firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 21:36:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TsUlCHdLYLYMI9DPZH8xgQTRJ5I3iqyZcNB1Jm2mmMZ8PXTL4E7hZQ==
Age: 2415
wjstep.altervista.org/Sport/Bt_Sport_2
104.21.74.160301 Moved Permanently 254 B URL HTTP/1.1 wjstep.altervista.org/Sport/Bt_Sport_2
IP 104.21.74.160:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash db4b903529aed8c1ddbc5473e6eb02c3
10a0226ff3d4a6cf22a7b14731902f57b35e3ea3
8579d8027097c8cac4dd36d1e32409f3e98cc71153080458d4cf4027ec228731
GET /Sport/Bt_Sport_2 HTTP/1.1
Host: wjstep.altervista.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Sep 2022 22:16:36 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wjstep.altervista.org/Sport/Bt_Sport_2
Cache-Control: max-age=300
Expires: Fri, 02 Sep 2022 22:21:36 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbG6H4Cr0%2FXOA%2B3%2BcxgHY8fJlZAMGzM69RoCYHHNaz1Y0KGJxH2CyPpHfYqYEWV6iaAfUNALGgGX8fw6xccyPt7BTt5ojqHm1QbldDP54QCVAW%2F8%2FbuW50supSCyhxoqMBZCkyhT8wc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74499c67e9831bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11669
Expires: Sat, 03 Sep 2022 01:31:05 GMT
Date: Fri, 02 Sep 2022 22:16:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KuQX35eOvQ4_oc9Cvd075nDwR4DKdt6j4soTG2_tZBpPF1V6eoE9vA==
age: 75679
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 22:16:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d29d1a85130fd40c3918c1eba0266903
f2698862506f55ad676b80fa3219a209d829ced9
83b8cb810a8ea41661f2328a991f80a81f29986a2bc66a0adb1c0b944e0312a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "83B8CB810A8EA41661F2328A991F80A81F29986A2BC66A0ADB1C0B944E0312A1"
Last-Modified: Thu, 01 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17408
Expires: Sat, 03 Sep 2022 03:06:44 GMT
Date: Fri, 02 Sep 2022 22:16:36 GMT
Connection: keep-alive
i.imgur.com/Cv51EHb.jpg
151.101.84.193200 OK 311 kB IP 151.101.84.193:0
File type JPEG image data, baseline, precision 8, 1920x1280, components 3\012- data
Size 311 kB (310961 bytes)
Hash 0e58d31048e3f2d8c9d1c27381d6d6d1
4bb67eb4f866a6c3f1e9f482a054cafab0f96728
4cd592415f1ef8b6adefcc547a4f240565996d8c31bbcf5c2e0b49e8cf360119
GET /Cv51EHb.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wjstep.altervista.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 00:40:38 GMT
etag: "0e58d31048e3f2d8c9d1c27381d6d6d1"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 02 Sep 2022 22:16:36 GMT
age: 77759
x-served-by: cache-iad-kiad7000027-IAD, cache-bma1663-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1662156996.432412,VS0,VE108
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 310961
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 02 Sep 2022 21:38:16 GMT
Cache-Control: max-age=3600
Expires: Fri, 02 Sep 2022 22:21:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ztcY12xiwRJ3hWYTlzOcp7gDT5wUspXwPxr6PbMSFcBjxD-UVoVXNw==
Age: 2300
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d29d1a85130fd40c3918c1eba0266903
f2698862506f55ad676b80fa3219a209d829ced9
83b8cb810a8ea41661f2328a991f80a81f29986a2bc66a0adb1c0b944e0312a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "83B8CB810A8EA41661F2328A991F80A81F29986A2BC66A0ADB1C0B944E0312A1"
Last-Modified: Thu, 01 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17408
Expires: Sat, 03 Sep 2022 03:06:44 GMT
Date: Fri, 02 Sep 2022 22:16:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9e7ef6e28f249fc27b41895d37d41fcd
386e9ec22384b63169c8872a69db5fc37985cba0
241d10313541f191f3257d5baccb0e01f13f2cd596d78e8e0898074c83190a2e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "241D10313541F191F3257D5BACCB0E01F13F2CD596D78E8E0898074C83190A2E"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11669
Expires: Sat, 03 Sep 2022 01:31:05 GMT
Date: Fri, 02 Sep 2022 22:16:36 GMT
Connection: keep-alive
cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
151.101.85.229200 OK 1.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (3010), with no line terminators
Hash a11054242cca130db5848f4b9d3ffaed
e507f254838103754b661b0ce51b6db68b884fe3
38e2fd24956be6f20f42772000e2d5ee1d5c305b0815a86795f56eee9dd8e8b9
GET /npm/cdnbye@latest/dist/clappr-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.20.9
x-jsd-version-type: version
etag: W/"bc2-Zh9Ejh+gezJ0K1G3K4HjkkcIvTg"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Sep 2022 22:16:36 GMT
age: 3211
x-served-by: cache-fra19177-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1148
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
151.101.85.229200 OK 47 kB URL HTTP/2 cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 884d4c5385db2e38bd5a9295fbd20bc1
530559bbc2bea637b84f32cdc01ea138e3427d6f
b2e485b120792c407edc72e23a9bf50acb74e8584e064c10a3deeb83979e5267
GET /npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.20.9
x-jsd-version-type: version
etag: W/"2ae55-RYBAzl0MkNscylj6JLvFBnvo6Y4"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Sep 2022 22:16:36 GMT
age: 23016
x-served-by: cache-fra19124-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 46690
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9e7ef6e28f249fc27b41895d37d41fcd
386e9ec22384b63169c8872a69db5fc37985cba0
241d10313541f191f3257d5baccb0e01f13f2cd596d78e8e0898074c83190a2e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "241D10313541F191F3257D5BACCB0E01F13F2CD596D78E8E0898074C83190A2E"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11669
Expires: Sat, 03 Sep 2022 01:31:05 GMT
Date: Fri, 02 Sep 2022 22:16:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6275
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 22:16:36 GMT
Last-Modified: Fri, 02 Sep 2022 20:32:01 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash a1c4d4601bda495bf8cc83f1d19f83ad
049e37eb79b0ae39b0df5c60e9f5c97de66e7ba7
a7e8c49bf4a3d72ef9b9207fcf5c30307bb081e3d3f66ef7a8559716cb56434e
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 22:16:36 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "64467500D1944941BB249616EB1DD9A29A67A4D2"
Expires: Sat, 03 Sep 2022 09:00:00 GMT
Last-Modified: Fri, 02 Sep 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2177
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74499c6e88deb523-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5bb67337bc88b4b77fce885d0b1cce87
0b340c2c596052b059e57c64cc54524ff0693419
616eaf40c17e647d10e7dd1929af7ffbf7546dc70c753d43d3997231c89978e0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 22:16:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 05:22:27 GMT
Expires: Wed, 07 Sep 2022 05:22:26 GMT
Etag: "0b340c2c596052b059e57c64cc54524ff0693419"
Cache-Control: max-age=370548,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74499c6f496eb517-OSL
code.jquery.com/jquery-migrate-1.2.1.min.js
69.16.175.10200 OK 3.1 kB URL HTTP/2 code.jquery.com/jquery-migrate-1.2.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (7085)
Hash e1084a25976d8b8999acadc7350ffb48
99b723d38b78d8347e8dfa60193b12864a370227
b98359c65420aa3864d5b86ef94c4c9a5fb8c772a905884a5ba4ce55319a3d13
GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yourtehzeeb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:37 GMT
content-encoding: gzip
content-length: 3063
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1c1f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1662156997.dop228.sk1.t,1662156997.cds241.sk1.hn,1662156997.cds242.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js
151.101.85.229200 OK 503 B URL HTTP/2 cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js
IP 151.101.85.229:0
Hash 32557b2c326fe8cc67533075d2e2d7ad
a91cb7657b0b2524a703a52e3f0e11e9d020dd3b
d95dd6a760ff8bdef7d2a7148c50df14da9d8cfa8d179db78793f940b425ab8b
GET /npm/@clappr/player@0.4.0/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.4.0
x-jsd-version-type: version
etag: W/"72005-xDPIgqHJfOeFuHY26QsUErnjK9w"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Sep 2022 22:16:36 GMT
age: 2153565
x-served-by: cache-fra19133-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 126915
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.231.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.231.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4ANPAX6mUyR7rAfKEFuabA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vevPRQQCfKhY6wGQibaMjlr8yRE=
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e891a0c42b0ccb647b67304f7bf63063
acc9f958ec0df0e9e0304575995e51749ede428e
f8580ae94d4f6bd62a2567a49be02eac6418fa3481eecf912b376a2899639d95
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F8580AE94D4F6BD62A2567A49BE02EAC6418FA3481EECF912B376A2899639D95"
Last-Modified: Thu, 01 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16565
Expires: Sat, 03 Sep 2022 02:52:42 GMT
Date: Fri, 02 Sep 2022 22:16:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 20cc30f2a41f9c5e824ea46460548950
c153b447d44cbbe8f30d7f490605d1a430af20a1
0f8bb96e7dfd8a6bb3d7eae1a958195cb8ca9f20e0ad8cd952c34267ff0625f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 22:16:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-1.11.0.min.js
69.16.175.10200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.11.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32341)
Hash 665423f5df5f30d3e991653d594fd1cd
ad2be638c57e37aa00adacc89d233d70d5c5c927
fce13e871876bba3561cf18484a8f4fcab2d1b954079b78c1d8ff7a727583b33
GET /jquery-1.11.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yourtehzeeb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:37 GMT
content-encoding: gzip
content-length: 33357
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1787d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1662156997.dop228.sk1.t,1662156997.cds241.sk1.hn,1662156997.cds206.sk1.c
X-Firefox-Spdy: h2
celeritascdn.com/script/ut.js?cb=1662156995268
104.16.91.6200 OK 108 kB URL HTTP/2 celeritascdn.com/script/ut.js?cb=1662156995268
IP 104.16.91.6:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 108 kB (108286 bytes)
Hash 7294604ff8537a53ff7d33015a2bf997
7fd95010cd0ee2f261da8402401dca5451534701
5adee1404e34b833f3de49bd45803b5dec57d220204cfa9f26c626150e70e7df
GET /script/ut.js?cb=1662156995268 HTTP/1.1
Host: celeritascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:36 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduQc_-Q_yReIjFJgwVVT0zrYteLdYonr0bTqZ1yhOWtytGGRamRauYRrQSHeWt_hzZMc_u8V8APdTAv9p7CZxlNrfpK24t0
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sat, 03 Sep 2022 02:16:36 GMT
cache-control: public, max-age=14400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
cf-cache-status: HIT
age: 1507
vary: Accept-Encoding
server: cloudflare
cf-ray: 74499c6efba4b518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e891a0c42b0ccb647b67304f7bf63063
acc9f958ec0df0e9e0304575995e51749ede428e
f8580ae94d4f6bd62a2567a49be02eac6418fa3481eecf912b376a2899639d95
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F8580AE94D4F6BD62A2567A49BE02EAC6418FA3481EECF912B376A2899639D95"
Last-Modified: Thu, 01 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16565
Expires: Sat, 03 Sep 2022 02:52:42 GMT
Date: Fri, 02 Sep 2022 22:16:37 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 61491caa28f947ac73bf8e63dabd8744
2eccb029db27b36d822c4348680e1c4ce9d0733c
52077898472340568519d102c09faa8af4c28c68431b2c4fd666c8069169e2dd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 22:16:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 17:56:50 GMT
Expires: Wed, 07 Sep 2022 17:56:49 GMT
Etag: "2eccb029db27b36d822c4348680e1c4ce9d0733c"
Cache-Control: max-age=415811,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74499c70bb5db517-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 687 B IP 142.250.74.3:0
Hash 7961c8b4e0eceb9a00318c04ce85a842
ac0b76d6a26c845b66d9bbe08f500798b8d56a86
b08cf9e76bf8d9044532d121cfe2ba266cf6fee8bd0239e5c6cc4c072ff83644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 22:16:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.dtscout.com/i/?l=https%3A%2F%2Fcricplay2.xyz%2Fbt-sport-2&j=https%3A%2F%2Fwjstep.altervista.org%2F
158.69.139.237200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=https%3A%2F%2Fcricplay2.xyz%2Fbt-sport-2&j=https%3A%2F%2Fwjstep.altervista.org%2F
IP 158.69.139.237:0
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=https%3A%2F%2Fcricplay2.xyz%2Fbt-sport-2&j=https%3A%2F%2Fwjstep.altervista.org%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 02 Sep 2022 22:16:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: mtl2
Set-Cookie: m=1; Domain=dtscout.com; Expires=Fri, 02-Sep-2022 23:39:57 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Sat, 03-Sep-2022 02:16:37 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1662156997; Domain=dtscout.com; Expires=Sun, 11-Dec-2022 22:16:37 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 0.565
Expires: Fri, 02 Sep 2022 22:16:36 GMT
Cache-Control: no-cache
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5bb67337bc88b4b77fce885d0b1cce87
0b340c2c596052b059e57c64cc54524ff0693419
616eaf40c17e647d10e7dd1929af7ffbf7546dc70c753d43d3997231c89978e0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 22:16:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 05:22:27 GMT
Expires: Wed, 07 Sep 2022 05:22:26 GMT
Etag: "0b340c2c596052b059e57c64cc54524ff0693419"
Cache-Control: max-age=370548,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74499c70ece1b52d-OSL
beggarlyfilmingabreast.com/09/26/d1/0926d13b8e2958ba97c51a853544d3eb.js
192.243.59.12200 OK 37 kB URL HTTP/1.1 beggarlyfilmingabreast.com/09/26/d1/0926d13b8e2958ba97c51a853544d3eb.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash bf7c507fbe0abf9682ebd0e3f5777180
de452e165cdb262433d1b8ef51b8a0ce95327556
e7d2df4b5ac2809e902885a441c78f11dea1df490cdb05a8bda6bcbb2eedc177
Analyzer Verdict Alert quad9 Sinkholed
GET /09/26/d1/0926d13b8e2958ba97c51a853544d3eb.js HTTP/1.1
Host: beggarlyfilmingabreast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Sep 2022 22:16:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a9ddd1ecadfbebc663c94f10a080119a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
youradexchange.com/script/suurl4.php?r=5102671&cbur=0.40698579596482&cbiframe=1&cbWidth=860&cbHeight=484&cbtitle=&cbpage=https%3A%2F%2Fwjstep.altervista.org%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0
35.190.41.116200 OK 730 B URL HTTP/2 youradexchange.com/script/suurl4.php?r=5102671&cbur=0.40698579596482&cbiframe=1&cbWidth=860&cbHeight=484&cbtitle=&cbpage=https%3A%2F%2Fwjstep.altervista.org%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0
IP 35.190.41.116:0
File type JSON data\012- , ASCII text, with very long lines (901)
Hash 80c19f63a1ccc23e196b80dc432f76b4
495b0986dccb4b756a41cc9c4c90ed0ed64d482a
5ee84af4f102b5068d7abed06a7c37ac25332d9fb95ba40b44461ce09b196903
GET /script/suurl4.php?r=5102671&cbur=0.40698579596482&cbiframe=1&cbWidth=860&cbHeight=484&cbtitle=&cbpage=https%3A%2F%2Fwjstep.altervista.org%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cricplay2.xyz/
Origin: https://cricplay2.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 02 Sep 2022 22:16:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
celeritascdn.com/script/yzfdmoan.js
104.16.91.6200 OK 34 kB URL HTTP/2 celeritascdn.com/script/yzfdmoan.js
IP 104.16.91.6:0
Hash 6255f46e40fd45766967e2cbbed40845
46a6e266e59658010da69ad9fafdd84aba115a42
4065db16c13b4d5a88a7480c6bb560b4b7d4d369c9679da522767db33b5c9556
GET /script/yzfdmoan.js HTTP/1.1
Host: celeritascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:36 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsuTuJI-VJIb4q9Lm7khUcugBjE8RF8V_nO4Od2SG2Ofd813ttq3KKDXThWj9tYtVgrYZhMyv8r3drDSU8QSc0dtu3C1PYH
x-goog-generation: 1661773569261215
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100513
x-goog-hash: crc32c=WehUDA==, md5=9jHiYpdGH4yLDJgV+eejRA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sat, 03 Sep 2022 02:16:36 GMT
cache-control: public, max-age=14400
last-modified: Mon, 29 Aug 2022 11:46:09 GMT
etag: W/"f631e26297461f8c8b0c9815f9e7a344"
cf-cache-status: HIT
age: 988
vary: Accept-Encoding
server: cloudflare
cf-ray: 74499c6dca88b518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5f5fe4fd85bde182813d407a432affcc
c7a100e4b3a47d48db339cd5106ae960c86973be
4dd1da7a79548ad58a0a034a444f5eaa24032b1621dbff15b3fca8e3324e51fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DD1DA7A79548AD58A0A034A444F5EAA24032B1621DBFF15B3FCA8E3324E51FB"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13236
Expires: Sat, 03 Sep 2022 01:57:13 GMT
Date: Fri, 02 Sep 2022 22:16:37 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 797848c645dcc323aa01a1cc28a1376c
df8dfbb74c047699a37ac0d12d307ede104bbf72
6943eb9fbf099441d20214c206365026c24380abb84c633eca2a78fd8a9f3d25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6943EB9FBF099441D20214C206365026C24380ABB84C633ECA2A78FD8A9F3D25"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2982
Expires: Fri, 02 Sep 2022 23:06:19 GMT
Date: Fri, 02 Sep 2022 22:16:37 GMT
Connection: keep-alive
betzapdoson.com/tag.min.js
139.45.197.236200 OK 23 kB URL HTTP/2 betzapdoson.com/tag.min.js
IP 139.45.197.236:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2bcca47b514395305445f5b65eda282d
bff80dc9c075d67528268b130ac9cbe1538a85a5
8ff06199bbb26c15653f303c2b0fabbdb2213cc764b80b38ec0b5175315c1e97
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: betzapdoson.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yourtehzeeb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 22:16:37 GMT
content-type: text/javascript; charset=utf-8
content-length: 22989
content-encoding: br
x-trace-id: 2eae3da67629af6e56741e37d66bf607
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Thu, 01 Sep 2022 10:02:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.192.162.188200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.192.162.188:0
File type ASCII text, with no line terminators
Hash 429573e6fbff7c73ebc1a3803f380799
4bd2d4db123df98ea87c3c9c3a0370273fd164bc
f01cb0e18a1bf5e0b96310e717ee68874119369f4214455ed64527e7ba3fa048
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cricplay2.xyz
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cricplay2.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=70ea0e11-08df-46cd-a40e-7da3c56be9d5:3:1; expires=Mon, 30 Aug 2032 22:16:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 797848c645dcc323aa01a1cc28a1376c
df8dfbb74c047699a37ac0d12d307ede104bbf72
6943eb9fbf099441d20214c206365026c24380abb84c633eca2a78fd8a9f3d25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6943EB9FBF099441D20214C206365026C24380ABB84C633ECA2A78FD8A9F3D25"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2982
Expires: Fri, 02 Sep 2022 23:06:19 GMT
Date: Fri, 02 Sep 2022 22:16:37 GMT
Connection: keep-alive
t.dtscout.com/pv/?_a=v&_h=cricplay2.xyz&_ss=6lp050ueop&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=v84j&_cb=_dtspv.c
158.69.139.237200 OK 51 B URL HTTP/1.1 t.dtscout.com/pv/?_a=v&_h=cricplay2.xyz&_ss=6lp050ueop&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=v84j&_cb=_dtspv.c
IP 158.69.139.237:0
File type ASCII text, with no line terminators
Hash 0aaccd9572dd4dacb83a7d959652b7b0
7550c6c625d11c4f68947820d91a25721ac87f20
6532fcd8519753b5baa72a4b7fe9bcb4652ca47fd31d322f428bdc0c0012ca32
GET /pv/?_a=v&_h=cricplay2.xyz&_ss=6lp050ueop&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=v84j&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Cookie: m=1; oa=1; df=1662156997
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 02 Sep 2022 22:16:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.17
X-C: 0
Expires: Fri, 02 Sep 2022 22:16:36 GMT
Cache-Control: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4261de4025e72c048aeb08d1ca756b5d
d33f0ab03adf11fec652e2aad94a99667056dea0
27d0707fecd8849b7a0ad2539d5aa31f1093d3b65e377d4d621207a9c1658a5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "27D0707FECD8849B7A0AD2539D5AA31F1093D3B65E377D4D621207A9C1658A5F"
Last-Modified: Fri, 02 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6310
Expires: Sat, 03 Sep 2022 00:01:47 GMT
Date: Fri, 02 Sep 2022 22:16:37 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 41ea586f0e66dcd46f50ab3938543b12
d7a3d6a40066652fc85cdaab9e613246b6af4aab
60b133ec87e89ec28689b760f6ce265eee0e935dca93f42543885a05f8b19a79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 22:16:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 18:25:21 GMT
Expires: Thu, 08 Sep 2022 18:25:20 GMT
Etag: "d7a3d6a40066652fc85cdaab9e613246b6af4aab"
Cache-Control: max-age=503922,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74499c75286fb517-OSL
my.rtmark.net/gid.js?userId=a3d5269bd76f414dbb6dbcbf23249ba4
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=a3d5269bd76f414dbb6dbcbf23249ba4
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash edb711e86d2c83c8e0cb7d239cf945c0
c804bcb94aa16514b728f64cbcea594180194fac
c54bdbfb4e1aa2d2d3df5c28abf3cd4352ade361fb8a50231fe578f548470e95
GET /gid.js?userId=a3d5269bd76f414dbb6dbcbf23249ba4 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yourtehzeeb.com
Connection: keep-alive
Referer: https://yourtehzeeb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 22:16:38 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://yourtehzeeb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a3d5269bd76f414dbb6dbcbf23249ba4; expires=Sat, 02 Sep 2023 22:16:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 39a5549aceb58b1c694ddd5986465cc7
699df606bf270d06dd221d63a5ca64c28742183f
da58f7020688cbb582ceba8bf83c1d9ea6765c5b87c0e143f5b2c3e2955bd263
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA58F7020688CBB582CEBA8BF83C1D9EA6765C5B87C0E143F5B2C3E2955BD263"
Last-Modified: Thu, 01 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6093
Expires: Fri, 02 Sep 2022 23:58:11 GMT
Date: Fri, 02 Sep 2022 22:16:38 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yourtehzeeb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:07:49 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 472156983
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
virginyoungestrust.com/pixel/purst?dl=0&th=0&sc=0&rs=1218&rd=1218&fd=794&bv=22.8.v.2&tmpl=136
192.243.61.227200 OK 0 B URL HTTP/1.1 virginyoungestrust.com/pixel/purst?dl=0&th=0&sc=0&rs=1218&rd=1218&fd=794&bv=22.8.v.2&tmpl=136
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1218&rd=1218&fd=794&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: virginyoungestrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Sep 2022 22:16:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
waust.at/s.js
172.67.71.57200 OK 27 kB IP 172.67.71.57:0
File type ASCII text, with very long lines (8514), with no line terminators
Hash 22f23733d12c2841a9d811560e63a47f
dc80ca3de4c2c7efa9710f6a0727b207e1b7a4ca
a96a1b1dc2764be2ef37397f8b901157cc1d7037f578875e99e79285a0fbc942
GET /s.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:36 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Aug 2022 18:12:33 GMT
etag: W/"630d0191-2142"
expires: Sat, 03 Sep 2022 21:50:22 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 1574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7t92LAce4srVu789p80fGPO5OW4vr7bezLkh6FM%2FiDgoXqavhlETBPfYiW%2B%2BG0oGMan1aJ3U4vEI0vrCRZI%2Ft2riBZwOoYvcCiGD36h22iCR0%2F0k%2Bjt%2B9Xy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74499c6dad5a1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6386
Expires: Sat, 03 Sep 2022 00:03:04 GMT
Date: Fri, 02 Sep 2022 22:16:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6386
Expires: Sat, 03 Sep 2022 00:03:04 GMT
Date: Fri, 02 Sep 2022 22:16:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6386
Expires: Sat, 03 Sep 2022 00:03:04 GMT
Date: Fri, 02 Sep 2022 22:16:38 GMT
Connection: keep-alive
youradexchange.com/script/suurl4.php?r=6191154&cbur=0.10804652602786058&cbiframe=1&cbWidth=844&cbHeight=450&cbtitle=&cbpage=https%3A%2F%2Fcricplay2.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0
35.190.41.116200 OK 18 kB URL HTTP/2 youradexchange.com/script/suurl4.php?r=6191154&cbur=0.10804652602786058&cbiframe=1&cbWidth=844&cbHeight=450&cbtitle=&cbpage=https%3A%2F%2Fcricplay2.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0
IP 35.190.41.116:0
Hash 139a2de519319f4e933c5b156fa17487
b3d92135f3aa229ce71c6231890ffe8ae978b130
a8c380ff5ea67207bf2d4922ef8c254111dfe8cdebbbb42c4d1ce6976fe9a230
GET /script/suurl4.php?r=6191154&cbur=0.10804652602786058&cbiframe=1&cbWidth=844&cbHeight=450&cbtitle=&cbpage=https%3A%2F%2Fcricplay2.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yourtehzeeb.com/
Origin: https://yourtehzeeb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Sep 2022 22:16:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
weakya.com/script/yzfdmoan.js
172.67.139.85200 OK 45 kB URL HTTP/2 weakya.com/script/yzfdmoan.js
IP 172.67.139.85:0
File type Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Hash eefba7ea1234da9f2a5a423f49d5dbdb
7c2192b121f3d5e84ac938423ad98f14a36681a0
24ad233bf0b19e750c52bcecbdbd3f8c0afe4a63696be3ba73d154599384d698
GET /script/yzfdmoan.js HTTP/1.1
Host: weakya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:37 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdvTbuAnm5Cj2KNt9oXWuFsdpAaFgbOBqQJlq0fJD9i0DGbBNo82I4De9fbh9NYr8wMpUesLQREiJe_lWA7JxpjSnAkVG6la
x-goog-generation: 1661773569261215
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100513
x-goog-hash: crc32c=WehUDA==, md5=9jHiYpdGH4yLDJgV+eejRA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 02 Sep 2022 22:15:22 GMT
cache-control: public, max-age=14400
age: 3362
last-modified: Mon, 29 Aug 2022 11:46:09 GMT
etag: W/"f631e26297461f8c8b0c9815f9e7a344"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkfYFjghFiwAIgnFQPIAJVf4UUMy%2FCZH9OlfqQwnn7wN%2BQnyK721YRR6%2F38kzz4EYIExI4w7OOaRdo%2FPTLtQoH4s7fCy1nPnltY553BnEDcFh7yRZRa%2B5QfvdACx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74499c70a8a7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: et3ZsWRVoBNMpArUk9CohTyMpS5F0eKiR6cZJRfwAEiiFJUaeay58g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:44:28 GMT
age: 1930
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wLezqM4_yKqtOR7D43beBqm8TAD5y8eQ7xHOxjDJdHchCpyusuzMuQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:54:15 GMT
age: 1343
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
betzapdoson.com/5/5334444/?oo=1&aab=1
139.45.197.236200 OK 7.2 kB URL HTTP/2 betzapdoson.com/5/5334444/?oo=1&aab=1
IP 139.45.197.236:0
Hash c8c828e046e87873abdecd73347082ed
0c5c26caaeb52a885c639f6e3ffa2bcbfb2d7669
f6dd48e662eb696147fde465a752d837bccb6a6b26abf06a971a7c6b2b9a17a3
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5334444/?oo=1&aab=1 HTTP/1.1
Host: betzapdoson.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yourtehzeeb.com
Connection: keep-alive
Referer: https://yourtehzeeb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 22:16:37 GMT
content-type: application/json
x-trace-id: 7ea0c9f2ba2eaa91818e72ec15ad5a5b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://yourtehzeeb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=a3d5269bd76f414dbb6dbcbf23249ba4; expires=Sat, 02 Sep 2023 22:16:37 GMT; path=/; secure; SameSite=None
oaidts=1662156997; expires=Sat, 02 Sep 2023 22:16:37 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:48:18 GMT
age: 84500
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
209.192.156.100200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 209.192.156.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 02 Sep 2022 22:16:38 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f31b572971b7a6a818a5b0cf7a5e1f9f
Strict-Transport-Security: max-age=0; includeSubdomains
s4.histats.com/stats/0.php?4691506&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@myourtehzeeb.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2Fcricplay2.xyz%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:176342386&@b3:1662156996&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fyourtehzeeb.com%2Fstreamcr.php%3Fplayer%3Ddesktop%26live%3Dbbtsp2&@w
192.99.8.27200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4691506&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@myourtehzeeb.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2Fcricplay2.xyz%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:176342386&@b3:1662156996&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fyourtehzeeb.com%2Fstreamcr.php%3Fplayer%3Ddesktop%26live%3Dbbtsp2&@w
IP 192.99.8.27:0
File type ASCII text, with no line terminators
Hash d52c43bf10ea1ceaf7f785b0e24e694f
9939f05fe1d1b08a455106837522227a8990caa6
0be73fb32a8635ce1e891bd51c125e455dd023713222c9f65ad7c4bbf09c15e0
GET /stats/0.php?4691506&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@myourtehzeeb.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2Fcricplay2.xyz%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:176342386&@b3:1662156996&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fyourtehzeeb.com%2Fstreamcr.php%3Fplayer%3Ddesktop%26live%3Dbbtsp2&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yourtehzeeb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 22:16:38 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
s4.histats.com/stats/0.php?3691316&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBT%20sport%202&@n0&@ohttps%3A%2F%2Fwjstep.altervista.org%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-104678716&@b3:1662156996&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcricplay2.xyz%2Fbt-sport-2&@w
192.99.8.27200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?3691316&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBT%20sport%202&@n0&@ohttps%3A%2F%2Fwjstep.altervista.org%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-104678716&@b3:1662156996&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcricplay2.xyz%2Fbt-sport-2&@w
IP 192.99.8.27:0
File type ASCII text, with no line terminators
Hash da1bf9d0fba4dbbb8a329f7e5e195c2b
5cf9dcbbdc2c716b840baddf796e6e914fc1fc5a
e026a4ef9bbc2c4f2e3aeff57662eaaa9b8331bbc2dd0e4d8a24825812631905
GET /stats/0.php?3691316&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBT%20sport%202&@n0&@ohttps%3A%2F%2Fwjstep.altervista.org%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-104678716&@b3:1662156996&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcricplay2.xyz%2Fbt-sport-2&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 22:16:38 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F&t=BT%20sport%202
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F&t=BT%20sport%202
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F&t=BT%20sport%202 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 02 Sep 2022 22:16:38 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F&t=BT%20sport%202
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F&t=BT%20sport%202
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F&t=BT%20sport%202 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 02 Sep 2022 22:16:38 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!5lc2cltdhi&dn=TC&cc=1&r=https%3A%2F%2Fwjstep.altervista.org%2F
67.202.105.31200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!5lc2cltdhi&dn=TC&cc=1&r=https%3A%2F%2Fwjstep.altervista.org%2F
IP 67.202.105.31:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!5lc2cltdhi&dn=TC&cc=1&r=https%3A%2F%2Fwjstep.altervista.org%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
expires: Sat, 03 Sep 2022 22:16:38 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Fri, 02 Sep 2022 22:16:38 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F&t=BT%20sport%202
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F&t=BT%20sport%202
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F&t=BT%20sport%202 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 02 Sep 2022 22:16:38 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1&r=https%3A%2F%2Fwjstep.altervista.org%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 02 Sep 2022 22:16:39 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 02 Sep 2022 22:16:39 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 02 Sep 2022 22:16:39 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!5lc2cltdhi&lm=3&ts=1662156996735&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 02 Sep 2022 22:16:39 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cab49f59207f816d98a21cd3fc2c37d1
8a9278f8ff5d149420673649878ca1ee266a0783
aebe0748f049bcb801be83459d4bae66b9c1453de3b0ea7e6a63bea88b6e7a5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13104
x-amzn-requestid: da627f0c-5cde-4a37-878c-dcada8a25f64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EYoIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-10dbcb432e6d1af46cffaefe;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EYnLT-zi94yLohu6F2sovFoJ7UPSlEwh8CTMXR3d9aqGb00jm1f8oQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:32:41 GMT
age: 85444
etag: "8a9278f8ff5d149420673649878ca1ee266a0783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
yourtehzeeb.com/streamcr.js
172.67.168.196200 OK 0 B URL HTTP/2 yourtehzeeb.com/streamcr.js
IP 172.67.168.196:0
GET /streamcr.js HTTP/1.1
Host: yourtehzeeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:36 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 10:24:48 GMT
vary: Accept-Encoding
etag: W/"63089f70-4df"
cache-control: max-age=14400
cf-cache-status: HIT
age: 7167
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvF91rvNX9Anrjenv%2B8idBZ6pyekZFey7OrufiQQvU4cRMhM4vqSJw1qc7V2QO6oKb1LM9ePMfPKt583MYA2rYLa%2FhuI9veZC82d17oYNOFsiif9ou%2FJ%2FtEFzh97sMjRxeo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74499c6defa9b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
celeritascdn.com/script/ut.js?cb=1662156995918
104.16.91.6200 OK 0 B URL HTTP/2 celeritascdn.com/script/ut.js?cb=1662156995918
IP 104.16.91.6:0
GET /script/ut.js?cb=1662156995918 HTTP/1.1
Host: celeritascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yourtehzeeb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:37 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduQc_-Q_yReIjFJgwVVT0zrYteLdYonr0bTqZ1yhOWtytGGRamRauYRrQSHeWt_hzZMc_u8V8APdTAv9p7CZxlNrfpK24t0
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sat, 03 Sep 2022 02:16:37 GMT
cache-control: public, max-age=14400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
cf-cache-status: HIT
age: 1508
vary: Accept-Encoding
server: cloudflare
cf-ray: 74499c730fcbb518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
betzapdoson.com/?rb=wtaqrkMYP7mLmfNbx0Bdey9SVGr_vWlMdVU-JxYcR1iCgDF-4CCoBn41tsgW5-PNiIQ5PVnqxL9BULRvyglpyenLhZ6p0C9FKxPhMmYo-GPcXrx1zdhcsWnflHNy5xcAi1F3vKxc-bhQUy4x6TSTP0d2eun-QezfoX1U2Rzn8qjWRN8sRc-bnkV9bCkAcMYxE8GORwL4gcVdQgyYQQzn47ZbtlD8f9LY&request_ab2=0&zoneid=5334444&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=844&wiw=844&wih=450&wfc=1&pl=https%3A%2F%2Fyourtehzeeb.com%2Fstreamcr.php%3Fplayer%3Ddesktop%26live%3Dbbtsp2&drf=https%3A%2F%2Fcricplay2.xyz%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=8c6fb3fa-1db8-4082-82de-c8ccb5bf021f&userId=a3d5269bd76f414dbb6dbcbf23249ba4&m=link
139.45.197.236200 OK 0 B URL HTTP/2 betzapdoson.com/?rb=wtaqrkMYP7mLmfNbx0Bdey9SVGr_vWlMdVU-JxYcR1iCgDF-4CCoBn41tsgW5-PNiIQ5PVnqxL9BULRvyglpyenLhZ6p0C9FKxPhMmYo-GPcXrx1zdhcsWnflHNy5xcAi1F3vKxc-bhQUy4x6TSTP0d2eun-QezfoX1U2Rzn8qjWRN8sRc-bnkV9bCkAcMYxE8GORwL4gcVdQgyYQQzn47ZbtlD8f9LY&request_ab2=0&zoneid=5334444&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=844&wiw=844&wih=450&wfc=1&pl=https%3A%2F%2Fyourtehzeeb.com%2Fstreamcr.php%3Fplayer%3Ddesktop%26live%3Dbbtsp2&drf=https%3A%2F%2Fcricplay2.xyz%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=8c6fb3fa-1db8-4082-82de-c8ccb5bf021f&userId=a3d5269bd76f414dbb6dbcbf23249ba4&m=link
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=wtaqrkMYP7mLmfNbx0Bdey9SVGr_vWlMdVU-JxYcR1iCgDF-4CCoBn41tsgW5-PNiIQ5PVnqxL9BULRvyglpyenLhZ6p0C9FKxPhMmYo-GPcXrx1zdhcsWnflHNy5xcAi1F3vKxc-bhQUy4x6TSTP0d2eun-QezfoX1U2Rzn8qjWRN8sRc-bnkV9bCkAcMYxE8GORwL4gcVdQgyYQQzn47ZbtlD8f9LY&request_ab2=0&zoneid=5334444&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=844&wiw=844&wih=450&wfc=1&pl=https%3A%2F%2Fyourtehzeeb.com%2Fstreamcr.php%3Fplayer%3Ddesktop%26live%3Dbbtsp2&drf=https%3A%2F%2Fcricplay2.xyz%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=8c6fb3fa-1db8-4082-82de-c8ccb5bf021f&userId=a3d5269bd76f414dbb6dbcbf23249ba4&m=link HTTP/1.1
Host: betzapdoson.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yourtehzeeb.com/
Origin: https://yourtehzeeb.com
Connection: keep-alive
Cookie: OAID=a3d5269bd76f414dbb6dbcbf23249ba4; oaidts=1662156997
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 22:16:38 GMT
content-type: application/json
x-trace-id: 8eccfc6a96b59bcc38e1a84e7b7f8796
access-control-allow-origin: https://yourtehzeeb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=a3d5269bd76f414dbb6dbcbf23249ba4; expires=Sat, 02 Sep 2023 22:16:38 GMT; path=/; secure; SameSite=None
oaidts=1662156998; expires=Sat, 02 Sep 2023 22:16:38 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 09 Sep 2022 22:16:38 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=5lc2cltdhi&t=BT%20sport%202&c=s&x=https%3A%2F%2Fcricplay2.xyz%2Fbt-sport-2&y=https%3A%2F%2Fwjstep.altervista.org%2F&a=0&d=1.327&v=27&r=7679
104.22.75.171200 OK 0 B URL HTTP/2 whos.amung.us/pingjs/?k=5lc2cltdhi&t=BT%20sport%202&c=s&x=https%3A%2F%2Fcricplay2.xyz%2Fbt-sport-2&y=https%3A%2F%2Fwjstep.altervista.org%2F&a=0&d=1.327&v=27&r=7679
IP 104.22.75.171:0
GET /pingjs/?k=5lc2cltdhi&t=BT%20sport%202&c=s&x=https%3A%2F%2Fcricplay2.xyz%2Fbt-sport-2&y=https%3A%2F%2Fwjstep.altervista.org%2F&a=0&d=1.327&v=27&r=7679 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cricplay2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:38 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74499c761fc395e2-ARN
X-Firefox-Spdy: h2
wjstep.altervista.org/Sport/Bt_Sport_2
172.67.159.221200 OK 0 B URL HTTP/2 wjstep.altervista.org/Sport/Bt_Sport_2
IP 172.67.159.221:0
GET /Sport/Bt_Sport_2 HTTP/1.1
Host: wjstep.altervista.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:36 GMT
content-type: text/html
last-modified: Fri, 02 Sep 2022 10:00:05 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Fri, 02 Sep 2022 22:21:36 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiF4OkC0X4%2B9SnzLCXwcezbAH2CpocxXwgBSDNAP5LpgSYy4n9eyl8adLTcC8RMK8AxcgjO5qh6oW%2BZy9hn%2Fw6%2F8PQXWj7HXIl3uopeD5ltNY6m8Nd4LoqDs1EqzyAfNAKgGNJdWUig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74499c69b9a71c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cricplay2.xyz/bt-sport-2
104.21.4.166200 OK 0 B IP 104.21.4.166:0
GET /bt-sport-2 HTTP/1.1
Host: cricplay2.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wjstep.altervista.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:16:36 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfyDsIQYYP4jw7Gr6s1nGurDsZ83ftYeyHmT4Pgm9vsg7KFcE7llCZnwbKgizExozNyRTk4z13nnRTDwwV5v%2F1M%2Fi9QJlNTi0Mh7oUmbzDyvHQHPZ45nufDd%2FYtB1X5j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74499c6c6e990b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
142.250.74.138200 OK 0 B URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
IP 142.250.74.138:0
GET /ajax/libs/jquery/3.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yourtehzeeb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30281
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 28 Aug 2022 11:22:04 GMT
expires: Mon, 28 Aug 2023 11:22:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 471273
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2