Report - french-stream.bio/

Report Overview

Submitted URL
french-stream.bio/
IP
104.21.3.78
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-06 08:15:51
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1.0 kB	2.2 kB	23.36.76.226
banquetunarmedgrater.com	unknown	2022-08-04T17:12:50Z	2023-03-13T05:26:56Z	376 B	327 B	192.243.59.12
deficitsilverdisability.com	unknown	2023-02-03T05:13:55Z	2023-02-14T03:29:46Z	4.6 kB	7.6 kB	192.243.61.227
cdn.barscreative1.com	25648	2021-09-16T13:14:42Z	2023-03-13T08:33:41Z	453 B	386 B	45.133.44.3
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	700 B	2.0 kB	143.204.42.156
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	5.1 kB	15 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.1 kB	4.2 kB	216.58.211.3
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.1 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.191.251.76
instinctcringe.com	unknown	2023-01-19T02:30:33Z	2023-02-15T04:48:12Z	800 B	35 kB	192.243.59.13
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-13T08:33:39Z	790 B	820 B	35.156.167.37
s4.histats.com	12782	2012-05-21T19:14:14Z	2023-03-13T05:19:20Z	2.5 kB	736 B	149.56.240.31
cdn.creative-bars1.com	unknown	2022-11-15T17:46:22Z	2023-03-13T05:15:48Z	1.8 kB	31 kB	172.64.166.9
friendshipmale.com	unknown	2022-10-21T14:15:25Z	2023-03-13T08:33:43Z	362 B	28 kB	104.21.234.93
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	485 B	17 kB	216.58.207.227
french-stream.bio	unknown	2023-01-17T16:14:41Z	2023-02-06T09:09:58Z	796 B	39 kB	104.21.3.78
i.imgur.com	5110	2012-05-21T10:09:36Z	2023-03-13T07:33:27Z	12 kB	1.6 MB	151.101.84.193
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	425 B	6.7 kB	104.17.24.14
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	67 kB	34.120.237.76
cdn.cloudimagesb.com	23099	2021-02-12T17:15:41Z	2023-03-13T05:15:48Z	401 B	5.5 kB	45.133.44.9
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
s10.histats.com	15211	2012-05-21T19:14:14Z	2023-03-13T05:19:20Z	363 B	4.7 kB	46.105.201.240
unseenreport.com	unknown	2022-03-30T16:33:17Z	2023-03-13T05:15:47Z	1.4 kB	846 B	192.243.59.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-06	medium	friendshipmale.com/sfp.js	Malware
2023-02-06	medium	cdn.barscreative1.com/sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-06	medium	instinctcringe.com	Sinkholed
2023-02-06	medium	instinctcringe.com	Sinkholed
2023-02-06	medium	banquetunarmedgrater.com	Sinkholed
2023-02-06	medium	deficitsilverdisability.com	Sinkholed
2023-02-06	medium	deficitsilverdisability.com	Sinkholed
2023-02-06	medium	unseenreport.com	Sinkholed
2023-02-06	medium	unseenreport.com	Sinkholed
2023-02-06	medium	deficitsilverdisability.com	Sinkholed
2023-02-06	medium	deficitsilverdisability.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-04-26
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 09:23:14 Times Seen1981 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	s4.histats.com/stats/0.php?4642117&@f16&@g1&@h1&@i1&@j1675671385790&@k0&@l1&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-194651728&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w	52 B	2023-03-13	2023-03-13
Pretty URL s4.histats.com/stats/0.php?4642117&@f16&@g1&@h1&@i1&@j1675671385790&@k0&@l1&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-194651728&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w IP 149.56.240.31 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:16:55 Last Seen2023-03-13 18:16:55 Times Seen1 Hash 1451690fddf42af021411e9ed143b65b 741817bd0769f3790dec09e0fdb7890b6a188759 5d46c1a898c8bfb124dd7c5c33b722aafcfc8eab70148996c0502457945f3821 Loading...

	http:blank	601 B	2023-03-10	2023-04-14
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:56:51 Last Seen2023-04-14 03:52:17 Times Seen3 Hash 07251213de7a28b918d6c356416520f9 dbecfdf0fa6bd57cea74e84d70e765c19042d4d5 ecedfafb4f58037c4420f76decd3044c85030027042b875fc21573f67acb0e18 Loading...

	french-stream.bio/engine/classes/min/index.php?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js&v=23	126 kB	2023-03-07	2024-03-02
Pretty URL french-stream.bio/engine/classes/min/index.php?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js&v=23 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:24:37 Last Seen2024-03-02 18:31:25 Times Seen22 Hash d80a8618b27abec6ec9a7bdcf7af7884 0476583c38a32a830c3cb26d2aff604244e92927 f5784a0f9f8a59eeee893fb5bd6ad1ff3e19d0ee8ea5518ceaee775e2e097d19 Loading...

	french-stream.bio/	1.5 kB	2023-03-13	2023-03-14
Pretty URL french-stream.bio/ IP 104.21.3.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:16:56 Last Seen2023-03-14 08:32:18 Times Seen1 Hash 1eba8660272b02bbc5bfdc136a28c414 7bfc60760f84a064e6ebbb5915cc15c7b2e47601 d3927eb02f63e7820d000844719bc62b421fc17d174e5b11fb6bf95375ef272c Loading...

	instinctcringe.com/fc/17/6f/fc176fe82169234bdc18cf5f1a9ffe82.js	37 kB	2023-03-13	2023-03-13
Pretty URL instinctcringe.com/fc/17/6f/fc176fe82169234bdc18cf5f1a9ffe82.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:16:56 Last Seen2023-03-13 18:16:56 Times Seen1 Hash 52eb8647b7c2d87f6e1d8354fc4d64b0 5d2a53ec174775747dabeed286a964dfae1521a4 e4adbcf18145bc953e976dac7db7a081ad9002896ad010f89fc13524d5ad9778 Loading...

	french-stream.bio/	1.4 kB	2023-03-07	2024-02-24
Pretty URL french-stream.bio/ IP 104.21.3.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:38 Last Seen2024-02-24 14:06:15 Times Seen25 Hash fd3ca84e13138df50a432cecfd0ef83b ad40c37ac4051955038ab86436fb40af7c902735 c2eb322282977717c1cef5193f96a78208b709dc87f8ccc60dcf67a9cb1fadc8 Loading...

	french-stream.bio/engine/classes/min/index.php?charset=utf-8&g=general&v=23	86 kB	2023-03-07	2024-03-02
Pretty URL french-stream.bio/engine/classes/min/index.php?charset=utf-8&g=general&v=23 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:24:37 Last Seen2024-03-02 18:31:25 Times Seen139 Hash 41de23c0710f9ef5b049995739730248 b08e29bf574c296e3c4c94c7e9bdfd69a4146cd9 774d7763070feabb32c456389479243905c78a728cfbfabe9941c10b682d7b60 Loading...

	french-stream.bio/	424 B	2023-03-13	2023-06-16
Pretty URL french-stream.bio/ IP 104.21.3.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:16:56 Last Seen2023-06-16 00:34:10 Times Seen3 Hash cc5bf62ea17b287dd479f86c197128ce 60595b1abc2cf3e9dc9b6466656e7c970ecc9975 505201a6c476fd331b29239c31c9c2aa91e372a5583dd27d20436722fb162988 Loading...

	french-stream.bio/	50 kB	2023-03-07	2024-02-24
Pretty URL french-stream.bio/ IP 104.21.3.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:24:37 Last Seen2024-02-24 14:06:15 Times Seen25 Hash 76126ec59d0675e369170d153e308cdd 967a691747d60454ed7364c47590aacd8e81a0e8 9fb9ecb25b583185933ef541e70f16963a50fc35f026705edc9b046b8900a2d1 Loading...

	s4.histats.com/stats/0.php?4714088&@f16&@g1&@h1&@i1&@j1675671385790&@k0&@l1&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:165164066&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w	52 B	2023-03-13	2023-03-13
Pretty URL s4.histats.com/stats/0.php?4714088&@f16&@g1&@h1&@i1&@j1675671385790&@k0&@l1&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:165164066&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w IP 149.56.240.31 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:16:56 Last Seen2023-03-13 18:16:56 Times Seen1 Hash fcdf8907cf0b7cc7dfc521d3ea5e0fef 71970cec31f9f1d03f2bc9da97f31a6455be369d 62aebe3e28948d924787005549fa1166948472c085b308cc57374f7080fd85ad Loading...

	french-stream.bio/	424 B	2023-03-07	2023-06-16
Pretty URL french-stream.bio/ IP 104.21.3.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:38 Last Seen2023-06-16 00:34:10 Times Seen10 Hash 8dd154427b92a9c8077f7674cccc0e82 5b485b5632380298b55dc7d56566c1df7bafbe9c 09ecfc95b1d33394bb4cd3fff3646721d68ae8c13fd65a03da1384bf5242cbe6 Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-04-26
Pretty URL banquetunarmedgrater.com/advertisers.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 19:29:48 Times Seen37098844 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	instinctcringe.com/a9/ee/1e/a9ee1e1419a0c187eb575678af89b77e.js	60 kB	2023-03-13	2023-03-13
Pretty URL instinctcringe.com/a9/ee/1e/a9ee1e1419a0c187eb575678af89b77e.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:16:56 Last Seen2023-03-13 18:16:56 Times Seen1 Hash a4fa001642905ec655e167949c1e4ace 1b9a16a73e3099e453dd305421680e66b936c133 c769f455259d396186b60e480c33a6a56386bef1416709ee6bf10ad2ea19b57b Loading...

	french-stream.bio/	1.4 kB	2023-03-13	2023-03-13
Pretty URL french-stream.bio/ IP 104.21.3.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:16:56 Last Seen2023-03-13 18:16:56 Times Seen1 Hash 52f48a4495848c3d9035ad68684a54d5 3af6ea085f42ca299a2af11581483f3fe467ad6d 47010b97e6410f7778b441812dfbd79c8cdbad4e4888350ea975b00ab31fe333 Loading...

	http:blank	580 B	2023-03-13	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:16:56 Last Seen2023-03-13 18:16:56 Times Seen1 Hash c7202b262277dde7678645302652ba57 16e199cc49bda99bdcb9693aebd6d961904a15be 777417ec07e076eb5730f0bb89b741a25e861d4334e0f622ca0e5637d7c58d8a Loading...

HTTP Transactions (95)

URL IP Response Size

french-stream.bio/

104.21.3.78

301 Moved Permanently

0 B

URL HTTP/1.1
french-stream.bio/
IP
104.21.3.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: french-stream.bio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 08:15:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Feb 2023 09:15:39 GMT
Location: https://french-stream.bio/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBtxjCej7oJV%2Bj9l2ter2NvxyJL%2BLpDeAJG7mOwS0YpIdf%2BH6AlRVzZvAA23YudV9CuThz9hIsAKVw%2FCg4bO5EKF4uRr4%2BlGIXJ24%2BQTh3bWaWEMD4lmMHqKlmyAPPkHYHGULw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795270703c72b50c-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12182
Expires: Mon, 06 Feb 2023 11:38:41 GMT
Date: Mon, 06 Feb 2023 08:15:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15621
Expires: Mon, 06 Feb 2023 12:36:00 GMT
Date: Mon, 06 Feb 2023 08:15:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2930
Expires: Mon, 06 Feb 2023 09:04:29 GMT
Date: Mon, 06 Feb 2023 08:15:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 07:34:03 GMT
content-type: application/json
age: 2496
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: IAFVgD4uxZunl5o+6HamcZV/6BND5A399cOy4STO7uSQluOL0JXaebZ5G+B3AGk0FXXlfari2Uk=
x-amz-request-id: HAWC2MZBHFHJN21A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 07:53:37 GMT
age: 1322
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/VRBsIpud9_Q

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/VRBsIpud9_Q
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
31187dbdcaa21d98db1b2027abb32976
68b6b70be46d892d50a2ddc4c4ebbc7c29e3af24
b17d269adfbf860433d3a820b608768c7360258aec7bdae9c4387c96f8575d4a

HTTP Headers

POST /s/gts1p5/VRBsIpud9_Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 08:15:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 08:15:39 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/VRBsIpud9_Q

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/VRBsIpud9_Q
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
31187dbdcaa21d98db1b2027abb32976
68b6b70be46d892d50a2ddc4c4ebbc7c29e3af24
b17d269adfbf860433d3a820b608768c7360258aec7bdae9c4387c96f8575d4a

HTTP Headers

POST /s/gts1p5/VRBsIpud9_Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 08:15:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.imgur.com/TdlZHWi.jpg

151.101.84.193

200 OK

23 kB

URL HTTP/2
i.imgur.com/TdlZHWi.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 303x480, components 3\012- data
Size
23 kB (23002 bytes)
Hash
e4a660b1b096d9032a8928783344efef
304d3739ebff0e910848f43df200678734dd0627
61dc937a13bf0a4481fa942461deee83fbffc94b41e39f553db5774e88a73a3c

HTTP Headers

GET /TdlZHWi.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 23 Jan 2023 22:54:52 GMT
etag: "e4a660b1b096d9032a8928783344efef"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 1156847
x-served-by: cache-iad-kiad7000044-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 16, 1
x-timer: S1675671340.156700,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 23002
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 08:15:40 GMT
Last-Modified: Mon, 06 Feb 2023 06:46:54 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

i.imgur.com/v2WrjXn.jpg

151.101.84.193

200 OK

90 kB

URL HTTP/2
i.imgur.com/v2WrjXn.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 400x634, components 3\012- data
Size
90 kB (89885 bytes)
Hash
1d40291a845522d77b52acc66ea01119
4d847a02b6d7836c0b4e00a0c45d66c4f7babbd9
acce2c5f5e7fef1c3996fc7bb7f08d701c072c333fbfc6c49809d09deccc01a0

HTTP Headers

GET /v2WrjXn.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 06 Jan 2023 17:11:28 GMT
etag: "1d40291a845522d77b52acc66ea01119"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2646253
x-served-by: cache-iad-kiad7000043-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 4583, 1
x-timer: S1675671340.156916,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 89885
X-Firefox-Spdy: h2

french-stream.bio/

104.21.3.78

200 OK

38 kB

URL HTTP/2
french-stream.bio/
IP
104.21.3.78:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (20037)
Size
38 kB (37475 bytes)
Hash
d2faa480b112c2d8a97bb0e1fa0bb3a6
479b8eb5c57cb6a37f2a479ef92311ce3ec62d09
dcaee47bc3ca2c118c4ab2f924c06e6f94a4a539f5c0965d2e93bc5bf0460ec0

HTTP Headers

GET / HTTP/1.1
Host: french-stream.bio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:39 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjNY6GleEM%2FhHr%2BTVfOAkJYisLhif%2BOBfn2MSxFDeSr1tBRZiipXNj33ztGvbVQbSbU%2B9XW9t0j%2BlnsMVhgwif1ZWau2fKu8dH%2FnibgbdR6EsNVuzevdQOslqg5yuUAk%2BRRYoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79527071bdeab4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

i.imgur.com/VoIBs7E.jpg

151.101.84.193

200 OK

25 kB

URL HTTP/2
i.imgur.com/VoIBs7E.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 326x480, components 3\012- data
Size
25 kB (25362 bytes)
Hash
12f1e9340e4210c31435f84bc5e72b5d
4ee506c34cedfdc1cc16fdb4a9c885f9427be342
8b4ecda086bbfbd145a365ed983a94f5534f6b210339ba93b746db3cec7a6d74

HTTP Headers

GET /VoIBs7E.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 18:33:20 GMT
etag: "12f1e9340e4210c31435f84bc5e72b5d"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2848918
x-served-by: cache-iad-kiad7000109-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 6136, 1
x-timer: S1675671340.157319,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 25362
X-Firefox-Spdy: h2

i.imgur.com/Ph4AUg1.jpg

151.101.84.193

200 OK

23 kB

URL HTTP/2
i.imgur.com/Ph4AUg1.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, progressive, precision 8, 310x420, components 3\012- data
Size
23 kB (22854 bytes)
Hash
2b497ec7bee5ece9470853b7845a44fb
7306cb5fa9ef0ec7ec2b0ccdbaca66187441c997
8237db56e81d0d518e216ef86286f9a3d0a5d993134c4cdce0d1a61bf54e03e6

HTTP Headers

GET /Ph4AUg1.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 05:19:45 GMT
etag: "2b497ec7bee5ece9470853b7845a44fb"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 573628
x-served-by: cache-iad-kjyo7100177-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 557, 1
x-timer: S1675671340.165194,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 22854
X-Firefox-Spdy: h2

i.imgur.com/HKjXKtf.jpg

151.101.84.193

200 OK

25 kB

URL HTTP/2
i.imgur.com/HKjXKtf.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 300x400, components 3\012- data
Size
25 kB (24991 bytes)
Hash
b50a1d0277ce59ff18bbc58351507a5c
64f0bd4a3d3be90db2ebce6794b340eb46d37127
6d0b0611da11682d906ba8f8d1e59e5c249454aebf4821bb271775787badfe80

HTTP Headers

GET /HKjXKtf.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 09:40:57 GMT
etag: "b50a1d0277ce59ff18bbc58351507a5c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 1530776
x-served-by: cache-iad-kiad7000174-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 10188, 1
x-timer: S1675671340.165086,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 24991
X-Firefox-Spdy: h2

i.imgur.com/Jrqj7Os.jpg

151.101.84.193

200 OK

20 kB

URL HTTP/2
i.imgur.com/Jrqj7Os.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 300x445, components 3\012- data
Size
20 kB (19692 bytes)
Hash
12463d133e7d04398b446a2bb24af552
960d2517d2bb623cc85581a414cdf99c839d3b13
1abf2f247068d2727c056c979b0c37e703c46956d9722c9e647aaceb72cbf5c3

HTTP Headers

GET /Jrqj7Os.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 09:40:23 GMT
etag: "12463d133e7d04398b446a2bb24af552"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2395371
x-served-by: cache-iad-kcgs7200159-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 19149, 1
x-timer: S1675671340.165110,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 19692
X-Firefox-Spdy: h2

i.imgur.com/qSKhqeG.jpg

151.101.84.193

200 OK

26 kB

URL HTTP/2
i.imgur.com/qSKhqeG.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 324x480, components 3\012- data
Size
26 kB (26194 bytes)
Hash
7c0aec027243cdad32714f4decec0f8b
7ec57a9300cb5e8d19df8f2405a6e02c55c0d3b2
bca78ee8df47313be514984e9070facfa966128e936d227b8bb7e9f0170d5087

HTTP Headers

GET /qSKhqeG.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 18 Dec 2022 16:48:17 GMT
etag: "7c0aec027243cdad32714f4decec0f8b"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 1530321
x-served-by: cache-iad-kiad7000174-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 366, 1
x-timer: S1675671340.166276,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 26194
X-Firefox-Spdy: h2

i.imgur.com/ODU7HLw.jpg

151.101.84.193

200 OK

27 kB

URL HTTP/2
i.imgur.com/ODU7HLw.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 324x480, components 3\012- data
Size
27 kB (26824 bytes)
Hash
d8629ddc9864a661494ec520158a6944
5bd524c3c5d9d2dd911cd1c2247cbef64cab8189
61123654855557ba19568619ea99372210e22323d2e262fab4224746e4ad611c

HTTP Headers

GET /ODU7HLw.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 03 Feb 2023 12:56:46 GMT
etag: "d8629ddc9864a661494ec520158a6944"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 242242
x-served-by: cache-iad-kiad7000105-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 31, 1
x-timer: S1675671340.165991,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 26824
X-Firefox-Spdy: h2

i.imgur.com/bvcwjOW.jpeg

151.101.84.193

200 OK

28 kB

URL HTTP/2
i.imgur.com/bvcwjOW.jpeg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x593, components 3\012- data
Size
28 kB (27895 bytes)
Hash
ed4506623dbb39643fd3f863c02b736e
c1ebcae24af491bad252a8b198eb8089f5f83225
2c6c0b00c92bc49e25a8f48ca72002b05c6923c03c3a39618ffbb9b3c1a9a977

HTTP Headers

GET /bvcwjOW.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 26 May 2022 23:29:00 GMT
etag: "ed4506623dbb39643fd3f863c02b736e"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 10204011
x-served-by: cache-iad-kiad7000173-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 26208, 1
x-timer: S1675671340.165477,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 27895
X-Firefox-Spdy: h2

i.imgur.com/Cu1tfbx.jpg

151.101.84.193

200 OK

38 kB

URL HTTP/2
i.imgur.com/Cu1tfbx.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 300x416, components 3\012- data
Size
38 kB (37659 bytes)
Hash
1583cdbaf20e292fcdb97f4ca714dfb8
398156303663edf286bb95295181df779062a757
651edbcc5492ea13e424966e220b8512a5bc224763ec7de58ea60f0706e99096

HTTP Headers

GET /Cu1tfbx.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 09:41:46 GMT
etag: "1583cdbaf20e292fcdb97f4ca714dfb8"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 3286368
x-served-by: cache-iad-kiad7000088-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 9812, 2970
x-timer: S1675671340.165008,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 37659
X-Firefox-Spdy: h2

i.imgur.com/EbrqrEk.jpg

151.101.84.193

200 OK

40 kB

URL HTTP/2
i.imgur.com/EbrqrEk.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, progressive, precision 8, 310x420, components 3\012- data
Size
40 kB (40427 bytes)
Hash
334c965afa5358a77a18430b29a6929e
1de6eb613cba63a5bd833e0441955e3e69a3e9f5
4ad5d3478510412b571dcbc6b5322b829ac7af6b02ee4d730cbb8e7ce10d6274

HTTP Headers

GET /EbrqrEk.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 04 Feb 2023 19:03:09 GMT
etag: "334c965afa5358a77a18430b29a6929e"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 133952
x-served-by: cache-iad-kiad7000079-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 35, 1
x-timer: S1675671340.164889,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 40427
X-Firefox-Spdy: h2

i.imgur.com/XXjCHLQ.jpg

151.101.84.193

200 OK

32 kB

URL HTTP/2
i.imgur.com/XXjCHLQ.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 320x480, components 3\012- data
Size
32 kB (32496 bytes)
Hash
9f07088f86dc98d64455c399c9e38249
4cae319381ab71420932d381839045c0aaa14fac
9739d6b1c0ee232b9a48190ff309fc76a4ae9bee03b31fdcd8c87d90f15edb44

HTTP Headers

GET /XXjCHLQ.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 30 Jan 2023 22:01:16 GMT
etag: "9f07088f86dc98d64455c399c9e38249"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 555263
x-served-by: cache-iad-kjyo7100105-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 24, 1
x-timer: S1675671340.164898,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 32496
X-Firefox-Spdy: h2

i.imgur.com/hWy8SFy.jpg

151.101.84.193

200 OK

23 kB

URL HTTP/2
i.imgur.com/hWy8SFy.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 300x450, components 3\012- data
Size
23 kB (22559 bytes)
Hash
04ce18ebd0822e4f173ffd8c916b919f
a30c24fb09f93f3ab80e850bf0baf05844006754
e1dba1c52ea7201c2b4dbf7c8e151ff1a6941949f8c26a6725788827240bf46b

HTTP Headers

GET /hWy8SFy.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 09:41:16 GMT
etag: "04ce18ebd0822e4f173ffd8c916b919f"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 3256172
x-served-by: cache-iad-kiad7000134-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 9796, 1
x-timer: S1675671340.165064,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 22559
X-Firefox-Spdy: h2

i.imgur.com/EoOqPyD.jpg

151.101.84.193

200 OK

22 kB

URL HTTP/2
i.imgur.com/EoOqPyD.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 300x444, components 3\012- data
Size
22 kB (22108 bytes)
Hash
04b6185a424a58177d274731e9109221
b80a8e6d34441d1239f266d84dbdb91ab7ca7abe
274602141d024ae0dbaa4dac644b88a6760cb485a9b5ca3ec6dd9210ef5b3457

HTTP Headers

GET /EoOqPyD.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 09:41:33 GMT
etag: "04b6185a424a58177d274731e9109221"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 3265592
x-served-by: cache-iad-kiad7000118-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 15712, 1
x-timer: S1675671340.165027,VS0,VE7
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 22108
X-Firefox-Spdy: h2

i.imgur.com/OQIqwn9.jpg

151.101.84.193

200 OK

48 kB

URL HTTP/2
i.imgur.com/OQIqwn9.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 400x600, components 3\012- data
Size
48 kB (47611 bytes)
Hash
09e72a8e9c5678535bf24caf44fa63b4
984d17730f797c3cd98d0bc2320be0598dba5fca
a4575286c8170aa72909634eb0ecdab8823d2221ebcdc40b83692856e73514c1

HTTP Headers

GET /OQIqwn9.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 01:02:33 GMT
etag: "09e72a8e9c5678535bf24caf44fa63b4"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 457987
x-served-by: cache-iad-kiad7000167-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 52, 1
x-timer: S1675671340.164924,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 47611
X-Firefox-Spdy: h2

i.imgur.com/BZgTOqR.jpg

151.101.84.193

200 OK

33 kB

URL HTTP/2
i.imgur.com/BZgTOqR.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 333x480, components 3\012- data
Size
33 kB (33426 bytes)
Hash
8244bddb3cc427800d96908f9e86f5d6
74952122e36f5cc6e46a7e75756229a52f7e1a70
ff15647a998768ac77a449681da6f2ea16ca45dccdcd859cb17e200f1b6763ea

HTTP Headers

GET /BZgTOqR.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 08 Jun 2022 13:06:05 GMT
etag: "8244bddb3cc427800d96908f9e86f5d6"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2849927
x-served-by: cache-iad-kcgs7200041-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 12620, 1
x-timer: S1675671340.165656,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 33426
X-Firefox-Spdy: h2

i.imgur.com/0ziils8.jpg

151.101.84.193

200 OK

44 kB

URL HTTP/2
i.imgur.com/0ziils8.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 320x480, components 3\012- data
Size
44 kB (44202 bytes)
Hash
1519588815af5e89dd5ddb3d30fa90f9
4ce1823b9ae937b9a2927714357430e9b4a2e37e
b8e018ca93aba77322b675e19deff3b02b3bd7fef8f8a38c85a11832d737218b

HTTP Headers

GET /0ziils8.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 13 Jan 2023 09:07:25 GMT
etag: "1519588815af5e89dd5ddb3d30fa90f9"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2070453
x-served-by: cache-iad-kiad7000149-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 25, 1
x-timer: S1675671340.166038,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 44202
X-Firefox-Spdy: h2

i.imgur.com/Hiw0HAt.jpg

151.101.84.193

200 OK

30 kB

URL HTTP/2
i.imgur.com/Hiw0HAt.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 326x480, components 3\012- data
Size
30 kB (29932 bytes)
Hash
3f789d0bdb7b1aaf7d1a5b68c0a1e8c4
64e07d519ede3d46ab32c578e88a350bcf8fb35c
23179bf8e182fe5e0c9ed6910fe585bfeb7deba8728f88884ccfdf5fa3389b6d

HTTP Headers

GET /Hiw0HAt.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 11 Jan 2023 16:47:57 GMT
etag: "3f789d0bdb7b1aaf7d1a5b68c0a1e8c4"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2215646
x-served-by: cache-iad-kcgs7200061-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 29, 1
x-timer: S1675671340.166000,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 29932
X-Firefox-Spdy: h2

i.imgur.com/AXsLuA5.jpg

151.101.84.193

200 OK

76 kB

URL HTTP/2
i.imgur.com/AXsLuA5.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 299x420, components 3\012- data
Size
76 kB (76119 bytes)
Hash
251cc12a3db0ca3980b4c2cc010a85ab
13b8d70bd524cd2ec574f8cec43ad69de8a95004
af0c885d87bf028df5b81dbb58f0142b94812bf09ff45987d4ba002c69db9585

HTTP Headers

GET /AXsLuA5.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 13 Sep 2022 23:42:05 GMT
etag: "251cc12a3db0ca3980b4c2cc010a85ab"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2857085
x-served-by: cache-iad-kiad7000169-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 6671, 1
x-timer: S1675671340.157190,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 76119
X-Firefox-Spdy: h2

i.imgur.com/GtLOP6d.jpg

151.101.84.193

200 OK

50 kB

URL HTTP/2
i.imgur.com/GtLOP6d.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 354x480, components 3\012- data
Size
50 kB (49593 bytes)
Hash
1dc4eafaa85a8a3408e3be1c12fbcf2c
01dbd63e0d784fd60b449525c9949209fa24acbb
f6b4384bf80630324caadfb5dd6f4ece653ff799601cbb49d03fddc72fdb8469

HTTP Headers

GET /GtLOP6d.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 19:46:44 GMT
etag: "1dc4eafaa85a8a3408e3be1c12fbcf2c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2767354
x-served-by: cache-iad-kiad7000173-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 18111, 1
x-timer: S1675671340.165157,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 49593
X-Firefox-Spdy: h2

i.imgur.com/2SzcS8W.jpeg

151.101.84.193

200 OK

57 kB

URL HTTP/2
i.imgur.com/2SzcS8W.jpeg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x593, components 3\012- data
Size
57 kB (57396 bytes)
Hash
5103f63f2a03f43a8dcc570ecd09dcf1
fd30230445736b1a891ae6b3b8ee6ff25a905eaa
e29f12c16dbcf9200be57d41e7db43e701df0e034797e6ff7fc6db16d45d569f

HTTP Headers

GET /2SzcS8W.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 15 May 2022 23:22:33 GMT
etag: "5103f63f2a03f43a8dcc570ecd09dcf1"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 3257249
x-served-by: cache-iad-kcgs7200127-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 9796, 1
x-timer: S1675671340.157639,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 57396
X-Firefox-Spdy: h2

i.imgur.com/eTrmdf4.jpeg

151.101.84.193

200 OK

54 kB

URL HTTP/2
i.imgur.com/eTrmdf4.jpeg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x600, components 3\012- data
Size
54 kB (54549 bytes)
Hash
5a246daa77b1a26d84e38e85b8cac31b
0ea7f5b0262a2207c9c2c078e7cc5734a9345a79
10753ae98a5cc0f087390aad23470a601bdd0863d0b6d345b72180791dcaf253

HTTP Headers

GET /eTrmdf4.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 01:01:57 GMT
etag: "5a246daa77b1a26d84e38e85b8cac31b"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2853491
x-served-by: cache-iad-kcgs7200121-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 12706, 1
x-timer: S1675671340.158352,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 54549
X-Firefox-Spdy: h2

i.imgur.com/GWoJZty.jpg

151.101.84.193

200 OK

72 kB

URL HTTP/2
i.imgur.com/GWoJZty.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 400x560, components 3\012- data
Size
72 kB (72457 bytes)
Hash
3c2cce035543177df38552808735259c
306c1bf4be433d7394a8f24a5331eb324e97e1c2
ddba8d6bf4966fda02850aeeba2f89a51d41f80d4aadbb9f8224a1292513f93d

HTTP Headers

GET /GWoJZty.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 17:16:59 GMT
etag: "3c2cce035543177df38552808735259c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 1033227
x-served-by: cache-iad-kiad7000144-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 5695, 1
x-timer: S1675671340.157482,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 72457
X-Firefox-Spdy: h2

i.imgur.com/vUmXMi4.png

151.101.84.193

200 OK

99 kB

URL HTTP/2
i.imgur.com/vUmXMi4.png
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
PNG image data, 350 x 525, 8-bit colormap, non-interlaced\012- data
Size
99 kB (99441 bytes)
Hash
7e0b15bf911e005517d3458b99da6b96
dfe4b0bd2619ca92cbf18bec12938c89e0990bc8
6ed438920510f7430209912c466c5fb69e014789908546f4e5ee1c196d155e01

HTTP Headers

GET /vUmXMi4.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 09 Jan 2023 04:20:41 GMT
etag: "7e0b15bf911e005517d3458b99da6b96"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2391565
x-served-by: cache-iad-kcgs7200103-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 7559, 1
x-timer: S1675671340.157807,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 99441
X-Firefox-Spdy: h2

i.imgur.com/dDtR5Zq.jpg

151.101.84.193

200 OK

106 kB

URL HTTP/2
i.imgur.com/dDtR5Zq.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 400x600, components 3\012- data
Size
106 kB (105709 bytes)
Hash
49af6ba2e6f41377178a265305d0edc9
bcbf56c1566b2ed638c3715f27c7ac1a7b24e896
651fd53ebf56213fd046874927cf3e9e1c79621910736f26cf7ad96f8cefd5bd

HTTP Headers

GET /dDtR5Zq.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 03 Feb 2023 19:40:33 GMT
etag: "49af6ba2e6f41377178a265305d0edc9"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 218107
x-served-by: cache-iad-kiad7000031-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 1
x-timer: S1675671340.164952,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 105709
X-Firefox-Spdy: h2

i.imgur.com/N8bLBB7.jpg

151.101.84.193

200 OK

106 kB

URL HTTP/2
i.imgur.com/N8bLBB7.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 640x948, components 3\012- data
Size
106 kB (106220 bytes)
Hash
513b22f1afb5e01fd5153b11eb351b48
f2d2888fd30cf21302191a0d1c47f6991b9a51c7
8f462213da298a91abef9da66bf89d9c4c33c069b6f424e1ed1232bfe9ede93b

HTTP Headers

GET /N8bLBB7.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 15 Jan 2023 07:11:21 GMT
etag: "513b22f1afb5e01fd5153b11eb351b48"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 1904660
x-served-by: cache-iad-kcgs7200068-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 5246, 1
x-timer: S1675671340.164844,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 106220
X-Firefox-Spdy: h2

i.imgur.com/yZi90ku.jpg

151.101.84.193

200 OK

123 kB

URL HTTP/2
i.imgur.com/yZi90ku.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, progressive, precision 8, 540x800, components 3\012- data
Size
123 kB (123042 bytes)
Hash
b254e4f63d598a28cd1f0f6c9ce3e63e
a8e4997656601eacdc893aba802d007d331fe96a
ba0f91ac16f2f3891dec2b7e416233a02404cd2f6c51a33bc417bf01882368a7

HTTP Headers

GET /yZi90ku.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 15 Jan 2023 07:07:42 GMT
etag: "b254e4f63d598a28cd1f0f6c9ce3e63e"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 1904878
x-served-by: cache-iad-kiad7000088-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 44, 1487
x-timer: S1675671340.164817,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 123042
X-Firefox-Spdy: h2

i.imgur.com/f4LQgti.jpg

151.101.84.193

200 OK

135 kB

URL HTTP/2
i.imgur.com/f4LQgti.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 400x623, components 3\012- data
Size
135 kB (135446 bytes)
Hash
1f9f3c53996ff2c4ed0aa3133b8763f2
46785a0713f2daedb306b774209422f1864b27f5
adb66890486157034c3240521b5fc8cb5c0ed2e2fcedd264c1435b10253c4b3f

HTTP Headers

GET /f4LQgti.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 04 Dec 2022 00:23:47 GMT
etag: "1f9f3c53996ff2c4ed0aa3133b8763f2"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 2325897
x-served-by: cache-iad-kcgs7200043-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 22448, 1
x-timer: S1675671340.158071,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 135446
X-Firefox-Spdy: h2

i.imgur.com/CzAZTYI.jpg

151.101.84.193

200 OK

119 kB

URL HTTP/2
i.imgur.com/CzAZTYI.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 400x593, components 3\012- data
Size
119 kB (119190 bytes)
Hash
bd4391839ff17cd0ceeb645eee3a4f4c
28c9d40f092cd26d362ec9e578b73fa97633a009
4010f51267cfda49b1a07aaa6ed19012d1f81258ad5ceae7acd3bc4d0138f418

HTTP Headers

GET /CzAZTYI.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 23 Jan 2023 20:41:20 GMT
etag: "bd4391839ff17cd0ceeb645eee3a4f4c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 06 Feb 2023 08:15:40 GMT
age: 1164859
x-served-by: cache-iad-kcgs7200094-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 42, 1
x-timer: S1675671340.164869,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 119190
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:40 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 204432
expires: Sat, 27 Jan 2024 08:15:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlycmTxvHHqNY8ze7uiJBOR5XR7AIGqMfh4lbMzO0s7CsKOryNW2hCGtpj9JdIGT9XqLAE4E2jvwmgZer%2FNBlyxXPOMLVqlbzAnaSKt1TwQyqQ%2F1w%2BjL9Lc%2BvJ4%2BDqcqV4h2BorF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79527074bb1bb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 08:15:40 GMT
Last-Modified: Mon, 06 Feb 2023 06:46:54 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 08:07:20 GMT
age: 500
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12637
Expires: Mon, 06 Feb 2023 11:46:17 GMT
Date: Mon, 06 Feb 2023 08:15:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1a751872759a90740e4a44e0204522e1
eedce66964dda5ea13ab40d9cbea05361b549d81
b35bd7fbc829cdf5dc111f50784292e45b4a33d827d4ae4637a1fd6185632ff9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B35BD7FBC829CDF5DC111F50784292E45B4A33D827D4AE4637A1FD6185632FF9"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17512
Expires: Mon, 06 Feb 2023 13:07:32 GMT
Date: Mon, 06 Feb 2023 08:15:40 GMT
Connection: keep-alive

push.services.mozilla.com/

54.191.251.76

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.191.251.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0hVhyNK+sWllQR1q1gJI3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I4pvCGvr8pmuqWKh73nVR86qSlA=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9d937db3688fe8975b5116d5c973c8e
34b4ef300eb433086834ce0c9cb4b593390aed07
36badbebcfd948410143e8e804771f4af26d23c5a0fe74581b88f63703910dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36BADBEBCFD948410143E8E804771F4AF26D23C5A0FE74581B88F63703910DCE"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3427
Expires: Mon, 06 Feb 2023 09:12:47 GMT
Date: Mon, 06 Feb 2023 08:15:40 GMT
Connection: keep-alive

instinctcringe.com/a9/ee/1e/a9ee1e1419a0c187eb575678af89b77e.js

192.243.59.13

200 OK

20 kB

URL HTTP/1.1
instinctcringe.com/a9/ee/1e/a9ee1e1419a0c187eb575678af89b77e.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with very long lines (59922), with no line terminators
Size
20 kB (20483 bytes)
Hash
9f48ee469602c0755cac415e315f393a
a079d40b401be3c7c01603b81f4c7bf55d418e2c
cf1383b6db3ac0ae5e303dc874e5fe2a5ca563d7544a27e03df408412db642d5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /a9/ee/1e/a9ee1e1419a0c187eb575678af89b77e.js HTTP/1.1
Host: instinctcringe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 06 Feb 2023 08:15:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94610d9f7fa2a41d4fb2d55371c57550
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

instinctcringe.com/fc/17/6f/fc176fe82169234bdc18cf5f1a9ffe82.js

192.243.59.13

200 OK

13 kB

URL HTTP/1.1
instinctcringe.com/fc/17/6f/fc176fe82169234bdc18cf5f1a9ffe82.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37184), with no line terminators
Size
13 kB (13428 bytes)
Hash
bf1df94a0de05cd779ee24465527740a
275e0137e4073cbe6dba62d85e9c5cfc2abe6986
8b49c71b2be911fed9f906765c35c334be8963d1cc102728b43d023243ad60cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fc/17/6f/fc176fe82169234bdc18cf5f1a9ffe82.js HTTP/1.1
Host: instinctcringe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 06 Feb 2023 08:15:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 08f1c47b7a4ffb91fa2ce4c13e90b182
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
d78afea3244fcbc9f75d23035d38db9b
fa62310ca27a4e4c48f55da85442925c6c5b033c
47b8b1a427b8fb7aadbacad1efca1920a64999a1939ca5891d542d7b18c779ee

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "47B8B1A427B8FB7AADBACAD1EFCA1920A64999A1939CA5891D542D7B18C779EE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6863
Expires: Mon, 06 Feb 2023 10:10:04 GMT
Date: Mon, 06 Feb 2023 08:15:41 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2b9fa7773944abe31f5a0d2c89fcf83f
dd497be3ec7fff255da6600a2d92c45d0f4b9a50
68342c1715a25165c46c7832671ce7d31cc3afeda203b110c999875bb79ba116

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108472
Date: Mon, 06 Feb 2023 08:15:41 GMT
Etag: "63dfaf99-1d7"
Expires: Tue, 07 Feb 2023 14:23:33 GMT
Last-Modified: Sun, 05 Feb 2023 13:31:05 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UPZfqzA5y8x5Iz0AHFAkKKTKOGGbDv5AFsD-cAfsTsrrsKu1hDNE1g==
Age: 3148

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2b9fa7773944abe31f5a0d2c89fcf83f
dd497be3ec7fff255da6600a2d92c45d0f4b9a50
68342c1715a25165c46c7832671ce7d31cc3afeda203b110c999875bb79ba116

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108472
Date: Mon, 06 Feb 2023 08:15:41 GMT
Etag: "63dfaf99-1d7"
Expires: Tue, 07 Feb 2023 14:23:33 GMT
Last-Modified: Sun, 05 Feb 2023 13:31:05 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZF7_XCvaPErj5lD2W2RoxTbMFpLh93ZriLr83XOaNjIUvRu5_Ri3-g==
Age: 3148

simplewebanalysis.com/stats

35.156.167.37

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.156.167.37:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
08f65f9e7632c226943daa6850fa5094
514b71e771cc831127eccfeffabb978bf54cee51
ac54e4fef92066296b2e4704b7cb403f5e918f6a8520eab76b4b7c1a9a704a2e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://french-stream.bio
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:41 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://french-stream.bio
access-control-allow-credentials: true
set-cookie: uid_id2=7f8b6ec4-c9ee-42e5-b771-67deca4d433c:3:1; expires=Thu, 03 Feb 2033 08:15:41 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

35.156.167.37

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.156.167.37:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
630260fdbef53e6396e5f5e53563f435
e9a7af254bf9ac723154283ef8fc51f091fd57cf
dab1448d0195d67ca97576b7c45894c2de4f24e2b87ca88589d1380601d09397

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://french-stream.bio
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:41 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://french-stream.bio
access-control-allow-credentials: true
set-cookie: uid_id2=e0590127-3fc4-40ff-814e-84093c76094b:3:1; expires=Thu, 03 Feb 2033 08:15:41 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

2.4 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
2.4 kB (2376 bytes)
Hash
cad8afe6b05703898b662e5a7f183bcd
cc28f06a9d3365b34504b2e367d60aff430a312c
8cf779c7f48d8f6d522a3d583b22350a8f2cb07d05d489ec519aa25b798e9a0a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E97BB4F9C31760527104C46561CE2C7DC7ECE405C660B4F16660C78CC8A892F"
Last-Modified: Sat, 04 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Mon, 06 Feb 2023 09:34:27 GMT
Date: Mon, 06 Feb 2023 08:15:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
173178f73b30dcae542a8d87e3dc718c
6371b093fbb92107fcfa160dd4655824f72c91d9
8f63e5a7116a2456f60943faf54e945bd498f982adf60ea8e005e24fbf689f32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F63E5A7116A2456F60943FAF54E945BD498F982ADF60EA8E005E24FBF689F32"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20113
Expires: Mon, 06 Feb 2023 13:50:54 GMT
Date: Mon, 06 Feb 2023 08:15:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
173178f73b30dcae542a8d87e3dc718c
6371b093fbb92107fcfa160dd4655824f72c91d9
8f63e5a7116a2456f60943faf54e945bd498f982adf60ea8e005e24fbf689f32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F63E5A7116A2456F60943FAF54E945BD498F982ADF60EA8E005E24FBF689F32"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20113
Expires: Mon, 06 Feb 2023 13:50:54 GMT
Date: Mon, 06 Feb 2023 08:15:41 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
d78afea3244fcbc9f75d23035d38db9b
fa62310ca27a4e4c48f55da85442925c6c5b033c
47b8b1a427b8fb7aadbacad1efca1920a64999a1939ca5891d542d7b18c779ee

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "47B8B1A427B8FB7AADBACAD1EFCA1920A64999A1939CA5891D542D7B18C779EE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6863
Expires: Mon, 06 Feb 2023 10:10:04 GMT
Date: Mon, 06 Feb 2023 08:15:41 GMT
Connection: keep-alive

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:14:34 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 96798539
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

192.243.59.12

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 06 Feb 2023 08:15:41 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f7c29169a3237ef3e5dfc26ed06c7c77
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bb2c93ee8b2a932302aec1210e880008
d2bdefbb2462b4a594cf3110aa54a32731d50f5c
9ec112aff9ae61d8176221898ad4fb40a3793623e36fae5e5aa81b789a994a3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EC112AFF9AE61D8176221898AD4FB40A3793623E36FAE5E5AA81B789A994A3E"
Last-Modified: Mon, 06 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15722
Expires: Mon, 06 Feb 2023 12:37:43 GMT
Date: Mon, 06 Feb 2023 08:15:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7208
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 08:15:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7208
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 08:15:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7208
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 08:15:42 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13230 bytes)
Hash
a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 37539
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11481 bytes)
Hash
f0f48a44e1aece8d271028a7b0684cac
9f7247a3bb9248cd281c568ebba6e52b38b00149
0a34b5dc66f170403e79b2315a7cacef1703ce3777a20914525f86d46c0cd637

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11481
x-amzn-requestid: b50de2d1-c23b-4908-8fc3-e84eea0382a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRFL-oAMFnSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-0254cda141886e0f39e8f8b3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIJ6iTpVC0gVV6Q0dd_-ZTWkwm3q0vP52N3088Rd7O9pb8D39XfnBg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:55:31 GMT
age: 37211
etag: "9f7247a3bb9248cd281c568ebba6e52b38b00149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9779 bytes)
Hash
352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:57:24 GMT
age: 37098
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9808 bytes)
Hash
ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 36288
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8929 bytes)
Hash
d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:11:05 GMT
age: 36277
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7851 bytes)
Hash
13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F-bdQPU-zYhIlXtxcW_TiqE8ifPg3i0cg8gFuvJSfwoMDTe-Hqy1jg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:47 GMT
age: 36775
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

deficitsilverdisability.com/sbar.json?key=fc176fe82169234bdc18cf5f1a9ffe82&uuid=e0590127-3fc4-40ff-814e-84093c76094b%3A3%3A1

192.243.61.227

200 OK

4.5 kB

URL HTTP/1.1
deficitsilverdisability.com/sbar.json?key=fc176fe82169234bdc18cf5f1a9ffe82&uuid=e0590127-3fc4-40ff-814e-84093c76094b%3A3%3A1
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (6257), with no line terminators
Size
4.5 kB (4484 bytes)
Hash
afaa5ab3edfb9d1dc2537f49876258ee
2693e0126e718202546dfa98c2f670dac90f75ff
818f2efed05b9e9abe2eacb635bdbf102637eedbbfc29fe4b037f6a487696d12

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=fc176fe82169234bdc18cf5f1a9ffe82&uuid=e0590127-3fc4-40ff-814e-84093c76094b%3A3%3A1 HTTP/1.1
Host: deficitsilverdisability.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://french-stream.bio
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 06 Feb 2023 08:15:42 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://french-stream.bio
Access-Control-Allow-Origin: https://french-stream.bio
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17133577; expires=Tue, 07 Feb 2023 08:15:42 GMT; secure; SameSite=None
uid_id2=e0590127-3fc4-40ff-814e-84093c76094b:3:1; expires=Mon, 13 Feb 2023 08:15:42 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 07 Feb 2023 08:15:42 GMT; secure; SameSite=None
uncs=1; expires=Tue, 07 Feb 2023 08:15:42 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 07 Feb 2023 08:15:42 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 07 Feb 2023 08:15:42 GMT; secure; SameSite=None
slecfc176fe82169234bdc18cf5f1a9ffe82=[3986545]; expires=Mon, 06 Feb 2023 08:15:47 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d56dfc6f7ba235bcd36d8f899a418fb7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

s4.histats.com/stats/0.php?4714088&@f16&@g1&@h1&@i1&@j1675671385790&@k0&@l1&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:165164066&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w

149.56.240.31

200 OK

52 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4714088&@f16&@g1&@h1&@i1&@j1675671385790&@k0&@l1&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:165164066&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w
IP
149.56.240.31:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
52 B (52 bytes)
Hash
fcdf8907cf0b7cc7dfc521d3ea5e0fef
71970cec31f9f1d03f2bc9da97f31a6455be369d
62aebe3e28948d924787005549fa1166948472c085b308cc57374f7080fd85ad

HTTP Headers

GET /stats/0.php?4714088&@f16&@g1&@h1&@i1&@j1675671385790&@k0&@l1&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:165164066&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 08:15:42 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close

s4.histats.com/stats/0.php?4714088&@f16&@g0&@h2&@i1&@j1675671385796&@k6&@l2&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:128993536&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w

149.56.240.31

200 OK

52 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4714088&@f16&@g0&@h2&@i1&@j1675671385796&@k6&@l2&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:128993536&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w
IP
149.56.240.31:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
52 B (52 bytes)
Hash
fcdf8907cf0b7cc7dfc521d3ea5e0fef
71970cec31f9f1d03f2bc9da97f31a6455be369d
62aebe3e28948d924787005549fa1166948472c085b308cc57374f7080fd85ad

HTTP Headers

GET /stats/0.php?4714088&@f16&@g0&@h2&@i1&@j1675671385796&@k6&@l2&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:128993536&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 08:15:42 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close

s4.histats.com/stats/0.php?4642117&@f16&@g1&@h1&@i1&@j1675671385790&@k0&@l1&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-194651728&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w

149.56.240.31

200 OK

52 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4642117&@f16&@g1&@h1&@i1&@j1675671385790&@k0&@l1&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-194651728&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w
IP
149.56.240.31:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
52 B (52 bytes)
Hash
1451690fddf42af021411e9ed143b65b
741817bd0769f3790dec09e0fdb7890b6a188759
5d46c1a898c8bfb124dd7c5c33b722aafcfc8eab70148996c0502457945f3821

HTTP Headers

GET /stats/0.php?4642117&@f16&@g1&@h1&@i1&@j1675671385790&@k0&@l1&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-194651728&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 08:15:42 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close

s4.histats.com/stats/0.php?4642117&@f16&@g0&@h2&@i1&@j1675671385796&@k6&@l2&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:22011740&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w

149.56.240.31

200 OK

52 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4642117&@f16&@g0&@h2&@i1&@j1675671385796&@k6&@l2&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:22011740&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w
IP
149.56.240.31:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
52 B (52 bytes)
Hash
1451690fddf42af021411e9ed143b65b
741817bd0769f3790dec09e0fdb7890b6a188759
5d46c1a898c8bfb124dd7c5c33b722aafcfc8eab70148996c0502457945f3821

HTTP Headers

GET /stats/0.php?4642117&@f16&@g0&@h2&@i1&@j1675671385796&@k6&@l2&@mFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20Streaming%20Complet&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:22011740&@b3:1675671386&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffrench-stream.bio%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 08:15:42 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close

deficitsilverdisability.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3t0cZE%2BKIB6EPnhQMJPqmZ7MtBHCxt1IcE3C7krAk9X1Y1Kmp6ut6p6eBA%2FRBdmLMJ702HmTbFAX2T3tSZSJF8lBHAXJweifIAieZSYDwTrU9%2BN9h%2Fe99316UJwTioKdbb5j9nSSsIVmjfqvbOlUmNL56%2Ff8gNbokr%2Bl08Vwye9PPtt7PaDNGn3Vf0vyHbNQpwGlAQ38VW2lMv2FKQqdPYqCWkRrYb0WNEP07f9rV3hwzIPonZPnoMV4bvunJ9B8hLT7%2BKZ0O7nJXrvVLRKWG4ueOH433UlNmaJ7mSrrQaXHs2kYNybkyysw6fFsA5je4WQDxHpMvN8DxOnxjCbi3tEF0ziBTBGL6yh7I8hkBM1G4OY%2BtPiFAFxgfQNp9%2BG6sSXbvUDZBB2Ta%2F%2F%2BA12OybU%2Fnkfa%2FXYl0X3%2FrkmKXJvUoa8q6P4IujNCVpwg3%2FOgyxPw%2FBNoQZB2K2hx9rKkzYgG9dZ8Q%2FFwPqRKzbeDUM63Qxo1eGuRRmE8lUbrEbQaIZEDMHcVhfNQaA%2BF8lBkHrrizGfNSFHaUrFqNNoh57zR4LzZXhRN0QjbiqLgE%2B4D5NkAPBmA231kdh87egBb%2FAC3XcEJDy4n6IkKpSQoHUHJCEpNUOYEZa86Eomru%2BqhSFwRB7NYn8VGNTR554AdmbwjU3KQnZNnJ4J5c9kz2JFnvuJBa1HJdj1YjOqNMBY8aHPVVAGL1KQNpytodwXMedjTY%2FJCdgvZxMX3byBmJ3DJCbj2wIqXwMphq07Btodhm2IvfaysTPn2vMutZN2alRCmQpbPId%2F1DpJz8uLUvDd%2B%2BxCSny4%2F%2FWzjzyXxHritkNkKH%2BgfCTrJg%2BEdU5LDO6Z05MlGluuu3mMTY%2B%2FmLJfXvn5b7pbGirWbbvDVDT4BJumje9Llt1kqdNpx5JsVLYS0q8ZySb5bc1sy3izc9kph0yK7vfnm6lo3s9I5bdIRmB4T8vFH4HpMrnvp9Gj9nzvQdgRbVOgWp2T2oM0JeLYPl50ufzHj7wyBTS5n4sxDWVRDW48vm4kmSORlzeIKTl6KEMvT7%2F%2B%2BwA7cA3SsB5bfn55qz1boJRVYMoArrg7zzJ4u%2F9qYPsSJN4wT6x3GiU0%2BvxDX6TNfNhVVktZlrKJYtRgVkQqjmEWBbMVNFiB3Y%2F7X09p%2FAAAA%2F%2F8BAAD%2F%2F14BPpiMBAAA

192.243.61.227

200 OK

7 B

URL HTTP/1.1
deficitsilverdisability.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3t0cZE%2BKIB6EPnhQMJPqmZ7MtBHCxt1IcE3C7krAk9X1Y1Kmp6ut6p6eBA%2FRBdmLMJ702HmTbFAX2T3tSZSJF8lBHAXJweifIAieZSYDwTrU9%2BN9h%2Fe99316UJwTioKdbb5j9nSSsIVmjfqvbOlUmNL56%2Ff8gNbokr%2Bl08Vwye9PPtt7PaDNGn3Vf0vyHbNQpwGlAQ38VW2lMv2FKQqdPYqCWkRrYb0WNEP07f9rV3hwzIPonZPnoMV4bvunJ9B8hLT7%2BKZ0O7nJXrvVLRKWG4ueOH433UlNmaJ7mSrrQaXHs2kYNybkyysw6fFsA5je4WQDxHpMvN8DxOnxjCbi3tEF0ziBTBGL6yh7I8hkBM1G4OY%2BtPiFAFxgfQNp9%2BG6sSXbvUDZBB2Ta%2F%2F%2BA12OybU%2Fnkfa%2FXYl0X3%2FrkmKXJvUoa8q6P4IujNCVpwg3%2FOgyxPw%2FBNoQZB2K2hx9rKkzYgG9dZ8Q%2FFwPqRKzbeDUM63Qxo1eGuRRmE8lUbrEbQaIZEDMHcVhfNQaA%2BF8lBkHrrizGfNSFHaUrFqNNoh57zR4LzZXhRN0QjbiqLgE%2B4D5NkAPBmA231kdh87egBb%2FAC3XcEJDy4n6IkKpSQoHUHJCEpNUOYEZa86Eomru%2BqhSFwRB7NYn8VGNTR554AdmbwjU3KQnZNnJ4J5c9kz2JFnvuJBa1HJdj1YjOqNMBY8aHPVVAGL1KQNpytodwXMedjTY%2FJCdgvZxMX3byBmJ3DJCbj2wIqXwMphq07Btodhm2IvfaysTPn2vMutZN2alRCmQpbPId%2F1DpJz8uLUvDd%2B%2BxCSny4%2F%2FWzjzyXxHritkNkKH%2BgfCTrJg%2BEdU5LDO6Z05MlGluuu3mMTY%2B%2FmLJfXvn5b7pbGirWbbvDVDT4BJumje9Llt1kqdNpx5JsVLYS0q8ZySb5bc1sy3izc9kph0yK7vfnm6lo3s9I5bdIRmB4T8vFH4HpMrnvp9Gj9nzvQdgRbVOgWp2T2oM0JeLYPl50ufzHj7wyBTS5n4sxDWVRDW48vm4kmSORlzeIKTl6KEMvT7%2F%2B%2BwA7cA3SsB5bfn55qz1boJRVYMoArrg7zzJ4u%2F9qYPsSJN4wT6x3GiU0%2BvxDX6TNfNhVVktZlrKJYtRgVkQqjmEWBbMVNFiB3Y%2F7X09p%2FAAAA%2F%2F8BAAD%2F%2F14BPpiMBAAA
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3t0cZE%2BKIB6EPnhQMJPqmZ7MtBHCxt1IcE3C7krAk9X1Y1Kmp6ut6p6eBA%2FRBdmLMJ702HmTbFAX2T3tSZSJF8lBHAXJweifIAieZSYDwTrU9%2BN9h%2Fe99316UJwTioKdbb5j9nSSsIVmjfqvbOlUmNL56%2Ff8gNbokr%2Bl08Vwye9PPtt7PaDNGn3Vf0vyHbNQpwGlAQ38VW2lMv2FKQqdPYqCWkRrYb0WNEP07f9rV3hwzIPonZPnoMV4bvunJ9B8hLT7%2BKZ0O7nJXrvVLRKWG4ueOH433UlNmaJ7mSrrQaXHs2kYNybkyysw6fFsA5je4WQDxHpMvN8DxOnxjCbi3tEF0ziBTBGL6yh7I8hkBM1G4OY%2BtPiFAFxgfQNp9%2BG6sSXbvUDZBB2Ta%2F%2F%2BA12OybU%2Fnkfa%2FXYl0X3%2FrkmKXJvUoa8q6P4IujNCVpwg3%2FOgyxPw%2FBNoQZB2K2hx9rKkzYgG9dZ8Q%2FFwPqRKzbeDUM63Qxo1eGuRRmE8lUbrEbQaIZEDMHcVhfNQaA%2BF8lBkHrrizGfNSFHaUrFqNNoh57zR4LzZXhRN0QjbiqLgE%2B4D5NkAPBmA231kdh87egBb%2FAC3XcEJDy4n6IkKpSQoHUHJCEpNUOYEZa86Eomru%2BqhSFwRB7NYn8VGNTR554AdmbwjU3KQnZNnJ4J5c9kz2JFnvuJBa1HJdj1YjOqNMBY8aHPVVAGL1KQNpytodwXMedjTY%2FJCdgvZxMX3byBmJ3DJCbj2wIqXwMphq07Btodhm2IvfaysTPn2vMutZN2alRCmQpbPId%2F1DpJz8uLUvDd%2B%2BxCSny4%2F%2FWzjzyXxHritkNkKH%2BgfCTrJg%2BEdU5LDO6Z05MlGluuu3mMTY%2B%2FmLJfXvn5b7pbGirWbbvDVDT4BJumje9Llt1kqdNpx5JsVLYS0q8ZySb5bc1sy3izc9kph0yK7vfnm6lo3s9I5bdIRmB4T8vFH4HpMrnvp9Gj9nzvQdgRbVOgWp2T2oM0JeLYPl50ufzHj7wyBTS5n4sxDWVRDW48vm4kmSORlzeIKTl6KEMvT7%2F%2B%2BwA7cA3SsB5bfn55qz1boJRVYMoArrg7zzJ4u%2F9qYPsSJN4wT6x3GiU0%2BvxDX6TNfNhVVktZlrKJYtRgVkQqjmEWBbMVNFiB3Y%2F7X09p%2FAAAA%2F%2F8BAAD%2F%2F14BPpiMBAAA HTTP/1.1
Host: deficitsilverdisability.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Cookie: u_pl=17133577; uid_id2=e0590127-3fc4-40ff-814e-84093c76094b:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 06 Feb 2023 08:15:42 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 69d88c7773da9c23406cd5ccfcde4d14
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
28722a81dd6194f41bee4e8714bd4af3
181ca47fb7d681257ceae92c3af80ed0f8798088
13d9f4e4a5e2ea847b2593614f3c1cda45bfe22913b3f76dcbefddb50c94b532

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13D9F4E4A5E2EA847B2593614F3C1CDA45BFE22913B3F76DCBEFDDB50C94B532"
Last-Modified: Sun, 05 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7637
Expires: Mon, 06 Feb 2023 10:22:59 GMT
Date: Mon, 06 Feb 2023 08:15:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a2b34a5ab39090966561af64d7a5062
61f66d0325867f7d6218de5825e10a2908ce6cbe
7e3806c006494bcdd4e242c64865357f743a5eaac7e366fade7b98251b5c7838

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E3806C006494BCDD4E242C64865357F743A5EAAC7E366FADE7B98251B5C7838"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14382
Expires: Mon, 06 Feb 2023 12:15:24 GMT
Date: Mon, 06 Feb 2023 08:15:42 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6eac904305f0af9ac8425ba6638af743
6cc700dcc996020985e64492e8d9df7c498d861b
97a04042d25ff5aba9e8e6b99828405fc609275c375530f777a4a5d57e4cede3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "97A04042D25FF5ABA9E8E6B99828405FC609275C375530F777A4A5D57E4CEDE3"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16843
Expires: Mon, 06 Feb 2023 12:56:26 GMT
Date: Mon, 06 Feb 2023 08:15:43 GMT
Connection: keep-alive

cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png

172.64.166.9

200 OK

4.0 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Size
4.0 kB (4022 bytes)
Hash
23e9690b0e7ac26868363a6248f44467
d7ad0eae64e0c1e65b12eda0aa9d2b91996dd64f
f362c67320d739ccf3bea21f857b9620075bd20ceacda8c51261b9612fe28395

HTTP Headers

GET /sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:43 GMT
content-type: image/png
content-length: 4022
last-modified: Wed, 17 Feb 2021 11:46:53 GMT
etag: "602d022d-fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7151037
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJOzkqjW5Cfmj%2Bfz%2BkkmwFKUVGE8OqGuHSeAR%2FnVX0pVFCb2vDOWEUsTGm68x8zvV%2F7vjB0bx3Hl73Cv38I1nrovRfsRh5hVtX8gFaVm8WT7iBJlioWgLQTpA5sH3GG2%2Bt23pwWJMyo8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795270866de471f8-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 08:15:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

friendshipmale.com/sfp.js

104.21.234.93

200 OK

28 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.93:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27464 bytes)
Hash
af68dd67a3fc86b6b2876537fa1b5ea3
97bd102af7081f12d25f09d481b283d09e4474a1
39030798cecd604474ac494e6dc1067acd012adb8c79b6efbe062aeb270907ed

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:41 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 094e8f8498945c933f7997c042be7d80
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 06 Feb 2023 08:15:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jw61bUixTFU855xrCUd8ePk%2Bb%2Bo5WB3u2DNZK6NKt4Nc3t9qOfGkKlyJQa6ZTs9AUeXDbxojR8UQJzy5%2FJWF8Wh6bCuMQbyNT24%2FngAoL0DBycf6nTWPTvyF9YYRYz3UnwMrtzo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7952707ab8a088bb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=e0590127-3fc4-40ff-814e-84093c76094b&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a9ee1e1419a0c187eb575678af89b77e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=e0590127-3fc4-40ff-814e-84093c76094b&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a9ee1e1419a0c187eb575678af89b77e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=e0590127-3fc4-40ff-814e-84093c76094b&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a9ee1e1419a0c187eb575678af89b77e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 06 Feb 2023 08:15:43 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0dbec32e8a89ecb714777aca6b2743ef
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=e0590127-3fc4-40ff-814e-84093c76094b&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=fc176fe82169234bdc18cf5f1a9ffe82&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=e0590127-3fc4-40ff-814e-84093c76094b&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=fc176fe82169234bdc18cf5f1a9ffe82&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=e0590127-3fc4-40ff-814e-84093c76094b&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=fc176fe82169234bdc18cf5f1a9ffe82&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 06 Feb 2023 08:15:43 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 98b910a90600e519535747acc82c466a
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/js/script.js

172.64.166.9

200 OK

1.3 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/js/script.js
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.3 kB (1320 bytes)
Hash
ddc84c6a29f3677ea2a7d98bfe7cf7a2
46758d63a888642427b4e874a4420c543d555192
d0fb6531492d00b6ff83951f93d81f50774469a9c93f2280ff9082a555f50956

HTTP Headers

GET /sb/notifications/software/us/windows/flash-all/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://french-stream.bio
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:43 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:46:52 GMT
etag: W/"602d022c-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 184009
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLC9tfbOAigiLyW9juCBczkhz1oH6SMYfs5TC1B39r%2FicE0iagfOlAFaUBVWN5ucqvfJuWVjUKkfZwtuyMCJEWM5RS0%2FRHkeZkBJyWUcxPdNEo%2FxEPWLLaW08QgprSxQ4zsjEZSTZ2mt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795270864db971f8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css

172.64.166.9

200 OK

2.0 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.0 kB (2001 bytes)
Hash
49db4e974ab2f581a94c79d51f3565e1
470ee2f33c0c60fc2fce65d4a61e2a22744b2ae8
e3c8ed37b128aff50f012fe51736969983fb26c4e563c75113a3ecbedbe343e3

HTTP Headers

GET /sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://french-stream.bio
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:43 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 11:41:22 GMT
etag: W/"614c67e2-160c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 184009
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nF7dkTgxE2hr4pdrXq3T6koSYQW6UzM6ftfFnGNeqD48L2f2tY%2BJR5GB62XzXObA02gESISV5BY1qTO3KUS43SeD8v0ggavm6%2BoHqunpfGqJQCvqouX2fM6krBBgnwHSO5Kj67GIWWSQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795270864dba71f8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/0d/01/87/0d01878cf56694d07561db5af753a1bf/1675335150.png

45.133.44.9

200 OK

5.2 kB

URL HTTP/2
cdn.cloudimagesb.com/si/0d/01/87/0d01878cf56694d07561db5af753a1bf/1675335150.png
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5173 bytes)
Hash
cad4a522f8b593826d15ecb99fd1927e
5fc038fb15b5be5c23598ebfb21446a0a802da81
4adfaf89c9f857fa0877236d73749fc9872523a091a589932fa6662a51b7142b

HTTP Headers

GET /si/0d/01/87/0d01878cf56694d07561db5af753a1bf/1675335150.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:43 GMT
content-type: image/png
content-length: 5173
server: nginx/1.17.6
last-modified: Thu, 02 Feb 2023 10:52:38 GMT
etag: "63db95f6-1435"
expires: Wed, 08 Feb 2023 08:15:43 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 08:15:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://french-stream.bio
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 500797
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 08:15:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css

172.64.166.9

200 OK

21 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
21 kB (20559 bytes)
Hash
1d44bf59d7b1db14b3667331a65396ce
caac43ef644c7b4063647192bd0368c80eb2c67d
6e77e7e133f308d36f5dc1b99216c3bcb62041658f629b71c6eb966292260951

HTTP Headers

GET /sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://french-stream.bio
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:43 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:46:51 GMT
etag: W/"602d022b-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 184009
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMQJFyH%2BuwFlSEbOJ5Y576VBqsMl4bDPs%2Fi7lGq2N0f%2B92psgCIu9K6VK%2BY3ran1IAYIb6YokEVTGR3mHVsNguxazgK7ZUaebCKO5NtWJf0ZD4uz0f5LExdF9Mr1tbYBs6jo965SsqNO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795270862d9c71f8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 08:15:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

deficitsilverdisability.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3t0cZE%2BKIB6EPnhQMJPq6Z7MjBHCxt1IcE3C7krAk9VV1ZMyNV1tVff0JHiILshehPGkx86bZIO6yO5pT6JMvEgO4ihIDkb%2FBEHwLDMZCNahvh%2FvO7zvve%2FTg%2BKcUBTsbPMds6e0ZguNGvVf2VKpMKXz1%2B%2F5Aa3RJX9LpYvRkt%2BffLb3ekAbNfqq%2F5bkO2ahTgNKAxr4q8rKxPQXpihU9qgd1Nq0FtVrQSNC3%2F6%2FdoUHxzyI3jl5DkqM57Z%2FegLFR0i7j29Kt5Ob7LVb3UKz3Fj0xPG76U5qyhTdyzSxHpL0eDYN48aEfHkFJj2ebQDTO5xsgFiNifd7gDg9ntFE3Du6YBpryBSxuI6yN4LUIyg2Ajf3ocQvBOAC6xtIuw%2FXjS3Z7gXKJuiYXPv3H6hyTK798TzS7rcrWvX9u0YXuTKpQz%2BpoPojqM4IWXGCfM%2BDKk%2FA80%2BgBEHaraDE2cuSNto0qDfnw4RH8xFNkvlWEMn5VkTbIW8u0nYUT6VRagSVjKDlAMxdReE8FMpDkXgoMg9dceazRjuhtJnESRi2Is55GHLeaC2KhgijVkJR8An3AfJsAK4H4HYfmd3HjhrAFj%2FAbVdwwoPLCXqiQikJSkdQMoJSEZQ5QdmrjoR2dVc9FNoVcTCL9VkMq6HJOwfsyOQdmZKD7Jw8OxHMm8uewY488xMeNBcT2aoHi%2B16GMWCBy2eNJKAtZNJG05VUO4KmPOwp8bkhewWsomL799AzE7g9Am48sCKl8DKYbNOwbaHUYtiL32cWJny7XmXW8m6NSshTIUsn0O%2B6x3oc%2FLi1Lw3fvsQkp8uP%2F1s488l8R64rZDZCh%2BoHwk6%2BsHwjinJ4R1TOvJkI8tVV%2B2xibF3c5bLa1%2B%2FLXdLY8XaTTf46gafAJP00T3p8tssFSrtOPLNihJC2lVjuSTfrbktGW8WbnulsGmR3d58c3Wtm1npnDLpCEyNCfn4I3A1Jte9dHq0%2Fs8dKDuCLSp0i1Mye1DmBDzbh8tOl7%2BY8XeGwOrLmTjzUBbV0Nbjy6ZWBFpe1iyu4OSlCLE8%2Ff7vC%2BzAPUDHemD5%2Femp9myFnq7A9ACuuDrMM3u6%2FGs4fYi1N4y19Q5jbfXnF%2BI6deY3gki24laTCxFLLoJmPWyFlNaFiJptGbSRuzH%2F62ntPwAAAP%2F%2FAQAA%2F%2F9KCbB%2BjAQAAA%3D%3D

192.243.61.227

200 OK

7 B

URL HTTP/1.1
deficitsilverdisability.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3t0cZE%2BKIB6EPnhQMJPq6Z7MjBHCxt1IcE3C7krAk9VV1ZMyNV1tVff0JHiILshehPGkx86bZIO6yO5pT6JMvEgO4ihIDkb%2FBEHwLDMZCNahvh%2FvO7zvve%2FTg%2BKcUBTsbPMds6e0ZguNGvVf2VKpMKXz1%2B%2F5Aa3RJX9LpYvRkt%2BffLb3ekAbNfqq%2F5bkO2ahTgNKAxr4q8rKxPQXpihU9qgd1Nq0FtVrQSNC3%2F6%2FdoUHxzyI3jl5DkqM57Z%2FegLFR0i7j29Kt5Ob7LVb3UKz3Fj0xPG76U5qyhTdyzSxHpL0eDYN48aEfHkFJj2ebQDTO5xsgFiNifd7gDg9ntFE3Du6YBpryBSxuI6yN4LUIyg2Ajf3ocQvBOAC6xtIuw%2FXjS3Z7gXKJuiYXPv3H6hyTK798TzS7rcrWvX9u0YXuTKpQz%2BpoPojqM4IWXGCfM%2BDKk%2FA80%2BgBEHaraDE2cuSNto0qDfnw4RH8xFNkvlWEMn5VkTbIW8u0nYUT6VRagSVjKDlAMxdReE8FMpDkXgoMg9dceazRjuhtJnESRi2Is55GHLeaC2KhgijVkJR8An3AfJsAK4H4HYfmd3HjhrAFj%2FAbVdwwoPLCXqiQikJSkdQMoJSEZQ5QdmrjoR2dVc9FNoVcTCL9VkMq6HJOwfsyOQdmZKD7Jw8OxHMm8uewY488xMeNBcT2aoHi%2B16GMWCBy2eNJKAtZNJG05VUO4KmPOwp8bkhewWsomL799AzE7g9Am48sCKl8DKYbNOwbaHUYtiL32cWJny7XmXW8m6NSshTIUsn0O%2B6x3oc%2FLi1Lw3fvsQkp8uP%2F1s488l8R64rZDZCh%2BoHwk6%2BsHwjinJ4R1TOvJkI8tVV%2B2xibF3c5bLa1%2B%2FLXdLY8XaTTf46gafAJP00T3p8tssFSrtOPLNihJC2lVjuSTfrbktGW8WbnulsGmR3d58c3Wtm1npnDLpCEyNCfn4I3A1Jte9dHq0%2Fs8dKDuCLSp0i1Mye1DmBDzbh8tOl7%2BY8XeGwOrLmTjzUBbV0Nbjy6ZWBFpe1iyu4OSlCLE8%2Ff7vC%2BzAPUDHemD5%2Femp9myFnq7A9ACuuDrMM3u6%2FGs4fYi1N4y19Q5jbfXnF%2BI6deY3gki24laTCxFLLoJmPWyFlNaFiJptGbSRuzH%2F62ntPwAAAP%2F%2FAQAA%2F%2F9KCbB%2BjAQAAA%3D%3D
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3t0cZE%2BKIB6EPnhQMJPq6Z7MjBHCxt1IcE3C7krAk9VV1ZMyNV1tVff0JHiILshehPGkx86bZIO6yO5pT6JMvEgO4ihIDkb%2FBEHwLDMZCNahvh%2FvO7zvve%2FTg%2BKcUBTsbPMds6e0ZguNGvVf2VKpMKXz1%2B%2F5Aa3RJX9LpYvRkt%2BffLb3ekAbNfqq%2F5bkO2ahTgNKAxr4q8rKxPQXpihU9qgd1Nq0FtVrQSNC3%2F6%2FdoUHxzyI3jl5DkqM57Z%2FegLFR0i7j29Kt5Ob7LVb3UKz3Fj0xPG76U5qyhTdyzSxHpL0eDYN48aEfHkFJj2ebQDTO5xsgFiNifd7gDg9ntFE3Du6YBpryBSxuI6yN4LUIyg2Ajf3ocQvBOAC6xtIuw%2FXjS3Z7gXKJuiYXPv3H6hyTK798TzS7rcrWvX9u0YXuTKpQz%2BpoPojqM4IWXGCfM%2BDKk%2FA80%2BgBEHaraDE2cuSNto0qDfnw4RH8xFNkvlWEMn5VkTbIW8u0nYUT6VRagSVjKDlAMxdReE8FMpDkXgoMg9dceazRjuhtJnESRi2Is55GHLeaC2KhgijVkJR8An3AfJsAK4H4HYfmd3HjhrAFj%2FAbVdwwoPLCXqiQikJSkdQMoJSEZQ5QdmrjoR2dVc9FNoVcTCL9VkMq6HJOwfsyOQdmZKD7Jw8OxHMm8uewY488xMeNBcT2aoHi%2B16GMWCBy2eNJKAtZNJG05VUO4KmPOwp8bkhewWsomL799AzE7g9Am48sCKl8DKYbNOwbaHUYtiL32cWJny7XmXW8m6NSshTIUsn0O%2B6x3oc%2FLi1Lw3fvsQkp8uP%2F1s488l8R64rZDZCh%2BoHwk6%2BsHwjinJ4R1TOvJkI8tVV%2B2xibF3c5bLa1%2B%2FLXdLY8XaTTf46gafAJP00T3p8tssFSrtOPLNihJC2lVjuSTfrbktGW8WbnulsGmR3d58c3Wtm1npnDLpCEyNCfn4I3A1Jte9dHq0%2Fs8dKDuCLSp0i1Mye1DmBDzbh8tOl7%2BY8XeGwOrLmTjzUBbV0Nbjy6ZWBFpe1iyu4OSlCLE8%2Ff7vC%2BzAPUDHemD5%2Femp9myFnq7A9ACuuDrMM3u6%2FGs4fYi1N4y19Q5jbfXnF%2BI6deY3gki24laTCxFLLoJmPWyFlNaFiJptGbSRuzH%2F62ntPwAAAP%2F%2FAQAA%2F%2F9KCbB%2BjAQAAA%3D%3D HTTP/1.1
Host: deficitsilverdisability.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Cookie: u_pl=17133577; uid_id2=e0590127-3fc4-40ff-814e-84093c76094b:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 06 Feb 2023 08:15:43 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3b59359ef6bdb35e574038684bb447bb
Strict-Transport-Security: max-age=0; includeSubdomains

deficitsilverdisability.com/pixel/sbs?c=1

192.243.61.227

200 OK

0 B

URL HTTP/1.1
deficitsilverdisability.com/pixel/sbs?c=1
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: deficitsilverdisability.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://french-stream.bio/
Cookie: u_pl=17133577; uid_id2=e0590127-3fc4-40ff-814e-84093c76094b:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 06 Feb 2023 08:15:43 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.barscreative1.com/sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html

45.133.44.3

200 OK

0 B

URL HTTP/2
cdn.barscreative1.com/sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html
IP
45.133.44.3:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://french-stream.bio
Connection: keep-alive
Referer: https://french-stream.bio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 08:15:42 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:28 GMT
etag: W/"6275e5b8-4b9"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 06 Feb 2023 09:15:42 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML