streamlivenow.me/lala/index.php?stream=125617282?sid=1485206
200 OK 1.6 kB URL HTTP/1.1 streamlivenow.me/lala/index.php?stream=125617282?sid=1485206
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (598)
Hash a2727ab14d96657ed8d6a0cbc86e5d24
7f4a51d53b74ee67080e7b4686cbda307329adb8
6002f8225f7325e82f7b0542f3b0345184c6e8c6b308bd657ae2af5f5a1022f6
GET /lala/index.php?stream=125617282?sid=1485206 HTTP/1.1
Host: streamlivenow.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:09:43 GMT
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: HIT
Age: 5568
Last-Modified: Wed, 14 Sep 2022 18:09:43 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dOq32Yvux7JRwPc0Bv1nU5YT%2BqQ1hjfnAKbP5%2BWKsb987AtbBdSknJMcbuWlM%2Bn7c%2FSLgBklPjhX76SWMBNNwv5qMMW4XlkRILsr3Ns5DFRKq0wIyBWqtMrcBu9FnlWu%2F%2BM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab9b33bd71b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 19:09:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gIzpbj8ZBJM0_Vdtyv8XwdI7CoAgGQWLLzfMYcjuePweFSKQO6w0rQ==
Age: 1970
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16804
Expires: Thu, 15 Sep 2022 00:22:35 GMT
Date: Wed, 14 Sep 2022 19:42:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _GTXXRgyfi9eZLB7UPfDiUykh7nA_GQRApUMaeoFgtM6hHzaYKe-dg==
age: 54436
X-Firefox-Spdy: h2
streamlivenow.me/streams/125617282/1485206
200 OK 1.0 kB URL HTTP/1.1 streamlivenow.me/streams/125617282/1485206
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash e6560e35d1e0a7cfac9d013869cc4fd3
af3ab7270f623b17466adf88fba3b61f85385f8a
a47b934fd0e423cd013312502c36e768f14df24c27f1a2853558c80c90f84b24
GET /streams/125617282/1485206 HTTP/1.1
Host: streamlivenow.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamlivenow.me/lala/index.php?stream=125617282?sid=1485206
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:31 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:09:43 GMT
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: HIT
Age: 5567
Last-Modified: Wed, 14 Sep 2022 18:09:44 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1QW07Xm%2BlR8TS2xODF2%2F8WVgVsWAzcaLjpRaH2AnwAQYlH52F4%2FY9e%2Fhv3GAImSRw8i5Hzl%2FO1izIJLfgVkY2t71LXskuwXolV%2FNC%2BaEG8Y2k5Iq2PbejXKVoU%2BmUb56ymC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab9b35d971b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:42:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/300/addthis_widget.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamlivenow.me/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/300/addthis_widget.js
Date: Wed, 14 Sep 2022 19:42:31 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
ardslediana.com/5/5319948
200 OK 23 kB URL HTTP/1.1 ardslediana.com/5/5319948
IP
File type ASCII text, with very long lines (62301), with no line terminators
Hash 2bfb4f5bc59254f8f9b4a88f444cb42e
d11c8fd175c6054bd96f8bc868a2cbd5fcc77811
a968588cb6591dd985d783b15e0db4f4d02bc20e00e620666f3fabf79f87060e
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5319948 HTTP/1.1
Host: ardslediana.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamlivenow.me/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 19:42:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b5fe5819f6ecfdac8c0e5771045b4d2a
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=ef6f05a7868f4930bded0987f757ba4b; expires=Thu, 14 Sep 2023 19:42:31 GMT; path=/
oaidts=1663184551; expires=Thu, 14 Sep 2023 19:42:31 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 747d8ab9cfcc486e741bb422798f31b4
0faaf695f1406cef5d237915fc2c1ebfe9d44d88
2c5f66ecbfd4cb7319cedb359f4f06bcd52fdfb314cefd30a4e414644f74336c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C5F66ECBFD4CB7319CEDB359F4F06BCD52FDFB314CEFD30A4E414644F74336C"
Last-Modified: Tue, 13 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9057
Expires: Wed, 14 Sep 2022 22:13:28 GMT
Date: Wed, 14 Sep 2022 19:42:31 GMT
Connection: keep-alive
streamlivenow.me/js/player.js
200 OK 1.6 kB URL HTTP/1.1 streamlivenow.me/js/player.js
IP
File type ASCII text, with very long lines (451), with CRLF line terminators
Hash 0fb9fdaee1f10ed8cd83c9d3ade82c08
5162ac5a4f00aa02d26a3b40b0abd9bd2ad03f87
82f6661043b2fe38b65c6ea9b81e2194542e820232ab2803ebd3d324e9b212fe
GET /js/player.js HTTP/1.1
Host: streamlivenow.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamlivenow.me/streams/125617282/1485206
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:31 GMT
Content-Type: application/javascript
Content-Length: 1599
Connection: keep-alive
Last-Modified: Wed, 01 Aug 2018 00:21:56 GMT
Cache-Control: private, max-age=1016000
Expires: Fri, 14 Oct 2022 18:26:13 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4578
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoGM5DbIHRvLwG%2B7sQM5GR2i7BNAzZN9jqWDI4LXAUuX6Mv7WFssqKnBGbr2LdrucEQx%2BAN1beVJiuatwxvYytTm%2F9v7iQhYXeBh6ChzjTSUfswvJBJkq9MefdnpOlN14ise"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab9b36cb1cb500-OSL
alt-svc: h2=":443"; ma=60
streamlivenow.me/css/stream.code.css?v=1.1b
200 OK 1.0 kB URL HTTP/1.1 streamlivenow.me/css/stream.code.css?v=1.1b
IP
Hash 5159d0f07dedce0c2bad010ec0000746
4e61296a6db2908e266ab1bfb0930f29b3e85ce6
3c666cf2d81195be5eda12b6244aa2eac3ebb816018842b6210d0efc125fa3fa
GET /css/stream.code.css?v=1.1b HTTP/1.1
Host: streamlivenow.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamlivenow.me/streams/125617282/1485206
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:31 GMT
Content-Type: text/css
Content-Length: 1025
Connection: keep-alive
Last-Modified: Wed, 01 Aug 2018 00:20:08 GMT
Cache-Control: public, max-age=604800
Expires: Fri, 14 Oct 2022 18:26:13 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4578
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=619qs%2FHvwwqTpgsH8GPnLc8aLFYx%2FI98vjLBlHJsE9bmLNjIaDCUpihVVCud%2F3SxomTVFB5%2BEvA9sScYA8vBXmySPRL1hbY3HeygJJ%2FgZ0LGZV6yCZrH0zFf5BhWEg5ZlzSx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab9b36d968b4f4-OSL
alt-svc: h2=":443"; ma=60
s7.addthis.com/js/300/addthis_widget.js
200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://streamlivenow.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116325
date: Wed, 14 Sep 2022 19:42:31 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.min.js
200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP
File type ASCII text, with very long lines (65451)
Hash d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://streamlivenow.me
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:31 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663184551.dop001.sk1.t,1663184551.cds235.sk1.hn,1663184551.cds072.sk1.c
X-Firefox-Spdy: h2
vjs.zencdn.net/6.6.3/video-js.css
200 OK 16 kB URL HTTP/2 vjs.zencdn.net/6.6.3/video-js.css
IP
File type ASCII text, with very long lines (14763)
Hash b1d08545bcf6e62a5254b3b4619691a6
8ccb2099d43a5bd1794543177da37c7dd18c9519
d86da170b8e7ae35b6f2df3da4136c6bc241a6ced591f680ac43605c6f6fb74d
GET /6.6.3/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Jan 2018 19:07:51 GMT
etag: "48169240598eb5b1a1754806f81f7e50"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Wed, 14 Sep 2022 19:42:31 GMT
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 26
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 15764
X-Firefox-Spdy: h2
vjs.zencdn.net/ie8/1.1.2/videojs-ie8.min.js
200 OK 8.9 kB URL HTTP/2 vjs.zencdn.net/ie8/1.1.2/videojs-ie8.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (27236), with no line terminators
Hash c1f1df0d15c6c2385354cd6f1d55ac90
29d75b7acb3856360eaf22df07d5d8fe8e9917db
8fb2e6f24918cbce5dc1984062388d8d2a2191bf107606bedbae6e2f4451b151
GET /ie8/1.1.2/videojs-ie8.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 10 Feb 2016 20:27:09 GMT
etag: "2ff9bb22f0b1789ac170247b0825488f"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Wed, 14 Sep 2022 19:42:31 GMT
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 4512
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 8924
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 41f9179e59a25f47d57ee44aedba74e7
0fc36a87fcedb98f3748739cc0718470de2f59c2
b4a615e3b1606fa2e99cbfca9a7a7b93257ebcf5957c308cfbaf7f8d4f37415a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 01:21:26 GMT
Expires: Tue, 20 Sep 2022 01:21:25 GMT
Etag: "0fc36a87fcedb98f3748739cc0718470de2f59c2"
Cache-Control: max-age=451733,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ab9b379eefb512-OSL
my.rtmark.net/gid.js?userId=ef6f05a7868f4930bded0987f757ba4b
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=ef6f05a7868f4930bded0987f757ba4b
IP
File type JSON data\012- , ASCII text
Hash 6c2a25d3ce8277513ece8974d25214f4
34ba3b2af2e5a80443ab0f6646a5b1152da6a31e
ef1058ae3f395bd891bb32f48b6ec9cb6c5799ea759b0249f59d2b79d2ac6846
GET /gid.js?userId=ef6f05a7868f4930bded0987f757ba4b HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://streamlivenow.me
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:42:31 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://streamlivenow.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ef6f05a7868f4930bded0987f757ba4b; expires=Thu, 14 Sep 2023 19:42:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 14 Sep 2022 19:42:31 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 19:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:37:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0WukwQ3oZa5aGld6m347wxHSeh_I0ku5Tu603JpnJufv0Psl9RewlQ==
Age: 2349
streamlivenow.me/favicon.ico
200 OK 769 B URL HTTP/1.1 streamlivenow.me/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 57d77f65fe10d39e7ee847265d28314e
98115b6a56974fc7460c773d0a25cb2d5f0def63
4450696a78e6a2281c07c61b3b7c9f7052981364351ff3908e339b132973b4a6
GET /favicon.ico HTTP/1.1
Host: streamlivenow.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamlivenow.me/lala/index.php?stream=125617282?sid=1485206
Cookie: __atuvc=1%7C37; __atuvs=63222e999b18bbee000
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:31 GMT
Content-Type: image/x-icon
Content-Length: 769
Connection: keep-alive
Last-Modified: Wed, 01 Aug 2018 00:20:10 GMT
Cache-Control: public, max-age=2592000
Expires: Thu, 14 Sep 2023 18:26:20 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4571
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjsUzE96dJBBJhh6r9xAot0NranZIEhcO8%2FrTlnYqwQ2d%2BL%2BfqWTAJEpUzhx6CPGgHixRv%2Bafl5Rb%2BMv0EvXryF4CWjjK45zz0%2B59E%2B3DJy6cpC7xGhJ4CAS9Yj2OLkTIuZt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab9b391d7cb4f4-OSL
alt-svc: h2=":443"; ma=60
z.moatads.com/addthismoatframe568911941483/moatframe.js
200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=23729
date: Wed, 14 Sep 2022 19:42:31 GMT
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 32 kB IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (32771), with no line terminators
Hash 8243ebdf9793cffca10d078200dbf4fc
762865847cd9e22dd2b955787064f153020a7371
f1760f9dcb98bd9fd5d37b510a6d2d23079df8985e736869d67750413a11864e
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:31 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5cDG5zqNAmGXAwOUthnfGHyxODEVZULmJ2hD%2Bw3ympnXLMDTL6%2FaNW4RQGjd5uTp9QYEJiGJfznN7mE%2B767Es0jn%2BQOL0w7OLrKSLptdeHXQ5F8vYR4aYZOrYTr%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b374912b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-5dc9840997af99ce/_ate.track.config_resp
200 OK 555 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-5dc9840997af99ce/_ate.track.config_resp
IP
File type ASCII text, with very long lines (1608), with no line terminators
Hash 000d89274fec89b7611c06c6861317a0
b046b2572ee96ed46651a015798e2a122c930ad6
e4279e05b947680453f847dc7593f06f2f29583a947ed2fe02fc44502690f55c
GET /live/boost/ra-5dc9840997af99ce/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 555
etag: -1674473246--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=1, s-maxage=86400
date: Wed, 14 Sep 2022 19:42:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=643416631&t=pageview&_s=1&dl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=1459254318&gjid=55717892&cid=1557234813.1663184538&tid=UA-60210697-8&_gid=785140836.1663184538&_r=1&_slc=1&z=640207730
200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=643416631&t=pageview&_s=1&dl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=1459254318&gjid=55717892&cid=1557234813.1663184538&tid=UA-60210697-8&_gid=785140836.1663184538&_r=1&_slc=1&z=640207730
IP
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j96&aip=1&a=643416631&t=pageview&_s=1&dl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=1459254318&gjid=55717892&cid=1557234813.1663184538&tid=UA-60210697-8&_gid=785140836.1663184538&_r=1&_slc=1&z=640207730 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://streamlivenow.me
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://streamlivenow.me
date: Wed, 14 Sep 2022 19:42:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=63222e99353e91b4&bkl=0&bl=1&pdt=400&sid=63222e99353e91b4&pub=ra-5dc9840997af99ce&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=streamlivenow.me&fp=lala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&fr=&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663184537404&jsl=0&uvs=63222e999b18bbee000&skipb=1&callback=addthis.cbs.jsonp__79072722346094790
200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63222e99353e91b4&bkl=0&bl=1&pdt=400&sid=63222e99353e91b4&pub=ra-5dc9840997af99ce&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=streamlivenow.me&fp=lala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&fr=&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663184537404&jsl=0&uvs=63222e999b18bbee000&skipb=1&callback=addthis.cbs.jsonp__79072722346094790
IP
File type ASCII text, with no line terminators
Hash 6a83f4f908fc059c5f815d18543cae7e
0d5c840fa7774039829df19968bc270d5854f5a1
ef07e20a6f249ec188f0a512de90afecc73d4132743f57e157a4e2a7c67bf720
GET /live/red_lojson/300lo.json?si=63222e99353e91b4&bkl=0&bl=1&pdt=400&sid=63222e99353e91b4&pub=ra-5dc9840997af99ce&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=streamlivenow.me&fp=lala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&fr=&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663184537404&jsl=0&uvs=63222e999b18bbee000&skipb=1&callback=addthis.cbs.jsonp__79072722346094790 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Wed, 14 Sep 2022 19:42:32 GMT
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://streamlivenow.me/
Content-Type: text/plain;charset=UTF-8
Origin: http://streamlivenow.me
Content-Length: 1776
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 14 Sep 2022 19:42:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://streamlivenow.me
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4086
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:32 GMT
Last-Modified: Wed, 14 Sep 2022 18:34:26 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Wed, 14 Sep 2022 19:42:32 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
st.chatango.com/js/gz/emb.js
200 OK 24 kB URL HTTP/1.1 st.chatango.com/js/gz/emb.js
IP
File type ASCII text, with very long lines (1651)
Hash 43a6e3a24c5f6d710f01cd9ea166bedf
2b172372c84de07111687133d38ecaee8a15c99e
65878e1003da0b2d589980ebda0a59206831ff7e8be7747532c4080e35c600d7
GET /js/gz/emb.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamlivenow.me/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 19:42:32 GMT
Content-Type: application/x-javascript
Content-Length: 23804
Last-Modified: Wed, 17 Aug 2022 23:45:11 GMT
Connection: keep-alive
Expires: Wed, 14 Sep 2022 19:42:32 GMT
Cache-Control: max-age=0
Content-Encoding: gzip
Accept-Ranges: bytes
vikistream.com/embed2.js
200 OK 27 kB IP
File type ASCII text, with very long lines (322)
Hash 8898d219577847328a74f869e193f8ff
7d515ba23f60699a368e27d26df0adddec4a7984
2dcd67f8bfb276802c257405fa3bc529db93a555eedf20e690fcb620f3652eda
GET /embed2.js HTTP/1.1
Host: vikistream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-type: application/javascript
last-modified: Mon, 16 May 2022 18:22:40 GMT
vary: Accept-Encoding
etag: W/"62829670-4e1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1260
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmPwMF3DNcQloqGYx%2FjjHnlUZwUjjDtitvnagwHfsO6M6tUc5I%2Fw4iesgwBCmfzWN6fvJO7wJOB18QAe8fhPCa9Tzj9AYFq%2FLYTNB23YHECsOmKOPZ%2BP3rN4W1AE5dswOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ab9b3b39620b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PSWvfKWEZVsZI7TKFUqF0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8zfL7NpZLSb+bkYuvTE3L5rv46A=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-migrate-1.2.1.min.js
200 OK 3.1 kB URL HTTP/2 code.jquery.com/jquery-migrate-1.2.1.min.js
IP
File type ASCII text, with very long lines (7085)
Hash e1084a25976d8b8999acadc7350ffb48
99b723d38b78d8347e8dfa60193b12864a370227
b98359c65420aa3864d5b86ef94c4c9a5fb8c772a905884a5ba4ce55319a3d13
GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vikistream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-encoding: gzip
content-length: 3063
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1c1f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663184552.dop225.sk1.t,1663184552.cds067.sk1.hn,1663184552.cds242.sk1.c
X-Firefox-Spdy: h2
oaphoace.net/500/5345130?excludes=&oaid=ef6f05a7868f4930bded0987f757ba4b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/2 oaphoace.net/500/5345130?excludes=&oaid=ef6f05a7868f4930bded0987f757ba4b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5345130?excludes=&oaid=ef6f05a7868f4930bded0987f757ba4b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://streamlivenow.me/
Origin: http://streamlivenow.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:42:32 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://streamlivenow.me
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.11.0.min.js
200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.11.0.min.js
IP
File type ASCII text, with very long lines (32341)
Hash 665423f5df5f30d3e991653d594fd1cd
ad2be638c57e37aa00adacc89d233d70d5c5c927
fce13e871876bba3561cf18484a8f4fcab2d1b954079b78c1d8ff7a727583b33
GET /jquery-1.11.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vikistream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-encoding: gzip
content-length: 33357
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1787d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663184552.dop225.sk1.t,1663184552.cds067.sk1.hn,1663184552.cds206.sk1.c
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
IP
File type ASCII text, with very long lines (32033)
Hash 7556a3f5497d3d7c16638a89ae2a7970
bcf358713c2c9b7fe6a6ea4ff3f7e3a6effdf8e0
d68af37a833fb796074b311adb4d7e62700ac2d6f238b2b07c193149e2918433
GET /ajax/libs/jquery/3.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vikistream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30281
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 02:51:30 GMT
expires: Sat, 09 Sep 2023 02:51:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 492662
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
code.jquery.com/jquery-latest.js
200 OK 84 kB URL HTTP/2 code.jquery.com/jquery-latest.js
IP
Hash ea735805900bbd9b4dc4f93e4348b8d8
2e2d5c3270d6a6a0e4aab05f3a3f4ea8f8f7c07c
962d003a78697a2a9508f3da6cc6a65259f3fb9b59d6eaa1486f7034830494b2
GET /jquery-latest.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vikistream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-encoding: gzip
content-length: 83875
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-4508e"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663184552.dop225.sk1.t,1663184552.cds067.sk1.hn,1663184552.cds212.sk1.c
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5f9f07cf3b6f4a6ec4697884073f575f
170318e9d6077292c2c35b9b532b46e3bb52ab7b
f8b025026a7683f961c993604d440ef726adffc722563f24c85c89431bdc0289
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 05:22:27 GMT
Expires: Wed, 21 Sep 2022 05:22:26 GMT
Etag: "170318e9d6077292c2c35b9b532b46e3bb52ab7b"
Cache-Control: max-age=552593,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ab9b3bdef4b512-OSL
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
200 OK 10 kB URL HTTP/2 cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
IP
File type HTML document, ASCII text, with very long lines (30387)
Hash 5245fb2ca8b98e72f9b7ae0323d76020
eb6493f5f66936432464d98c47f2f0b200309b5b
75d36b8e1e822c4f74c51fa0a97f24ef4c45afc6059d3df9b0f4cc37acd1f231
GET /gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vikistream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.0
x-jsd-version-type: version
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 14 Sep 2022 19:42:32 GMT
age: 10304
x-served-by: cache-fra19163-FRA, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 10250
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
200 OK 56 kB URL HTTP/2 cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 68e30567311cf90843693b1b58d8a801
41eb984e48e78f3bebad21b03878155a80bad8c7
d84f3f76706fff1e49477c8c3952bcd23ea6ba89ab3bc88aaadb070078015e27
GET /npm/swarmcloud-hls@latest/dist/p2p-engine.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vikistream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.4.0
x-jsd-version-type: version
etag: W/"2d984-U3WeKn6bcE2R4FXtwriAr5Spol8"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 14 Sep 2022 19:42:32 GMT
age: 30314
x-served-by: cache-fra19135-FRA, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 55821
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 64111b665b0edf27542bf60d0caed3b8
f535da51522e7e2c1a73aef47a992ac049b1903c
0c8ce2eee4d5296c650c746eb0c06379f297923d28e2e12909bbdbeaa0b98c15
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "47056A96CAE6A54ECC4885E9B93F2DC7F4EB5817"
Expires: Thu, 15 Sep 2022 07:00:00 GMT
Last-Modified: Wed, 14 Sep 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 831
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ab9b3d9e5db506-OSL
offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
200 OK 97 kB URL HTTP/2 offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ef316842349308dfa69b2337a1f2f26
cfb295c74af7d2432c8f0dde1819e1aa35b2ab89
88d7d3964d36d102797d185fb23dab82ac6142c12a5119497b95d2dc018c5bcd
GET /www/images/3ef316842349308dfa69b2337a1f2f26.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-type: image/png
content-length: 96644
last-modified: Thu, 10 Dec 2020 16:09:13 GMT
etag: "5fd24829-17984"
expires: Thu, 15 Sep 2022 16:12:20 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 12612
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b3e5929b51d-OSL
X-Firefox-Spdy: h2
1l1l.to/ch12
200 OK 142 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (676)
Size 142 kB (142284 bytes)
Hash 338d4e0d2d8eec6439e83e23a4c24b40
177d7a01ca8828383bee00801331add8d1a15e2b
f5e49e6a614cafae4a6b1b8cea72b78d935f1c9025cf7eacf293aa9b6ccca80a
GET /ch12 HTTP/1.1
Host: 1l1l.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtVHXyMgaOKkL3OFIZcuVE1hRhRNVdSn5TDDA3eWGFw2JfqR9exH7wDEEhe4mHRI68ilGt%2FS9d2TtdD4k8Idmnmca3MjH3Iiu6EqTiymJx9F5HdlGZ1VxcFm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ab9b3a5fc0b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5f9f07cf3b6f4a6ec4697884073f575f
170318e9d6077292c2c35b9b532b46e3bb52ab7b
f8b025026a7683f961c993604d440ef726adffc722563f24c85c89431bdc0289
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 05:22:27 GMT
Expires: Wed, 21 Sep 2022 05:22:26 GMT
Etag: "170318e9d6077292c2c35b9b532b46e3bb52ab7b"
Cache-Control: max-age=552593,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ab9b3e6ba4b512-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ee8b7194451891600db7555f3ebfeafa
5d89d18feef0061912fdff4dd9258dcfd9f5113f
ea6941effb0b176fa7540a4bddf4530a489c7fb9869a6689cbb5cb7f8b79c404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA6941EFFB0B176FA7540A4BDDF4530A489C7FB9869A6689CBB5CB7F8B79C404"
Last-Modified: Tue, 13 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16672
Expires: Thu, 15 Sep 2022 00:20:24 GMT
Date: Wed, 14 Sep 2022 19:42:32 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 44f0a31315e135bb54b234a3d456b9b0
865896180a4d850d3f077e1480668a93c22b42cb
24c15ff63eb19b697f36f982d4c14df71eaf5d55ec9259a39e5a9f75fe49609e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-60210697-8&cid=1557234813.1663184538&jid=1459254318&gjid=55717892&_gid=785140836.1663184538&_u=YEBAAEAAAAAAAC~&z=504681409
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-60210697-8&cid=1557234813.1663184538&jid=1459254318&gjid=55717892&_gid=785140836.1663184538&_u=YEBAAEAAAAAAAC~&z=504681409
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-60210697-8&cid=1557234813.1663184538&jid=1459254318&gjid=55717892&_gid=785140836.1663184538&_u=YEBAAEAAAAAAAC~&z=504681409 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://streamlivenow.me
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://streamlivenow.me
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Sep 2022 19:42:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 76c52618204a52eaf9902c54796e847b
fcfbd33d912e46eedde8375b87c867d383917b1a
b4fca368cb58c6f5feda5b57a88398c1b7f5a2ccf140d58285c7bc2e9dd87737
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 19:35:22 GMT
Expires: Tue, 20 Sep 2022 19:35:21 GMT
Etag: "fcfbd33d912e46eedde8375b87c867d383917b1a"
Cache-Control: max-age=517368,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ab9b3f7da8b512-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 76c52618204a52eaf9902c54796e847b
fcfbd33d912e46eedde8375b87c867d383917b1a
b4fca368cb58c6f5feda5b57a88398c1b7f5a2ccf140d58285c7bc2e9dd87737
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 19:35:22 GMT
Expires: Tue, 20 Sep 2022 19:35:21 GMT
Etag: "fcfbd33d912e46eedde8375b87c867d383917b1a"
Cache-Control: max-age=517368,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ab9b3f89beb4eb-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 44f0a31315e135bb54b234a3d456b9b0
865896180a4d850d3f077e1480668a93c22b42cb
24c15ff63eb19b697f36f982d4c14df71eaf5d55ec9259a39e5a9f75fe49609e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
earnbearerelectricity.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
200 OK 20 kB URL HTTP/1.1 earnbearerelectricity.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59697)
Hash dcf520f49880a1ce8581226c95d4f193
0b2ab7a26bd2f2451ad597b89ef4409ba6ac1292
11bb2fcb9b2a169f0a291032f9a678013193acd3a0865bc2805c94b10e5f56d4
Analyzer Verdict Alert quad9 Sinkholed
GET /b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js HTTP/1.1
Host: earnbearerelectricity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 14 Sep 2022 19:42:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_hd28118=1; expires=Thu, 22 Sep 2022 19:42:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fcd2233e19272c20db996dc87259edc0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 00997d4afbff5cff07cac4a3341cd82f
9e9c07fa21f2c9464dd7720e42b6ff21bca1cb5a
3f5c41d9bfaee19e85f9da760c9f20dc7e300ba2a39ef5996bee46ec3306132d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F5C41D9BFAEE19E85F9DA760C9F20DC7E300BA2A39EF5996BEE46EC3306132D"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21152
Expires: Thu, 15 Sep 2022 01:35:05 GMT
Date: Wed, 14 Sep 2022 19:42:33 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vikistream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:39:14 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 868942596
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
st.chatango.com/cfg/nc/r.json?9279700020000317151332914
200 OK 20 B URL HTTP/1.1 st.chatango.com/cfg/nc/r.json?9279700020000317151332914
IP
File type JSON data\012- , ASCII text
Hash 67a235cdf67d15044e66db2b3b799581
c6ddd33c979392cd5ba3a70d7c90360641e60c29
6eea499926669878dc267d25feeebbfd7826db0e55b82ce10db9e0004a3172b7
GET /cfg/nc/r.json?9279700020000317151332914 HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://streamlivenow.me
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 19:42:33 GMT
Content-Type: application/octet-stream
Content-Length: 20
Last-Modified: Wed, 17 Aug 2022 23:45:11 GMT
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 0b49cbe398634cf2b215910276d9be9a
4ae8f41943046d91a6985339e3964ae9e8173ea5
3794a57946e873b1ebac2b28e1d0712ecf9f6af05a74c63cdb33981f8c1d75f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3794A57946E873B1EBAC2B28E1D0712ECF9F6AF05A74C63CDB33981F8C1D75F7"
Last-Modified: Tue, 13 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14978
Expires: Wed, 14 Sep 2022 23:52:11 GMT
Date: Wed, 14 Sep 2022 19:42:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 78f8bae58862d8be3437cfe9e927011d
fb01a9cfd346f2c9b7694276c72a76e213887b06
389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8f4ef8df966072a94580afecf1b35f91
4c677ad586004935c473eac26ca322265456b18f
b3b317b2a3280e034775115498631650ce38188509f61450ad8c642651d06d94
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 19:42:33 GMT
Last-Modified: Wed, 14 Sep 2022 18:57:04 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TWAlnxFRYqrdJ7zigtvMMpYVqdPvDdHkCVLSYxcxvKq6OahhqPy1QQ==
Age: 2729
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c216fe14f0540c85a40ae7fab4bedf07
be38555ec9d5508b0fd6a1c6393ee1a6a6df6d34
fd4ae18423d4332653f8c824ba79b9fb89c47e496f0955d484ca5bf03ca91021
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60210697-8&cid=1557234813.1663184538&jid=1459254318&_u=YEBAAEAAAAAAAC~&z=483661097
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60210697-8&cid=1557234813.1663184538&jid=1459254318&_u=YEBAAEAAAAAAAC~&z=483661097
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60210697-8&cid=1557234813.1663184538&jid=1459254318&_u=YEBAAEAAAAAAAC~&z=483661097 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 19:42:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60210697-8&cid=1557234813.1663184538&jid=1459254318&_u=YEBAAEAAAAAAAC~&z=483661097
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60210697-8&cid=1557234813.1663184538&jid=1459254318&_u=YEBAAEAAAAAAAC~&z=483661097
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60210697-8&cid=1557234813.1663184538&jid=1459254318&_u=YEBAAEAAAAAAAC~&z=483661097 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 19:42:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 6798894bc1b1a00010cd4ac651187696
f2c70d6817d1432f471fb09f993624f058c038a9
30a94c4526a5463c7fb9b77850ff4f2c15f8e7632da37daf44cf91af21cb6822
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1l1l.to
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://1l1l.to
access-control-allow-credentials: true
set-cookie: uid_id2=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6:1:1; expires=Sat, 11 Sep 2032 19:42:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c216fe14f0540c85a40ae7fab4bedf07
be38555ec9d5508b0fd6a1c6393ee1a6a6df6d34
fd4ae18423d4332653f8c824ba79b9fb89c47e496f0955d484ca5bf03ca91021
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 0b49cbe398634cf2b215910276d9be9a
4ae8f41943046d91a6985339e3964ae9e8173ea5
3794a57946e873b1ebac2b28e1d0712ecf9f6af05a74c63cdb33981f8c1d75f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3794A57946E873B1EBAC2B28E1D0712ECF9F6AF05A74C63CDB33981F8C1D75F7"
Last-Modified: Tue, 13 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14978
Expires: Wed, 14 Sep 2022 23:52:11 GMT
Date: Wed, 14 Sep 2022 19:42:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5782
Expires: Wed, 14 Sep 2022 21:18:55 GMT
Date: Wed, 14 Sep 2022 19:42:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5782
Expires: Wed, 14 Sep 2022 21:18:55 GMT
Date: Wed, 14 Sep 2022 19:42:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 611 B IP
ASN #20940 Akamai International B.V.
Hash 14f098e263f62a6770bb1b489c576061
a9fa3bf6ce0d9a9120ae6f6fa673cf36a304825c
fc637fcb8c919db5c8ebbc8613d5f69dad10fea772cea740e7ef5b7b91917f76
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A9361215AAAB2041230BE54D9B901E245255B673BB3FD4C6B67331AC185B0D1"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10854
Expires: Wed, 14 Sep 2022 22:43:27 GMT
Date: Wed, 14 Sep 2022 19:42:33 GMT
Connection: keep-alive
xstats.net/js/plausible.js
200 OK 6.7 kB URL HTTP/2 xstats.net/js/plausible.js
IP
File type ASCII text, with very long lines (1332), with no line terminators
Hash 8d3cca3259251abcc6a6995e30ae60c4
7ac38d78ccd520ea415a292015091f8b563fe4a9
e608a9894a246572e009fc4a953aea7f052e5be27da44bb7cf601293e365b85c
GET /js/plausible.js HTTP/1.1
Host: xstats.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzPr%2BH%2FusFg1M10b9IZBKWXC4HZ%2FpPSrvdlxzCw1ooUddBzDGwlQNSc78o1g0RO%2BEy0ZQWYwZYHGcy6MiF%2B%2BelySKNMnsyFbr2sc2jX4FV%2Fly9CBhjxzEyneYXu8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b3b9c84b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 90bdd72e26d9aacca5f2539420aed17d
ab5f1a8086f7ee4804e0cda13625e9bd72ef2fa5
9a9361215aaab2041230be54d9b901e245255b673bb3fd4c6b67331ac185b0d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A9361215AAAB2041230BE54D9B901E245255B673BB3FD4C6B67331AC185B0D1"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10854
Expires: Wed, 14 Sep 2022 22:43:27 GMT
Date: Wed, 14 Sep 2022 19:42:33 GMT
Connection: keep-alive
vikistream.com/embed2.php?player=desktop&live=do12
200 OK 13 kB URL HTTP/2 vikistream.com/embed2.php?player=desktop&live=do12
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1176)
Hash 48dc20da3d6186ec2bd032291b3869c4
1c2c2f61d04657d00c7a2b89585d8a8813d457e3
322b52f9e473512d1811c1abc5e76453900e99ea4401ce0bb9aa671d9b0ce6f3
GET /embed2.php?player=desktop&live=do12 HTTP/1.1
Host: vikistream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGfIvG7hxDVQTokfV9xGR2vJJW%2BmOEMy6COeBWn4Tw4uk5DrELWtMMADSr5aUhZiAHd6%2FtHINMdH%2BgrTfEtqSoPa5mDIctOGtQlLB%2B9cORaZI874i%2FgGzOXUOvQsIBhaig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ab9b3b699f0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fef8234ab83f6f8f8b29665f592cbc9f
a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7
569c8c9736026fc310e148d4d74081e96a86245baaa1f784280d44a1cbd25ed0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CZRpgjU_AxNYoyeSTOwhJhONl2DS4pvCLJ62RgAFp0flw-kPz3GkpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:06:54 GMT
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
content-type: image/jpeg
age: 77739
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:05:07 GMT
age: 77846
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CWzE6n2U7hSFcSIHX5z76DPIid9pvbOqM6ikOlegBxzbuRThMeLKZA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:46:14 GMT
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
age: 78979
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0789404fdbe3613d465d8fa89a63d7b8
0617d2e513097ca415a1d07cd39b1cb64d832ecf
80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:09:32 GMT
age: 59581
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
varietiesplea.com/a4/6b/94/a46b94f5d9437f3ef375eb2b5c1d6562.js
200 OK 13 kB URL HTTP/1.1 varietiesplea.com/a4/6b/94/a46b94f5d9437f3ef375eb2b5c1d6562.js
IP
File type ASCII text, with very long lines (37108), with no line terminators
Hash bddea14bc3af74318e933da3502cf39a
c6fb7237aba2d3fd04b1b0b399363a558a12516b
eab5ccf623d2e7ffba0e02a236be90178b66d16eb06e4316795023e1dbe243bf
Analyzer Verdict Alert quad9 Sinkholed
GET /a4/6b/94/a46b94f5d9437f3ef375eb2b5c1d6562.js HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:42:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bdd09b09de3387e65acf3333c2fb5d33
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
varietiesplea.com/pixel/purst?dl=0&th=0&sc=0&rs=1370&rd=1370&fd=1008&bv=22.9.v.5&tmpl=70
200 OK 0 B URL HTTP/1.1 varietiesplea.com/pixel/purst?dl=0&th=0&sc=0&rs=1370&rd=1370&fd=1008&bv=22.9.v.5&tmpl=70
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1370&rd=1370&fd=1008&bv=22.9.v.5&tmpl=70 HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:42:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 6798894bc1b1a00010cd4ac651187696
f2c70d6817d1432f471fb09f993624f058c038a9
30a94c4526a5463c7fb9b77850ff4f2c15f8e7632da37daf44cf91af21cb6822
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1l1l.to
Connection: keep-alive
Referer: https://1l1l.to/
Cookie: uid_id2=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://1l1l.to
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8e0a186b454a6118235cfaa53aa4b1b4
4cfcaaf353fb31e1c28c19c18a7c1508c780706c
110f5834215d51afd5da995960bc137cc4874c1e768914a772e4c051b8f66d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "110F5834215D51AFD5DA995960BC137CC4874C1E768914A772E4C051B8F66D16"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10494
Expires: Wed, 14 Sep 2022 22:37:27 GMT
Date: Wed, 14 Sep 2022 19:42:33 GMT
Connection: keep-alive
st.chatango.com/h5/gz/r0817221641/id.html
200 OK 224 kB URL HTTP/1.1 st.chatango.com/h5/gz/r0817221641/id.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (54430), with CRLF, LF line terminators
Size 224 kB (224127 bytes)
Hash fc3ae4d65fdfcf6587ee0fd2e6341ca1
29b97c7cfc4081d173d28c84c774bc3ce891724d
b0a40dcfdea8674321e505dac154350a1bb1ef6067670208b02b6e4bd874f3a9
GET /h5/gz/r0817221641/id.html HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 19:42:33 GMT
Content-Type: text/html
Content-Length: 224127
Last-Modified: Wed, 17 Aug 2022 23:45:11 GMT
Connection: keep-alive
Expires: Thu, 14 Sep 2023 19:42:33 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges: bytes
s4.histats.com/stats/0.php?4646651&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mvikistream.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2F1l1l.to%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-121007524&@b3:1663184539&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fvikistream.com%2Fembed2.php%3Fplayer%3Ddesktop%26live%3Ddo12&@w
200 OK 53 B URL HTTP/1.1 s4.histats.com/stats/0.php?4646651&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mvikistream.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2F1l1l.to%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-121007524&@b3:1663184539&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fvikistream.com%2Fembed2.php%3Fplayer%3Ddesktop%26live%3Ddo12&@w
IP
File type ASCII text, with no line terminators
Hash 2791cdfaa84aa22cc14ec89688ae3846
c753be5b0e161a0945d0a6021ee43f373769c8c1
c4921ee7b3913248713a7058ba446224c18c019b6c3a629bc761d33d5dc4de89
GET /stats/0.php?4646651&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mvikistream.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2F1l1l.to%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-121007524&@b3:1663184539&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fvikistream.com%2Fembed2.php%3Fplayer%3Ddesktop%26live%3Ddo12&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vikistream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:42:33 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 53
Connection: close
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 14 Sep 2022 19:42:33 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8fc158852f618dd82e73f667d1ee1a4d
Strict-Transport-Security: max-age=0; includeSubdomains
creepingbrings.com/sfp.js
200 OK 43 kB URL HTTP/2 creepingbrings.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash af064c54578cb26fc988fe267d90901c
823816b7c77fbc7e335460518b1fc7d593ec390c
f8ce94289e994a622a7c432c915e6a0143404f7019941685215aa193f8a47a19
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:33 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9cd7decbace6c70e15e8e23f1dfa01d6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 14 Sep 2022 19:42:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFNfE60R3ETrCYaQQ9hQcb9BlKDf%2FEKCsgCupPzJFp4aExM2TpLQd3jaey2zy3i95nzaSo2369Mu64AyLAHggkpwDvHJqLX%2BfMwe1ssq9sZTEph%2F7Fm29Q%2BvrmdU%2FwyZG%2BVF24k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b4598ea9054-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/chatango-network/loader.js
200 OK 21 kB URL HTTP/2 cdn.taboola.com/libtrc/chatango-network/loader.js
IP
File type ASCII text, with very long lines (65508)
Hash 2f74e7f7942272c7133c5aa4d07f4578
da338783f0f3553ed73b04767acba5db930bb166
6c7de831426f2e7b364073a2c83d8286d794fa18dbeb18e796c8f8e48063e02f
GET /libtrc/chatango-network/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tJbE5tZLbkNn3uNAKRokKkAd8eQER0cqOpMu5giv7t/Q0sUHKCHwYEOQU1f6h1mdsgUHIFQquKt05gWq6b4zeg==
x-amz-request-id: DB607DK8HAHM5EET
last-modified: Wed, 14 Sep 2022 10:23:58 GMT
etag: "bf4829b4502b188d3605ffaf700c86c4"
x-amz-version-id: Wb_4QIPffJ_GiGHQ3iPxZlSrn2.NhWKg
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 14 Sep 2022 19:42:34 GMT
via: 1.1 varnish
age: 118
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 10
x-timer: S1663184554.071531,VS0,VE0
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 48
content-length: 21001
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
200 OK 144 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
IP
File type ASCII text, with very long lines (65508)
Size 144 kB (144475 bytes)
Hash 77190bda3d8952e43fa38db7fd437d77
fbd5e4d455ab96db60eafc9998ec0f0e5f16a058
80b99820241c1e22d1051e3f6a495d2c51a78757ab569dbe6457d3699edc9bcc
GET /libtrc/impl.20220912-34-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: mkvhS5oK/myeqITERsnPqg4yRDloIp4+jbMzHgOiSCwm0vK6a98brYUVCuuH4VIvjVaa6CnD4dk=
x-amz-request-id: WPZXV5MCEJATS1Q8
last-modified: Mon, 12 Sep 2022 15:39:26 GMT
etag: "77190bda3d8952e43fa38db7fd437d77"
content-encoding: br
x-amz-version-id: eEyRu5k_S_UQhJLppRJ6VcQPBuzKpXDZ
content-type: application/javascript
accept-ranges: bytes
date: Wed, 14 Sep 2022 19:42:34 GMT
via: 1.1 varnish
age: 14577
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 367
x-timer: S1663184554.110391,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 91
server: AmazonS3-br
content-length: 144475
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663184539889&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817221641%2Fid.html&c8=&c9=http%3A%2F%2Fstreamlivenow.me%2F
204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663184539889&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817221641%2Fid.html&c8=&c9=http%3A%2F%2Fstreamlivenow.me%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663184539889&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817221641%2Fid.html&c8=&c9=http%3A%2F%2Fstreamlivenow.me%2F HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 14 Sep 2022 19:42:34 GMT
set-cookie: UID=166c00c2a205d68b9d3fce01663184554; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: osGC2a2W5TM8blDJfoqGluZuERyyOPVTkZfB52FGhfQ7Mg2lPFY4Tw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 68a65405404e611d6b4041928b5f987f
e1505738aa0556bb2740a19e6729200c612162e6
6f7219ac103b52293dccfe53d137c21ffc16c1d18292cc51933385f2fe2cd4cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5516
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:34 GMT
Last-Modified: Wed, 14 Sep 2022 18:10:38 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=19%3A42%3A19.995&type=usage&msg=rtus&llvl=2&id=2187&cv=20220912-34-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=19%3A42%3A19.995&type=usage&msg=rtus&llvl=2&id=2187&cv=20220912-34-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /chatango-chatango1/log/2/debug?tim=19%3A42%3A19.995&type=usage&msg=rtus&llvl=2&id=2187&cv=20220912-34-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 14 Sep 2022 19:42:34 GMT
x-fastly-to-nlb-rtt: 25733
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash ce80a3fc9418181feb46040578976fe6
9f12b7a12a42dc73ade73d03377392646e683678
46945b27f2e324001daa7245bee7c6087dec891e41add1b3a8b6333574ab745a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:34 GMT
Last-Modified: Wed, 14 Sep 2022 18:14:16 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:34 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=D2FEnl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh0eSUyQk9NTThOT3FlVThmeHZnOVglMkJaU25QRFdnTm8yciUyQjRrYjVhQzYyU3E; expires=Mon, 09 Oct 2023 19:42:34 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 136897
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3f4ade9d9f40e6368e1b9b8badd1cc54
a0b49d7decec0ba76289b889d15d4c7e7e3f4103
f39d34cc00e36ed0b102355931c8856e1a7d4328701ff32cac5786c2ca9cba00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F39D34CC00E36ED0B102355931C8856E1A7D4328701FF32CAC5786C2CA9CBA00"
Last-Modified: Wed, 14 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3647
Expires: Wed, 14 Sep 2022 20:43:21 GMT
Date: Wed, 14 Sep 2022 19:42:34 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 313 B IP
Hash e31a658735851a3358cc1e7673041884
a591585d8dc25628176495603cf8229428658832
f35389605ef4f9aabc0590d03a39b4adae6b368392591a9589fb1620714c9704
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3589
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:34 GMT
Last-Modified: Wed, 14 Sep 2022 18:42:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash e31a658735851a3358cc1e7673041884
a591585d8dc25628176495603cf8229428658832
f35389605ef4f9aabc0590d03a39b4adae6b368392591a9589fb1620714c9704
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3589
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:34 GMT
Last-Modified: Wed, 14 Sep 2022 18:42:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://st.chatango.com/
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:33 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 458714
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash af30ef20b2e72f3ca4822a0f8aad8cec
41e55ea8390467320dcc392b4ccd3862b82993cd
7410163101337664daf8b8901e8673752a7022dae1a15599d9759fd0f0183059
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3159
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:35 GMT
Last-Modified: Wed, 14 Sep 2022 18:49:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:34 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
reapinject.com/sbar.json?key=a46b94f5d9437f3ef375eb2b5c1d6562&uuid=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6%3A1%3A1
200 OK 4.3 kB URL HTTP/1.1 reapinject.com/sbar.json?key=a46b94f5d9437f3ef375eb2b5c1d6562&uuid=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6%3A1%3A1
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6075), with no line terminators
Hash 315f942d00cb7c43b6950a236398a932
77f554c41a83e64d8a19931aa0a9273941e16ed1
75cbcf62c632ca07e8aba5fe0c8daacdb86ea2dbed1de1c3c0c7677e61ae53b1
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a46b94f5d9437f3ef375eb2b5c1d6562&uuid=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6%3A1%3A1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1l1l.to
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:42:35 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://1l1l.to
Access-Control-Allow-Origin: https://1l1l.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15388737; expires=Thu, 15 Sep 2022 19:42:34 GMT; secure; SameSite=None
uid_id2=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6:1:1; expires=Wed, 21 Sep 2022 19:42:34 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 15 Sep 2022 19:42:35 GMT; secure; SameSite=None
uncs=1; expires=Thu, 15 Sep 2022 19:42:35 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 15 Sep 2022 19:42:35 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 15 Sep 2022 19:42:35 GMT; secure; SameSite=None
sleca46b94f5d9437f3ef375eb2b5c1d6562=[3520332]; expires=Wed, 14 Sep 2022 19:42:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: da21a36e1330c363cef3f34d18d27d56
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzc5KMKKuiiKyiAeFMyke6anZ8Y9hI0xEoybZVdRvEh1VfWkTHVXU9U9PckpuCAreBj%2Fg55vkg26y6InL7rIzIKHgJjxlIP5Azwq7MmDzOxg9EHzXtf3Cn7ve%2FX5ID8jLnJ6uvae3pNK0eVG1a289pHnXa5syiTvVXqt4JPAv1wx3TfbQdV9vfKOYDt6ueZ6ruu5XmVdGhHp3vJUhEzvtr1q2636tarX8NEz%2F%2F%2B3uQNLHfDuGXkakk8WHziXINkISfztmrA7mU7feDvOFc20QZcffZDsJLpIEJ%2BXkXEQJUfzbmh7sn4fOjmc4UJ3%2F20M5YQ4P99HmBzNIRF2D2acoYJIEPInUHRHEGoESUdg%2BiYkPyEA47i6hSS%2BfVWbgu4%2BUulUnZDFh39BFhOy%2BPslJPG9VSV7lRta5ZnUiUUvKiF7I8jOCGk%2BRrZ3AbIYg2WfQfJfyPLDTSTxwZZVGpKfvsrCBhWs0VxqsShY8gMWLNE6byyFfsg93ubMY8HMIClHkNEISvRBrYN8%2BkkHeeQgTx3E%2FLTCPM9rupxRt9VmrM6bIgy469Fm5FHPDVrI2XSGPrK0D6b6YGYfqdnHjuzD5D%2FBbpew3IHNCLq8RCEICktQUIJCEhQZQdEtD7myNVve5srmoTfPtXmul0OddQb0UGcdkZBBekaemhn3x69XsCNOK9QPwrYfNXjbrzejuojqzYYIa2GDeTxoBDVYWULaC7Mx96ZLfOFJpHJCyJ8XEdIxrBqDyWdA85dAi2Gz5oJuD%2F2Wi73knpJdYVNtsl6V6Rhcl0izRWS7zkCdkednJI3vNyHY8cq4PgswUyI1JT6VDwg66tbwui7IwXVdWPLdVprJWO7R6XpvZDQTC9%2B8K3YLbfjGmu1%2FfYVNhWl5931hs02acJl0LLmzKjkXZl0bJsiPG%2FZDEV7L7fZqbpI83bz21vpGnBphrdTJCFSe2C%2FB5IQ8TvXs3b743BeQZgSTl4jzYzIPSD0GS%2Fdh03N6qxdg1HlPmDoo8nJoauH5oZIT4vcegxLHK4Otv5%2F94eOLoGEJK%2F5z8bwe2FvomJdBs5tI4hJdU6KrSlDVh80Xhllqjld%2BmwOEyhmGyjgHoTLqq0f2WnlaadbrLg3aDa%2FZpKIZ%2BrVWFHic0pof1IKA1pHZCXuleucfAAAA%2F%2F8BAAD%2F%2Fy3l%2FvOGBAAA
200 OK 7 B URL HTTP/1.1 reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzc5KMKKuiiKyiAeFMyke6anZ8Y9hI0xEoybZVdRvEh1VfWkTHVXU9U9PckpuCAreBj%2Fg55vkg26y6InL7rIzIKHgJjxlIP5Azwq7MmDzOxg9EHzXtf3Cn7ve%2FX5ID8jLnJ6uvae3pNK0eVG1a289pHnXa5syiTvVXqt4JPAv1wx3TfbQdV9vfKOYDt6ueZ6ruu5XmVdGhHp3vJUhEzvtr1q2636tarX8NEz%2F%2F%2B3uQNLHfDuGXkakk8WHziXINkISfztmrA7mU7feDvOFc20QZcffZDsJLpIEJ%2BXkXEQJUfzbmh7sn4fOjmc4UJ3%2F20M5YQ4P99HmBzNIRF2D2acoYJIEPInUHRHEGoESUdg%2BiYkPyEA47i6hSS%2BfVWbgu4%2BUulUnZDFh39BFhOy%2BPslJPG9VSV7lRta5ZnUiUUvKiF7I8jOCGk%2BRrZ3AbIYg2WfQfJfyPLDTSTxwZZVGpKfvsrCBhWs0VxqsShY8gMWLNE6byyFfsg93ubMY8HMIClHkNEISvRBrYN8%2BkkHeeQgTx3E%2FLTCPM9rupxRt9VmrM6bIgy469Fm5FHPDVrI2XSGPrK0D6b6YGYfqdnHjuzD5D%2FBbpew3IHNCLq8RCEICktQUIJCEhQZQdEtD7myNVve5srmoTfPtXmul0OddQb0UGcdkZBBekaemhn3x69XsCNOK9QPwrYfNXjbrzejuojqzYYIa2GDeTxoBDVYWULaC7Mx96ZLfOFJpHJCyJ8XEdIxrBqDyWdA85dAi2Gz5oJuD%2F2Wi73knpJdYVNtsl6V6Rhcl0izRWS7zkCdkednJI3vNyHY8cq4PgswUyI1JT6VDwg66tbwui7IwXVdWPLdVprJWO7R6XpvZDQTC9%2B8K3YLbfjGmu1%2FfYVNhWl5931hs02acJl0LLmzKjkXZl0bJsiPG%2FZDEV7L7fZqbpI83bz21vpGnBphrdTJCFSe2C%2FB5IQ8TvXs3b743BeQZgSTl4jzYzIPSD0GS%2Fdh03N6qxdg1HlPmDoo8nJoauH5oZIT4vcegxLHK4Otv5%2F94eOLoGEJK%2F5z8bwe2FvomJdBs5tI4hJdU6KrSlDVh80Xhllqjld%2BmwOEyhmGyjgHoTLqq0f2WnlaadbrLg3aDa%2FZpKIZ%2BrVWFHic0pof1IKA1pHZCXuleucfAAAA%2F%2F8BAAD%2F%2Fy3l%2FvOGBAAA
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzc5KMKKuiiKyiAeFMyke6anZ8Y9hI0xEoybZVdRvEh1VfWkTHVXU9U9PckpuCAreBj%2Fg55vkg26y6InL7rIzIKHgJjxlIP5Azwq7MmDzOxg9EHzXtf3Cn7ve%2FX5ID8jLnJ6uvae3pNK0eVG1a289pHnXa5syiTvVXqt4JPAv1wx3TfbQdV9vfKOYDt6ueZ6ruu5XmVdGhHp3vJUhEzvtr1q2636tarX8NEz%2F%2F%2B3uQNLHfDuGXkakk8WHziXINkISfztmrA7mU7feDvOFc20QZcffZDsJLpIEJ%2BXkXEQJUfzbmh7sn4fOjmc4UJ3%2F20M5YQ4P99HmBzNIRF2D2acoYJIEPInUHRHEGoESUdg%2BiYkPyEA47i6hSS%2BfVWbgu4%2BUulUnZDFh39BFhOy%2BPslJPG9VSV7lRta5ZnUiUUvKiF7I8jOCGk%2BRrZ3AbIYg2WfQfJfyPLDTSTxwZZVGpKfvsrCBhWs0VxqsShY8gMWLNE6byyFfsg93ubMY8HMIClHkNEISvRBrYN8%2BkkHeeQgTx3E%2FLTCPM9rupxRt9VmrM6bIgy469Fm5FHPDVrI2XSGPrK0D6b6YGYfqdnHjuzD5D%2FBbpew3IHNCLq8RCEICktQUIJCEhQZQdEtD7myNVve5srmoTfPtXmul0OddQb0UGcdkZBBekaemhn3x69XsCNOK9QPwrYfNXjbrzejuojqzYYIa2GDeTxoBDVYWULaC7Mx96ZLfOFJpHJCyJ8XEdIxrBqDyWdA85dAi2Gz5oJuD%2F2Wi73knpJdYVNtsl6V6Rhcl0izRWS7zkCdkednJI3vNyHY8cq4PgswUyI1JT6VDwg66tbwui7IwXVdWPLdVprJWO7R6XpvZDQTC9%2B8K3YLbfjGmu1%2FfYVNhWl5931hs02acJl0LLmzKjkXZl0bJsiPG%2FZDEV7L7fZqbpI83bz21vpGnBphrdTJCFSe2C%2FB5IQ8TvXs3b743BeQZgSTl4jzYzIPSD0GS%2Fdh03N6qxdg1HlPmDoo8nJoauH5oZIT4vcegxLHK4Otv5%2F94eOLoGEJK%2F5z8bwe2FvomJdBs5tI4hJdU6KrSlDVh80Xhllqjld%2BmwOEyhmGyjgHoTLqq0f2WnlaadbrLg3aDa%2FZpKIZ%2BrVWFHic0pof1IKA1pHZCXuleucfAAAA%2F%2F8BAAD%2F%2Fy3l%2FvOGBAAA HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Cookie: u_pl=15388737; uid_id2=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca46b94f5d9437f3ef375eb2b5c1d6562=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:42:35 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c53fd8143e0e8ae5ef82736b5f67cf56
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c234726a3d5da8649aa22b28d54c0b27
5a43e53452c412a8d20a02c6eaa99f50f539d8ea
61b3a9e35540544087489993ac1a95c0b9c43c2db2c9ecdf5953b57b79268909
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B3A9E35540544087489993AC1A95C0B9C43C2DB2C9ECDF5953B57B79268909"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Wed, 14 Sep 2022 20:36:40 GMT
Date: Wed, 14 Sep 2022 19:42:35 GMT
Connection: keep-alive
ust.chatango.com/groupinfo/s/o/socc2/gprofile.xml
200 OK 101 B URL HTTP/1.1 ust.chatango.com/groupinfo/s/o/socc2/gprofile.xml
IP
File type XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with no line terminators
Hash 9b25bf43575c1f61a7bb18321be37b41
db3cba7e9581876cdae914f84bf5acfe7449e495
9e68e717000f7b05813680400d65316e77216b435afc9d0a37cc771668d73413
GET /groupinfo/s/o/socc2/gprofile.xml HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st.chatango.com
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 19:42:35 GMT
Content-Type: text/xml
Content-Length: 101
Last-Modified: Thu, 28 Jul 2022 09:58:11 GMT
Connection: keep-alive
Expires: Wed, 14 Sep 2022 19:42:35 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 172647e6d49f4c9371eed4810f281b75
641fb454b48c22e4dcf47bd3d7c6f4f81228e9cb
6c77330a2c7a5c75c626c74c73e6bfc85f2f9f0ef969fc22c67d58988cf7dd87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6C77330A2C7A5C75C626C74C73E6BFC85F2F9F0EF969FC22C67D58988CF7DD87"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7655
Expires: Wed, 14 Sep 2022 21:50:10 GMT
Date: Wed, 14 Sep 2022 19:42:35 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 172647e6d49f4c9371eed4810f281b75
641fb454b48c22e4dcf47bd3d7c6f4f81228e9cb
6c77330a2c7a5c75c626c74c73e6bfc85f2f9f0ef969fc22c67d58988cf7dd87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6C77330A2C7A5C75C626C74C73E6BFC85F2F9F0EF969FC22C67D58988CF7DD87"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7655
Expires: Wed, 14 Sep 2022 21:50:10 GMT
Date: Wed, 14 Sep 2022 19:42:35 GMT
Connection: keep-alive
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=312
200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=312
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=312 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Cookie: u_pl=15388737; uid_id2=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca46b94f5d9437f3ef375eb2b5c1d6562=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:42:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 172647e6d49f4c9371eed4810f281b75
641fb454b48c22e4dcf47bd3d7c6f4f81228e9cb
6c77330a2c7a5c75c626c74c73e6bfc85f2f9f0ef969fc22c67d58988cf7dd87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6C77330A2C7A5C75C626C74C73E6BFC85F2F9F0EF969FC22C67D58988CF7DD87"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7655
Expires: Wed, 14 Sep 2022 21:50:10 GMT
Date: Wed, 14 Sep 2022 19:42:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg
200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6d20738bc39a48541ac302cdfb0f8e24
121628335cb0d25da1caaf530de62ced572ba418
f93c739c9887204eac483095dea345b5f69d6c8f4363558a927673c4994799ed
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:35 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3663497
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOj0kboEbOcgDNbx6Re1Zhivw9mD1eEAujjgHl21IzsHxJwNEWfZXCfoxe8etKyFk9oBlgIQxSIL%2B5y7NB4xGhAU8VMIKTyLccplOLG8uhOhqMXF%2FEZv0Q4YWLRn0pfaoiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b508feb888f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fanimate.css&l=79245&fd=99
200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fanimate.css&l=79245&fd=99
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fanimate.css&l=79245&fd=99 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Cookie: u_pl=15388737; uid_id2=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca46b94f5d9437f3ef375eb2b5c1d6562=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:42:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.cloudimagesb.com/si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg
200 OK 13 kB URL HTTP/2 cdn.cloudimagesb.com/si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 9a26092fd440aa10142a9e87e8370c2c
b1c33219c136dc2ee76d081d02f0cb9c15032f41
ef6e3d4a4df9d2c4f104857ab7b5b545e6f3e6c0dda989d6fcd0707513136445
GET /si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:35 GMT
content-type: image/jpeg
content-length: 12632
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:44:01 GMT
etag: "62d54781-3158"
expires: Fri, 16 Sep 2022 19:42:35 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=96
200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=96
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=96 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Cookie: u_pl=15388737; uid_id2=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca46b94f5d9437f3ef375eb2b5c1d6562=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:42:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=110
200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=110
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=110 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Cookie: u_pl=15388737; uid_id2=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca46b94f5d9437f3ef375eb2b5c1d6562=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:42:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1l1l.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 508
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
reapinject.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbs?c=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Cookie: u_pl=15388737; uid_id2=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca46b94f5d9437f3ef375eb2b5c1d6562=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:42:36 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
200 OK 681 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP
Hash d625526a5227465c32600a7e1580ecfc
d25ec486c6e1aff176cbc985a4c82f574402e6eb
66a3d30e3d4e6ae5a060977e34e39802645bb2ebdaccc64c683da5f29274eaef
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1l1l.to
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:35 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3641811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P12TioHF0nqJ8ecqbjnmMH7iUxT7ZvdfJ15lsR41b8Oq1QZmB5DYLJp8XK69xC52mxFb3MaURT6soztcuiW8t01ZusTfRw9v8Go1XDWfJyVDcPQouTr86YIegmJGatsuSbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b503f46888f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1l1l.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 508
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:42:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reapinject.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq5M9KEJEDYqiMogHBXe2e6a7Z8YcQmJcCa7ZkCiKF6lfvSm3uqup6p6e7CkYkAgexv%2Bg5zubBE0IevKiQWYCHhbEHU97cP8Ajwo5eZCZDK4%2BaN7r%2Br6Cz%2Fu%2B%2BnxUHhIfJT04957ZUVrTtajpN177KAhONTZUVg4ag278SRyeatj%2Bm7246b%2FeeEfybbPW8gPfD%2Fygsa6sTMxgbS5C5Xd7QbPnN8NWM4hCDOz%2F%2F13pwVEPon9InoYSs5UH3kkoPkGWfntOuu3C5G%2B8nZaaFsaiL25%2FkG1npsqQHpWJ9ZBkt5fdMG5%2F%2FT5MdnOBC9P%2Ft5GpGfF%2Bvg%2BW3V5CgvV3F5xMQ2Zg4glU%2FQmknkDRCbi5DiX2CcAFLmwiS29dMLaiVx%2BpdK7OyMrDv6CqGVn5%2FSSy9N5ZrQaNy0aXhTKZwyCpoQYTqK0J8nKKYucYVDUFLz6DEr%2BQtYcbyNLdTacNlDh4lbOISh51Vrs8iVfDmMertC2iVRYyEYie4AGPFwYpNYFKJtByCOo8lPNPeSgTD2XuIRUHDR4EQccXnPrdHudt0ZEsFn5AO0lAAz%2FuouTzGYYo8iG4HoLba8jtNWyrIWz5E9yVGk54cAVBX9SoJEHlCCpKUCmCqiCo%2BvVNoV3L1beEdiULlrm1zO16bIqtEb1pii2ZkVF%2BSJ5aGPfHr2ewLQ8aNIxZL0wi0QvbnaQtk3YnkqzFIh6IOIpbcKqGcscWY%2B7Ml%2FjCk8jVjJA%2FT4DRKZyegqtnQMuXQKtxp%2BWDXhmHXR872T2t%2BtLlxhaDJjcphKmRFysornojfUieX5BE329A8r3T0%2FYiwG2N3Nb4VD0g2NI3xpdMRXYvmcqR7zbzQqVqh87Xe7mghTz%2BzbvyamWsOH%2FODb8%2Bw%2BfCvLz7vnTFBs2EyrYcuXNWCSHturFckh%2FPuw8lu1i6K2dLm5X5xsW31s%2BnuZXOKZNNQNW%2B%2BxJczcjj1Cze7YvPfQFlJ7BljbTcI8uAMlPw%2FBpcfkTvzHFYfdTDcg9VWY9tix0dajUj4eAxaLl3erT597M%2FfHwClNVw8j8Xj%2BqRu4Et%2BzJocR1ZWqNva%2FR1DaqHcOXxcZHbvdO%2FLQGY9sZMW2%2BXaau%2FemSvUweNti86TCayw2QYhYnkgkUR83nCWVt0uxyFm%2FFXmnf%2BAQAA%2F%2F8BAAD%2F%2F60xKxuGBAAA
200 OK 7 B URL HTTP/1.1 reapinject.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq5M9KEJEDYqiMogHBXe2e6a7Z8YcQmJcCa7ZkCiKF6lfvSm3uqup6p6e7CkYkAgexv%2Bg5zubBE0IevKiQWYCHhbEHU97cP8Ajwo5eZCZDK4%2BaN7r%2Br6Cz%2Fu%2B%2BnxUHhIfJT04957ZUVrTtajpN177KAhONTZUVg4ag278SRyeatj%2Bm7246b%2FeeEfybbPW8gPfD%2Fygsa6sTMxgbS5C5Xd7QbPnN8NWM4hCDOz%2F%2F13pwVEPon9InoYSs5UH3kkoPkGWfntOuu3C5G%2B8nZaaFsaiL25%2FkG1npsqQHpWJ9ZBkt5fdMG5%2F%2FT5MdnOBC9P%2Ft5GpGfF%2Bvg%2BW3V5CgvV3F5xMQ2Zg4glU%2FQmknkDRCbi5DiX2CcAFLmwiS29dMLaiVx%2BpdK7OyMrDv6CqGVn5%2FSSy9N5ZrQaNy0aXhTKZwyCpoQYTqK0J8nKKYucYVDUFLz6DEr%2BQtYcbyNLdTacNlDh4lbOISh51Vrs8iVfDmMertC2iVRYyEYie4AGPFwYpNYFKJtByCOo8lPNPeSgTD2XuIRUHDR4EQccXnPrdHudt0ZEsFn5AO0lAAz%2FuouTzGYYo8iG4HoLba8jtNWyrIWz5E9yVGk54cAVBX9SoJEHlCCpKUCmCqiCo%2BvVNoV3L1beEdiULlrm1zO16bIqtEb1pii2ZkVF%2BSJ5aGPfHr2ewLQ8aNIxZL0wi0QvbnaQtk3YnkqzFIh6IOIpbcKqGcscWY%2B7Ml%2FjCk8jVjJA%2FT4DRKZyegqtnQMuXQKtxp%2BWDXhmHXR872T2t%2BtLlxhaDJjcphKmRFysornojfUieX5BE329A8r3T0%2FYiwG2N3Nb4VD0g2NI3xpdMRXYvmcqR7zbzQqVqh87Xe7mghTz%2BzbvyamWsOH%2FODb8%2Bw%2BfCvLz7vnTFBs2EyrYcuXNWCSHturFckh%2FPuw8lu1i6K2dLm5X5xsW31s%2BnuZXOKZNNQNW%2B%2BxJczcjj1Cze7YvPfQFlJ7BljbTcI8uAMlPw%2FBpcfkTvzHFYfdTDcg9VWY9tix0dajUj4eAxaLl3erT597M%2FfHwClNVw8j8Xj%2BqRu4Et%2BzJocR1ZWqNva%2FR1DaqHcOXxcZHbvdO%2FLQGY9sZMW2%2BXaau%2FemSvUweNti86TCayw2QYhYnkgkUR83nCWVt0uxyFm%2FFXmnf%2BAQAA%2F%2F8BAAD%2F%2F60xKxuGBAAA
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq5M9KEJEDYqiMogHBXe2e6a7Z8YcQmJcCa7ZkCiKF6lfvSm3uqup6p6e7CkYkAgexv%2Bg5zubBE0IevKiQWYCHhbEHU97cP8Ajwo5eZCZDK4%2BaN7r%2Br6Cz%2Fu%2B%2BnxUHhIfJT04957ZUVrTtajpN177KAhONTZUVg4ag278SRyeatj%2Bm7246b%2FeeEfybbPW8gPfD%2Fygsa6sTMxgbS5C5Xd7QbPnN8NWM4hCDOz%2F%2F13pwVEPon9InoYSs5UH3kkoPkGWfntOuu3C5G%2B8nZaaFsaiL25%2FkG1npsqQHpWJ9ZBkt5fdMG5%2F%2FT5MdnOBC9P%2Ft5GpGfF%2Bvg%2BW3V5CgvV3F5xMQ2Zg4glU%2FQmknkDRCbi5DiX2CcAFLmwiS29dMLaiVx%2BpdK7OyMrDv6CqGVn5%2FSSy9N5ZrQaNy0aXhTKZwyCpoQYTqK0J8nKKYucYVDUFLz6DEr%2BQtYcbyNLdTacNlDh4lbOISh51Vrs8iVfDmMertC2iVRYyEYie4AGPFwYpNYFKJtByCOo8lPNPeSgTD2XuIRUHDR4EQccXnPrdHudt0ZEsFn5AO0lAAz%2FuouTzGYYo8iG4HoLba8jtNWyrIWz5E9yVGk54cAVBX9SoJEHlCCpKUCmCqiCo%2BvVNoV3L1beEdiULlrm1zO16bIqtEb1pii2ZkVF%2BSJ5aGPfHr2ewLQ8aNIxZL0wi0QvbnaQtk3YnkqzFIh6IOIpbcKqGcscWY%2B7Ml%2FjCk8jVjJA%2FT4DRKZyegqtnQMuXQKtxp%2BWDXhmHXR872T2t%2BtLlxhaDJjcphKmRFysornojfUieX5BE329A8r3T0%2FYiwG2N3Nb4VD0g2NI3xpdMRXYvmcqR7zbzQqVqh87Xe7mghTz%2BzbvyamWsOH%2FODb8%2Bw%2BfCvLz7vnTFBs2EyrYcuXNWCSHturFckh%2FPuw8lu1i6K2dLm5X5xsW31s%2BnuZXOKZNNQNW%2B%2BxJczcjj1Cze7YvPfQFlJ7BljbTcI8uAMlPw%2FBpcfkTvzHFYfdTDcg9VWY9tix0dajUj4eAxaLl3erT597M%2FfHwClNVw8j8Xj%2BqRu4Et%2BzJocR1ZWqNva%2FR1DaqHcOXxcZHbvdO%2FLQGY9sZMW2%2BXaau%2FemSvUweNti86TCayw2QYhYnkgkUR83nCWVt0uxyFm%2FFXmnf%2BAQAA%2F%2F8BAAD%2F%2F60xKxuGBAAA HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Cookie: u_pl=15388737; uid_id2=cb5aec57-8cf6-46c6-a3d5-b4bd1d9dc1c6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca46b94f5d9437f3ef375eb2b5c1d6562=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:42:36 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae0d8b9767ccb4b6be30f75de036d89b
Strict-Transport-Security: max-age=0; includeSubdomains
oaphoace.net/impression/JwvdWjivCDSjG7ouPIb_fNcToCFw4wBGu64XC0-Fu9MnY8pz7_r4FAO83rb8e8-6Eio7HZnUdY1Xazw6AiLXmhvDuQeb3Ee8xr14GYqEo_qXDiSpwPkMvsFV4L_vax3W2aTCHBGtGxYsJ8r5C1IAGHtY6nAeIeUxggmoXugAKATCOJ_fJpwkppGTXUji3dHorAlxieBxEBZ84xDTXrB3tM4uVxLcfB4dCSU9BWK3Ab7dEZvuQ7FNG8Hz0w-pbVIbsbld7w0FboNZhz4qaZ7iaG4_FXTEd65FSNM_ImH8wGKfw5_DD8_2I_DNfl0qTYPP0GYWIYt3E2IuJQh3Bdc1pkuo-sv6TPO1RSql8bu46Tq-DQAcQ_hz29x0LeM-pxMmkpCPGcJuXhAfkOFYFIwcIK7sxyKqqKXuKiMs-OHKOhROShsiPoizGYaVR1sikxnLRSFBeQe0kMWay6YBttqFzEC4woCEO5_iZypNezM74QFgzslQdyGnHnj7Wt46NsF7RlEIC8IEw-MaX0HUR41MpFOAdnhbRJaCJ0iiBpsl2Wnvh1507Y62PAafxVd74vLJgjpT81Ox_1vUPlKVbn7DYmvE9ZzZnZHq?_z=5345130&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 43 B URL HTTP/2 oaphoace.net/impression/JwvdWjivCDSjG7ouPIb_fNcToCFw4wBGu64XC0-Fu9MnY8pz7_r4FAO83rb8e8-6Eio7HZnUdY1Xazw6AiLXmhvDuQeb3Ee8xr14GYqEo_qXDiSpwPkMvsFV4L_vax3W2aTCHBGtGxYsJ8r5C1IAGHtY6nAeIeUxggmoXugAKATCOJ_fJpwkppGTXUji3dHorAlxieBxEBZ84xDTXrB3tM4uVxLcfB4dCSU9BWK3Ab7dEZvuQ7FNG8Hz0w-pbVIbsbld7w0FboNZhz4qaZ7iaG4_FXTEd65FSNM_ImH8wGKfw5_DD8_2I_DNfl0qTYPP0GYWIYt3E2IuJQh3Bdc1pkuo-sv6TPO1RSql8bu46Tq-DQAcQ_hz29x0LeM-pxMmkpCPGcJuXhAfkOFYFIwcIK7sxyKqqKXuKiMs-OHKOhROShsiPoizGYaVR1sikxnLRSFBeQe0kMWay6YBttqFzEC4woCEO5_iZypNezM74QFgzslQdyGnHnj7Wt46NsF7RlEIC8IEw-MaX0HUR41MpFOAdnhbRJaCJ0iiBpsl2Wnvh1507Y62PAafxVd74vLJgjpT81Ox_1vUPlKVbn7DYmvE9ZzZnZHq?_z=5345130&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/JwvdWjivCDSjG7ouPIb_fNcToCFw4wBGu64XC0-Fu9MnY8pz7_r4FAO83rb8e8-6Eio7HZnUdY1Xazw6AiLXmhvDuQeb3Ee8xr14GYqEo_qXDiSpwPkMvsFV4L_vax3W2aTCHBGtGxYsJ8r5C1IAGHtY6nAeIeUxggmoXugAKATCOJ_fJpwkppGTXUji3dHorAlxieBxEBZ84xDTXrB3tM4uVxLcfB4dCSU9BWK3Ab7dEZvuQ7FNG8Hz0w-pbVIbsbld7w0FboNZhz4qaZ7iaG4_FXTEd65FSNM_ImH8wGKfw5_DD8_2I_DNfl0qTYPP0GYWIYt3E2IuJQh3Bdc1pkuo-sv6TPO1RSql8bu46Tq-DQAcQ_hz29x0LeM-pxMmkpCPGcJuXhAfkOFYFIwcIK7sxyKqqKXuKiMs-OHKOhROShsiPoizGYaVR1sikxnLRSFBeQe0kMWay6YBttqFzEC4woCEO5_iZypNezM74QFgzslQdyGnHnj7Wt46NsF7RlEIC8IEw-MaX0HUR41MpFOAdnhbRJaCJ0iiBpsl2Wnvh1507Y62PAafxVd74vLJgjpT81Ox_1vUPlKVbn7DYmvE9ZzZnZHq?_z=5345130&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Cookie: OAID=ef6f05a7868f4930bded0987f757ba4b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:42:36 GMT
content-type: image/gif
content-length: 43
x-trace-id: 902da42fc3863153e22e888d5819ff0f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=streamlivenow.me&info=tZryKl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh0eSUyQk9NTThOT3FlVThmeHZnOVglMkJiNWJRTFZHUjEwYXVMZjFCdnhONlg4&idsd=-120687736,-2127525623&rtusCallerId=72&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=streamlivenow.me&info=tZryKl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh0eSUyQk9NTThOT3FlVThmeHZnOVglMkJiNWJRTFZHUjEwYXVMZjFCdnhONlg4&idsd=-120687736,-2127525623&rtusCallerId=72&lsw=1
IP
GET /sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=streamlivenow.me&info=tZryKl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh0eSUyQk9NTThOT3FlVThmeHZnOVglMkJiNWJRTFZHUjEwYXVMZjFCdnhONlg4&idsd=-120687736,-2127525623&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=streamlivenow.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 886670
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1l1l.to
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:35 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3641811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNr%2FptB9X1XC1gI0Bieu68F7BVB%2FKrQRwEbnVXsXgPo0aYDhotYin7m2%2BGdMaaQCOGDL2wDjDHs5lhyFSbL72kfhEPg5y5Xr24Q5GMxza%2BagFmxTFBwlYcX1prG0hmqIrrc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b504f5e888f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oaphoace.net/401/5345130
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5345130 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamlivenow.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:42:31 GMT
content-type: application/javascript
x-trace-id: bf427d7c3a925a3085376d5c8642e447
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5ffe54138bc947559fb06927a53b0981; expires=Thu, 14 Sep 2023 19:42:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:33 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7ca582b513cac3bbb6bf2b2abd3ce44b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 14 Sep 2022 19:42:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMvBhF1IxaRcvSiNaUFrQMmss4ZxI9W8Hx%2FN8G2FwGCRft4R5l386ivi3Wipy9rCeEcmbmh0Ch3npGiqGOS%2BGyvVPJvamnC9Xu05pw3S40pF9k3fCYg9o1%2BKuh35fm%2BxtRALAVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b41cde0dd74-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1l1l.to/css/style.css
200 OK 0 B IP
GET /css/style.css HTTP/1.1
Host: 1l1l.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/ch12
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 14:00:00 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1261
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdObzd4hGcE41cX%2FC%2FguGZcBfv9McycpOWQNbAS%2FuHByKRpRn5NLH%2BylBSHbFTiy%2FbnuUZIvab1uLPz4JmLsRb2%2FrKSWkf5H1OZlho3pxKfTaNTG2GQCRVKo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b3ae90fb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
IP
GET /npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vikistream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.3.10
x-jsd-version-type: version
etag: W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 14 Sep 2022 19:42:32 GMT
age: 24222
x-served-by: cache-fra19177-FRA, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1157
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 83650
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://st.chatango.com/
x-crto-bundle: 4NEUl19QeTNxRVVLUmdlYUZ4V2dsT1JwUGszVjBrSnVlODB0SkYlMkJtdEZRRmdvZUtlSk4lMkJHZEg4JTJCaERzZ1ExODhuRk90SkpQM1klMkZkTmR4TW5VZUlVUnFOWm5HNzFOZU9oUFBkazduMSUyRjBjOXIyM1VBRmtjJTJCc0N5MVVvQzJsNnpkOEF1NVhISGclMkYlMkJwJTJGSmlZJTJGblZ2U3RjUyUyQkN3JTNEJTNE
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:34 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 4001348
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vikistream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 8634037
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab9b3c8e460b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
asacdn.com/script/suv4.js
200 OK 0 B URL HTTP/2 asacdn.com/script/suv4.js
IP
GET /script/suv4.js HTTP/1.1
Host: asacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdvbBFfXqlTig0BdFnBR9d4-PPEJqM0NvUnmo4Xu-igR-ciH5thR_YuWDs1YXSufEN1Zm5ICezq4WHbTRlgllpF2bQ
x-goog-generation: 1662626465441111
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100523
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 14 Sep 2022 19:51:29 GMT
cache-control: public, max-age=14400
last-modified: Thu, 08 Sep 2022 08:41:05 GMT
etag: W/"90a406e7c114cb9cbdbd171d8282e224"
age: 2049
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44fuOw6bYZf13YnyRSYG2uMRAnq2VYRU91beJ6pSPMCZs12OpqyAqTXZxcrBhOSKG6NS%2BEduON25ZaYHnFLvhOyHI78YoRYqwu5nciPg%2BZsdSdais0WJWe4RR1K3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b3b3fcdb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xstats.net/js/plausible.js
200 OK 0 B URL HTTP/2 xstats.net/js/plausible.js
IP
GET /js/plausible.js HTTP/1.1
Host: xstats.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1l1l.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:32 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FkV%2Blc7h7cBdYLHsixmldQQ8kMalj2%2Bn2Hftf9JRMeq8yMECdvWjmNd8jtg%2Fc3ge1snCabyysjRajVEJNgHeObtudQFzCDOa9V9b0Snu2zmg%2BOve3CxdovcscjZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab9b3b3c10b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=streamlivenow.me
200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=streamlivenow.me
IP
GET /syncframe?origin=rtus&topUrl=streamlivenow.me HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:34 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=369da7a5-f864-41c0-b782-f5ecfc9f5a99; expires=Mon, 09 Oct 2023 19:42:33 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 451364
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=D2FEnl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh0eSUyQk9NTThOT3FlVThmeHZnOVglMkJaU25QRFdnTm8yciUyQjRrYjVhQzYyU3E
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:34 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=tZryKl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh0eSUyQk9NTThOT3FlVThmeHZnOVglMkJiNWJRTFZHUjEwYXVMZjFCdnhONlg4; expires=Mon, 09 Oct 2023 19:42:34 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 238394
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:34 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 52799
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 19:42:35 GMT
date: Wed, 14 Sep 2022 19:42:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oaphoace.net/500/5345130?excludes=&oaid=ef6f05a7868f4930bded0987f757ba4b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/2 oaphoace.net/500/5345130?excludes=&oaid=ef6f05a7868f4930bded0987f757ba4b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5345130?excludes=&oaid=ef6f05a7868f4930bded0987f757ba4b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Fstreamlivenow.me%2Flala%2Findex.php%3Fstream%3D125617282%3Fsid%3D1485206&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://streamlivenow.me
Connection: keep-alive
Referer: http://streamlivenow.me/
Cookie: OAID=5ffe54138bc947559fb06927a53b0981
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:42:32 GMT
content-type: application/javascript
x-trace-id: 0f8ec7d56f87cf59cbfb03617e142fb9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://streamlivenow.me
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=ef6f05a7868f4930bded0987f757ba4b; expires=Thu, 14 Sep 2023 19:42:32 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 14 Sep 2022 00:59:16 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OFNMzg12G1S2wN5PnGtdLSb8YXcyHqBCtZ5L9ZyKFQV2-WYlRfAtiw==
age: 67399
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:42:34 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 686593
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
104.21.67.43
208.93.230.22
104.21.93.4
139.45.197.236
23.36.76.226
178.250.0.162
151.101.85.44
141.226.228.48
158.69.251.190
52.28.172.243