Host: vod1.bdzybf7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gimytv.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 Too Many Requests
Server: Tengine
Date: Sat, 26 Nov 2022 13:22:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 598
Connection: keep-alive

cloudflareinsights.com/cdn-cgi/rum

104.16.56.101

204 No Content

0 B

URL HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 6650
Origin: https://gimytv.in
Connection: keep-alive
Referer: https://gimytv.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sat, 26 Nov 2022 13:22:18 GMT
access-control-allow-origin: https://gimytv.in
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7702eea17fff1c02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16316
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 13:22:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16316
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 13:22:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7799 bytes)
Hash
96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lt_7H9W9LVUS5gKPrBF_vGiXg-anP_bGV5izsxPiGhiasy2eBnltuw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:39 GMT
age: 53319
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3502 bytes)
Hash
a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 34000
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6789 bytes)
Hash
926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 56172
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

36 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
36 kB (36282 bytes)
Hash
e43bb11ed4791e79b7ecef1c2c21de89
e301bbdebc8386ea0fa4a4d1e69ca7ea0805c8cd
8e79fcb84ce0c297b7e0b8528f83fdfd93522bd43a0b29ec9b2c0673c65ba7be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 54263
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9049 bytes)
Hash
c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 56018
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

139.45.197.238

200 OK

12 kB

URL HTTP/2
rndskittytor.com/500/5425629?excludes=&oaid=25f0dd88d28a418fab320f4681b7d4b8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fgimytv.in%2Feps%2F201654753-hd.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
data
Size
12 kB (12342 bytes)
Hash
dc0bc23be3ff3a909932e0e34eed44a6
4df7f922d07a70f0c60d29b7097321dd6e0564b5
1df1e3f7c7ddee04e61adc6ea9911781f26b4176d641ed24225a372f7db028a8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/5425629?excludes=&oaid=25f0dd88d28a418fab320f4681b7d4b8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fgimytv.in%2Feps%2F201654753-hd.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://gimytv.in
Connection: keep-alive
Referer: https://gimytv.in/
Cookie: OAID=8282bf95f4654d4dbbaaf41549b36e16
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:22:18 GMT
content-type: application/javascript
x-trace-id: c7e00ffa3c89a4316f4a6e45f62bb23a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://gimytv.in
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=25f0dd88d28a418fab320f4681b7d4b8; expires=Sun, 26 Nov 2023 13:22:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

vod1.bdzybf7.com/20200910/MvF8G4eY/index.m3u8

23.224.225.75

429 Too Many Requests

598 B

URL HTTP/1.1
vod1.bdzybf7.com/20200910/MvF8G4eY/index.m3u8
IP
23.224.225.75:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
598 B (598 bytes)
Hash
3c966f32489847721f7ca642a5354996
4d365801be20be2c330403269b6105c268b99421
23f419fb24fd8973b90ef7ea86bfacf09445d37f2e8f5b15df1a58d74efa3081

HTTP Headers

GET /20200910/MvF8G4eY/index.m3u8 HTTP/1.1
Host: vod1.bdzybf7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gimytv.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 Too Many Requests
Server: Tengine
Date: Sat, 26 Nov 2022 13:22:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 598
Connection: keep-alive

cloudflareinsights.com/cdn-cgi/rum

104.16.56.101

204 No Content

0 B

URL HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 628
Origin: https://gimytv.in
Connection: keep-alive
Referer: https://gimytv.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sat, 26 Nov 2022 13:22:25 GMT
access-control-allow-origin: https://gimytv.in
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7702eecb4be51c02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cloudflareinsights.com/cdn-cgi/rum

104.16.56.101

200 OK

0 B

URL HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://gimytv.in/
Origin: https://gimytv.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:22:18 GMT
content-type: text/plain
access-control-allow-origin: https://gimytv.in
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7702eea16fef1c02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

cloudflareinsights.com/cdn-cgi/rum

104.16.56.101

200 OK

0 B

URL HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://gimytv.in/
Origin: https://gimytv.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:22:25 GMT
content-type: text/plain
access-control-allow-origin: https://gimytv.in
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7702eecb4bdd1c02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

gimytv.in/eps/201654753-hd.html

104.21.1.139

200 OK

0 B

URL HTTP/2
gimytv.in/eps/201654753-hd.html
IP
104.21.1.139:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eps/201654753-hd.html HTTP/1.1
Host: gimytv.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:22:16 GMT
content-type: text/html; charset=utf-8
expires: Sat, 26 Nov 2022 13:23:22 GMT
cache-control: max-age=180
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Har5Las1setVPnqAWWlNXJaVSqqG4ZaKIzsBKn0dQMz9RPx7kOElYgJ%2F8RuUkfX2b0%2BntGtYA9Rl4PAhzY12oxg2AQQaTIGLxbNjBQ3CPg0DXJWJlDK4%2FqqAY8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702ee951a250b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js

104.16.56.101

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gimytv.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:22:17 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7702ee994d90b505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations