Report - hlsflast.com/wanbpkw65a8w

Report Overview

Visited public
2024-12-01 19:37:33
Tags
URL
hlsflast.com/wanbpkw65a8w
Finishing URL
hlsflast.com/wanbpkw65a8w
IP / ASN
172.67.162.110
#13335 CLOUDFLARENET
Title
Streaming Platform

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
streamwish.com	unknown	2023-04-10	2019-05-18	2024-11-23	451 B	1.1 kB	172.67.201.66
hlsflast.com	unknown	unknown	No data	No data	9.3 kB	3.9 MB	104.21.66.169
media.dalysv.com	unknown	2023-04-05	2023-05-06	2024-11-23	808 B	28 kB	104.21.75.100
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-11-27	419 B	111 kB	142.250.74.168
luckaltute.net	unknown	2024-11-17	2024-11-30	2024-11-30	1.7 kB	9.2 kB	139.45.197.245
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-11-27	459 B	1.4 kB	188.114.97.1
jturq6cd3wcv.premilkyway.com	unknown	2024-08-23	2024-11-30	2024-11-30	2.5 kB	5.0 MB	217.147.172.53
roseimgs.com	unknown	2024-02-27	2024-02-28	2024-11-23	863 B	830 kB	172.67.180.200
ib.spninxcuppas.com	unknown	2024-08-05	2024-08-13	2024-12-01	414 B	1.5 kB	188.42.108.108
jouwaikekaivep.net	unknown	2024-10-30	2024-11-02	2024-11-25	402 B	73 kB	104.21.12.178

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-01	medium	luckaltute.net	Sinkholed
2024-12-01	medium	luckaltute.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	hlsflast.com/wanbpkw65a8w	153 B	2023-05-25 01:59	2024-12-26 17:18
Pretty URL hlsflast.com/wanbpkw65a8w IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 01:59 Last Seen2024-12-26 17:18 Times Seen179 Hash b26d6f86c4345f37c33c9b3b6dc9338b b92b66a7dadcc3acefe2c4cbd34f36c525ef4a24 5b3474edb6863ae89e1cfe842fb92e8ffdb6d4084a837040d36d497c4a864216 Loading...

	media.dalysv.com/js/push/code2.js	7.4 kB	2024-09-01 15:20	2024-12-26 17:18
Pretty URL media.dalysv.com/js/push/code2.js IP 104.21.75.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-01 15:20 Last Seen2024-12-26 17:18 Times Seen68 Hash 91ef293c76207ea3e0b77cd98133d9b1 880f02a5d6d16090e4e3e7882d7e5416b61e539f e9e498423050fd7781d01634d3888a019c6e5de6bbb2f6f775a07c650620eb82 Loading...

	hlsflast.com/player/jw8/provider.hlsjs.js?v=4	423 kB	2024-03-12 19:48	2024-12-26 17:18
Pretty URL hlsflast.com/player/jw8/provider.hlsjs.js?v=4 IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 19:48 Last Seen2024-12-26 17:18 Times Seen153 Hash cf574bfbd554e256baefd9704344cd4b d376e3751e7d0ab766402438e8c468c6ff77a32d d2406579337d50569fea7ef91cc575c79c18d58ae78e488bdee95074429739bc Loading...

	unknown	172 B	2024-12-01 19:37	2024-12-01 19:37
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 19:37 Last Seen2024-12-01 19:37 Times Seen1 Hash 1bc32fe106f2cea9851c4546200666a2 185c28434de762f70d77e9b8feb473e035ac6dac 48a8ddd5ec682d0ce19a8b59737124cdee2885fdc504901dd0681c9ded7a025b Loading...

	hlsflast.com/js/localstorage-slim.js	2.1 kB	2023-03-07 15:52	2024-12-26 17:18
Pretty URL hlsflast.com/js/localstorage-slim.js IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52 Last Seen2024-12-26 17:18 Times Seen367 Hash ba6facacb00551830393d637195804cf 77d2d2802ee44767b33a2d679945cc3efa3619cc 41bb37c8133d8e5c128820cfbe03bcbf63ce256bcbd60a1a76143472d8668e38 Loading...

	www.googletagmanager.com/gtag/js?id=G-2TL7NH453R	330 kB	2024-12-01 19:37	2024-12-01 19:37
Pretty URL www.googletagmanager.com/gtag/js?id=G-2TL7NH453R IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 19:37 Last Seen2024-12-01 19:37 Times Seen1 Hash fde125c3b51a1f3c03d2c126e95ffad7 466b96b4e4c87d07d0c691288988f5623a023c97 8f036297a986aa4d7bc3605e4b5a63c9ef271ee00177629b59f31f0982f1c8fa Loading...

	hlsflast.com/player/jw8/polyfills.webvtt.js?v=4	11 kB	2024-03-22 03:59	2024-12-24 12:05
Pretty URL hlsflast.com/player/jw8/polyfills.webvtt.js?v=4 IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 03:59 Last Seen2024-12-24 12:05 Times Seen117 Hash fc0d51af099f1379a409b4c960e5b40a c41d9034712a4f11875d8381788d6f282393b2b4 54b5ae4cdc7dfdc86bccb9cc8423fcce7753a05cdcb4178b4d042a9ba6ccea50 Loading...

	hlsflast.com/wanbpkw65a8w	514 B	2023-05-25 01:59	2024-12-26 17:18
Pretty URL hlsflast.com/wanbpkw65a8w IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 01:59 Last Seen2024-12-26 17:18 Times Seen179 Hash b46065871400813152d321ec02f1b50a ec38efc173d850932edecc4ee3d25161f023d358 e8c1018f916aa0ed73bb2968d0eed9f22017f01c74bcf036128af93ecacc8244 Loading...

	streamwish.com/js/dnsads.js?adslot=1&AdType=-adimage-&x=-panel_ad_&clicktag=http	40 B	2023-03-29 21:33	2024-12-19 10:06
Pretty URL streamwish.com/js/dnsads.js?adslot=1&AdType=-adimage-&x=-panel_ad_&clicktag=http IP 172.67.201.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:33 Last Seen2024-12-19 10:06 Times Seen229 Hash 17633da787cc7f0344e742dfc5c763a8 a2f38fea3c29999b943be862289885f64b2a4482 6cd0694f629a835a70757793cd54370a7dc26f1052d82ec54499bb3db0b54075 Loading...

	hlsflast.com/assets/jquery/style100.js?v=1.0	5.5 kB	2024-12-01 19:37	2024-12-08 04:20
Pretty URL hlsflast.com/assets/jquery/style100.js?v=1.0 IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 19:37 Last Seen2024-12-08 04:20 Times Seen6 Hash 2ab784f715d9310e89dd7cb5b6736e25 5ce7cc978682031574ad0f8419a1b00d2a9030b8 a6a9bd60d861599f70a86a426382c74b19ca4dd70f15a7ef8f95ea7f69b9acf2 Loading...

	hlsflast.com/wanbpkw65a8w	99 B	2024-12-01 19:37	2024-12-01 19:37
Pretty URL hlsflast.com/wanbpkw65a8w IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-01 19:37 Last Seen2024-12-01 19:37 Times Seen1 Hash d3c29c614d6eee77a241942f54f39f8e 315539ece0d28fd9e4373ddb16761b34c02a9c34 a4c0756bc2bcd01bcd002ee4bf49ba934bc1f3c64d31b676271cfa6e78a3d02b Loading...

	hlsflast.com/wish/js/bootstrap.bundle.min.js	81 kB	2023-03-12 16:15	2024-12-25 21:35
Pretty URL hlsflast.com/wish/js/bootstrap.bundle.min.js IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:15 Last Seen2024-12-25 21:35 Times Seen2094 Hash e8890063e097beea88fd37621217af9c bff78dd9c02a5008ab43642948739ce58c761b21 061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2 Loading...

	ib.spninxcuppas.com/tQ9unxqPhae3A55/62124	5 B	2023-03-07 01:14	2024-12-26 19:51
Pretty URL ib.spninxcuppas.com/tQ9unxqPhae3A55/62124 IP 188.42.108.108 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2024-12-26 19:51 Times Seen4734 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	hlsflast.com/player/jw8/jwplayer.core.controls.js?v=4	327 kB	2024-03-12 19:48	2024-12-26 17:18
Pretty URL hlsflast.com/player/jw8/jwplayer.core.controls.js?v=4 IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 19:48 Last Seen2024-12-26 17:18 Times Seen587 Hash fee77850b6b254569cf03f43a4dfdde4 35841d306d3404fbef6825371ffdbcd992ade913 50b22ddf7e9cf49716e33660cc9de3c2bbf3cb90f203d8af93810f8f97bdee3f Loading...

	hlsflast.com/wish_dark/js/jquery-3.2.1.min.js	87 kB	2023-03-07 01:02	2024-12-26 19:00
Pretty URL hlsflast.com/wish_dark/js/jquery-3.2.1.min.js IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-12-26 19:00 Times Seen31602 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	hlsflast.com/wish_dark/js/app.js	120 B	2023-05-24 01:42	2024-12-23 11:41
Pretty URL hlsflast.com/wish_dark/js/app.js IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 01:42 Last Seen2024-12-23 11:41 Times Seen61 Hash a79f8fabfb7648a13210846a85a88cf7 6712b8182af3de12fda154bee96ff127cfc963fe ec33448e18837c25e8bad49acb1b6d8a67f9aa49b2804bcd4c8d109ae4e96754 Loading...

	hlsflast.com/wanbpkw65a8w	60 B	2023-03-07 01:03	2024-12-26 17:18
Pretty URL hlsflast.com/wanbpkw65a8w IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2024-12-26 17:18 Times Seen274 Hash 76cc6a7775b7b653ba5a7d7f9cea4eb4 6484c7b286038e9a60c38f4adc61e6ba30062c91 a00f1ced7d3bab63e82c08fdb0b05b0e9659805756c15b085c2b9804671302c9 Loading...

	hlsflast.com/js/tabber.js	6.1 kB	2023-03-07 12:03	2024-12-26 17:18
Pretty URL hlsflast.com/js/tabber.js IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2024-12-26 17:18 Times Seen136 Hash f6be5160018c4101fa76b42650b5a1a6 d8d3efdadf32bb4fd6daac619575969b241d2864 c8a84372ece060ed361527a4517edace8aff92d6288323c52c8333500e1ae70a Loading...

	media.dalysv.com/js/code.min.js	44 kB	2024-12-01 15:06	2024-12-26 17:18
Pretty URL media.dalysv.com/js/code.min.js IP 104.21.75.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 15:06 Last Seen2024-12-26 17:18 Times Seen54 Hash 35f0b0ec867a8757284131f866e4e7ca bf887b7faf160527d2f5393f0c7c5ec22876a49c 336c5a0cbc8ea1a15e3dff61a39675d7509d17889b0ea0d767b1ae8a359f0a7f Loading...

	hlsflast.com/wish_dark/js/xupload.js?v19	10 kB	2024-11-19 23:31	2024-12-01 19:37
Pretty URL hlsflast.com/wish_dark/js/xupload.js?v19 IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-19 23:31 Last Seen2024-12-01 19:37 Times Seen2 Hash 0a753b61e4feca4a95c2a2335a201e1e 050166d99d69b885885d2861d95d040f17985971 cd3a1331541dc0dd5bc347ba986c594707931cc71cf7f73e2c6180e8c2bad239 Loading...

	hlsflast.com/js/jquery.cookie.js	4.3 kB	2023-03-07 01:03	2024-12-26 17:36
Pretty URL hlsflast.com/js/jquery.cookie.js IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-12-26 17:36 Times Seen1249 Hash ae0c2c5d8f01f7d35bb698bb618a62f7 63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20 75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc Loading...

	hlsflast.com/player/jw8/jwplayer.js?v=4	111 kB	2024-04-14 17:45	2024-12-26 17:18
Pretty URL hlsflast.com/player/jw8/jwplayer.js?v=4 IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 17:45 Last Seen2024-12-26 17:18 Times Seen171 Hash 73129fca23830b0aef163ea229220b2e 4c9e44f3282bbf80e5bb51494a096e29f6748cf0 d05fe0659d74c0693831cb1a36fdb77fe97992cd3110427f4998320c1229e712 Loading...

	hlsflast.com/wanbpkw65a8w	166 B	2023-11-03 15:07	2024-12-26 16:20
Pretty URL hlsflast.com/wanbpkw65a8w IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 15:07 Last Seen2024-12-26 16:20 Times Seen103 Hash 67759beda7e597fe8a885feeb7857bcb f6d07c37491748ce16255b5cfa2d77f01107da96 8a034babe5db0592cc850390c229e32735588bd688cb9f1717e41effca1aad9c Loading...

	jouwaikekaivep.net/tag.min.js	71 kB	2024-11-30 12:33	2024-12-02 05:48
Pretty URL jouwaikekaivep.net/tag.min.js IP 104.21.12.178 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-30 12:33 Last Seen2024-12-02 05:48 Times Seen73 Hash bb12715dc3535d3f119e18164d83cc6a ee33017dc8c162f0e0655744987622a449cd5d9d c3c606d6aa3b5cf637346347f3c543f2da02f57905106461f0ac39a2469b64ce Loading...

	hlsflast.com/wanbpkw65a8w	6.1 kB	2024-12-01 19:37	2024-12-01 19:37
Pretty URL hlsflast.com/wanbpkw65a8w IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-01 19:37 Last Seen2024-12-01 19:37 Times Seen1 Hash c9697c6ad99194fea880228f61926357 c37e34a66b4b652e47ed570c8204197e7351aff4 0166ceed9ed27cffb3238d7fc8372ba5dafedc2623a9f03d3b3d2f889c74e9c8 Loading...

	hlsflast.com/wanbpkw65a8w	659 B	2023-03-08 09:45	2024-12-09 00:37
Pretty URL hlsflast.com/wanbpkw65a8w IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 09:45 Last Seen2024-12-09 00:37 Times Seen47 Hash 6a61c7ef0d17028169eb3846772ee502 97f4965cbe013002cb0e72f1e4fe16abb4dac1d6 598a2437ca91a6b1e8c60305dc12a470138cfc0316828654619a2ff3f91ad9f9 Loading...

	hlsflast.com/wanbpkw65a8w	22 B	2023-03-07 01:03	2024-12-24 20:39
Pretty URL hlsflast.com/wanbpkw65a8w IP 104.21.66.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2024-12-24 20:39 Times Seen320 Hash 6052027f8899a6bfe3148fb3b49c2e5d 0c623518c7ab0d4725e6808c76798123779d6372 442c8e7468ce2fb1deae90be815308271b69df058481e94135a669b7a6134500 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 445e9ac359e317b9b9ee543738c3dc1e	6.2 kB	2024-12-01 19:37	2024-12-01 19:37
Pretty Observations First Seen2024-12-01 19:37 Last Seen2024-12-01 19:37 Times Seen1 Hash 445e9ac359e317b9b9ee543738c3dc1e 2cd119b3866c12b1da68da3aae87df3186d92673 078b4bd5eb2699bc0fc8073736bcff706c99df10b18dd8f2b7fcb69e226c30f4 Loading...

HTTP Transactions (34)

URL IP Response Size

streamwish.com/js/dnsads.js?adslot=1&AdType=-adimage-&x=-panel_ad_&clicktag=http

172.67.201.66

200 OK

40 B

URL GET HTTP/2
streamwish.com/js/dnsads.js?adslot=1&AdType=-adimage-&x=-panel_ad_&clicktag=http
IP
172.67.201.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjectstreamwish.com
FingerprintF1:65:09:F5:27:3F:98:D0:57:A7:7E:EA:4B:5D:B3:36:F0:2E:C4:B0
ValidityWed, 20 Nov 2024 21:26:45 GMT - Tue, 18 Feb 2025 21:26:44 GMT

File type
ASCII text, with CRLF line terminators
Size
40 B (40 bytes)
Hash
17633da787cc7f0344e742dfc5c763a8
a2f38fea3c29999b943be862289885f64b2a4482
6cd0694f629a835a70757793cd54370a7dc26f1052d82ec54499bb3db0b54075

HTTP Headers

GET /js/dnsads.js?adslot=1&AdType=-adimage-&x=-panel_ad_&clicktag=http HTTP/1.1
Host: streamwish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 40
last-modified: Tue, 15 Nov 2022 09:47:00 GMT
etag: "63736014-28"
expires: Thu, 05 Dec 2024 03:34:07 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 316979
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VoMfqKiHVSsxso80%2BkFAsvxiQgqhHoQwFxpsl%2Fk2FLEByMrM%2B%2BBN8%2BKZ7PJRGxg49oxiEVL%2FS0%2BzldjNDhBKiXU%2FH0lN1kMHyb3l4P77BB49JepZ2C5jY1lZCa%2Fh5DUb5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a60cba1bfa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16908&min_rtt=16824&rtt_var=3596&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3280&recv_bytes=1191&delivery_rate=256389&cwnd=252&unsent_bytes=0&cid=80b492d29c9ee3b6&ts=66&x=0"
X-Firefox-Spdy: h2

hlsflast.com/js/jquery.cookie.js

104.21.66.169

200 OK

2.0 kB

URL GET HTTP/3
hlsflast.com/js/jquery.cookie.js
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
gzip compressed data, from Unix
Size
2.0 kB (1970 bytes)
Hash
fca6f52142d6a555602bff0cdf25fb07
dc6cabb515a7846a270d0048966b6b2efb81c471
05ee7216d4094130ef00182bc1f9ad658a0d12afe1a1a642f6550829fce7dc34

HTTP Headers

GET /js/jquery.cookie.js HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 31 May 2011 13:53:00 GMT
etag: W/"4de4f2bc-10eb"
expires: Wed, 04 Dec 2024 09:10:34 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cf-cache-status: HIT
age: 383192
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enA%2BVpFn%2FhYn0VeBXGTnCyiYM6Ci8IZrVI1VEEt8jMdnYEAH4%2BFgVypnuGh1ZFfKSecef5bFHtkau7XJ5rYka31ONxtGz4bmw9Lc1IxLkRCDkErrjWyLWw%2Bme1ivp9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a56d137128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=31&recv=14&lost=0&retrans=0&sent_bytes=16273&recv_bytes=3275&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=284&x=1", cfHdrFlush;dur=39

media.dalysv.com/js/code.min.js

104.21.75.100

200 OK

18 kB

URL GET HTTP/2
media.dalysv.com/js/code.min.js
IP
104.21.75.100:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjectdalysv.com
Fingerprint64:2B:6C:FC:35:79:E7:B3:8E:6C:3F:CD:F5:0F:12:1E:CA:6A:6F:1E
ValidityFri, 15 Nov 2024 16:39:30 GMT - Thu, 13 Feb 2025 16:39:29 GMT

File type
gzip compressed data, max speed, from Unix
Size
18 kB (18171 bytes)
Hash
fcda953c887f80a3da295fc1da88a948
ad0b5d97d22c2a5975a18b148e830cdeee64c525
9cff40c20a14866f38a0783913cedbad4e720e809fefe42270d10a4c380649cf

HTTP Headers

GET /js/code.min.js HTTP/1.1
Host: media.dalysv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 18:22:36 GMT
etag: W/"674a066c-a9ca"
expires: Mon, 02 Dec 2024 18:25:23 GMT
cache-control: max-age=259200
content-encoding: gzip
cf-cache-status: HIT
age: 49955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqieq3KO3KOQZmq3KSBbSTDzabD7YB23RlxS5DjtTQEpRhG4norrGuxMEfz%2Fs9vDaYisXjnwXl3CUJi4NbLE53e4ncTxNFGfwyuVm3QvtvvuwHUmnbbXrQ%2FlB9svNUod60Mt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a628ddb515-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17269&min_rtt=16636&rtt_var=4462&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3246&recv_bytes=1157&delivery_rate=234026&cwnd=252&unsent_bytes=0&cid=295c1fae71020ca7&ts=64&x=0"
X-Firefox-Spdy: h2

hlsflast.com/wanbpkw65a8w

104.21.66.169

200 OK

7.6 kB

URL User Request GET HTTP/2
hlsflast.com/wanbpkw65a8w
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
HTML document, ASCII text, with very long lines (6159)
Size
7.6 kB (7626 bytes)
Hash
9c07c4ef8d7f7b078e60e4b5d662e075
520f6c5d16dce4966eb58ec7f06c22880f222be6
bd23f691ab83ecb77e2d65ed58f81c730284666a2b1545c76a4f2547846686fe

HTTP Headers

GET /wanbpkw65a8w HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:37:05 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 30 Nov 2024 19:37:05 GMT
set-cookie: lang=1; domain=.hlsflast.com; path=/; HttpOnly
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fURHSbHSJyv%2BwE2Xkn8uWe0zpYM3FXsCgN31wypZfYqRyQB9ez8n9rmLzXFXTcKmigGpWPoTu7DyZ5bp99saCtJvGxeCzf2pLKvJi2nbRJuMCnhhFMvwfp%2BOjCAQfX4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb5879e980f712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16811&min_rtt=16502&rtt_var=3154&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1124&delivery_rate=258972&cwnd=254&unsent_bytes=0&cid=fe5c8c53f864756f&ts=829&x=0"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-2TL7NH453R

142.250.74.168

200 OK

110 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-2TL7NH453R
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:6D:67:20:75:1C:E2:F2:C3:65:DF:AC:EA:22:D8:AD:ED:0A:08:BA
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
110 kB (109865 bytes)
Hash
fde125c3b51a1f3c03d2c126e95ffad7
466b96b4e4c87d07d0c691288988f5623a023c97
8f036297a986aa4d7bc3605e4b5a63c9ef271ee00177629b59f31f0982f1c8fa

HTTP Headers

GET /gtag/js?id=G-2TL7NH453R HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 01 Dec 2024 19:37:06 GMT
expires: Sun, 01 Dec 2024 19:37:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 109865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hlsflast.com/wish_dark/images/logo.svg?v=1

104.21.66.169

200 OK

6.5 kB

URL GET HTTP/3
hlsflast.com/wish_dark/images/logo.svg?v=1
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
6.5 kB (6464 bytes)
Hash
6e4d6e8e38b260cab7fd6c3dcbbf8ec5
a9a95f7f55c0fa68d0fdd9d82879852d424a2b56
f5a0c1ed8f2ad69567fc69c6e373a428abe57230f4287fb848be3f81465eed00

HTTP Headers

GET /wish_dark/images/logo.svg?v=1 HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: image/svg+xml
last-modified: Fri, 03 Nov 2023 12:03:33 GMT
etag: W/"1c5c-6093e4b1d7cbc"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rN7WWk6oARf9Jglw0cX4FPsZLWJmnitjQSi%2BZmqjGHkClTCoRwWCc8yWwvyxshkBVh1itAVIDbtdY9AVsCXBXEwxRpjMlnLvoYV0RTtPzclxDo1uidOV%2By0ZXYHb9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a56d107128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=31&recv=14&lost=0&retrans=0&sent_bytes=16273&recv_bytes=3275&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=283&x=1", cfHdrFlush;dur=40

hlsflast.com/player/jw8/provider.hlsjs.js?v=4

104.21.66.169

200 OK

137 kB

URL GET HTTP/3
hlsflast.com/player/jw8/provider.hlsjs.js?v=4
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
JavaScript source, ASCII text, with very long lines (65143)
Size
137 kB (136718 bytes)
Hash
cf574bfbd554e256baefd9704344cd4b
d376e3751e7d0ab766402438e8c468c6ff77a32d
d2406579337d50569fea7ef91cc575c79c18d58ae78e488bdee95074429739bc

HTTP Headers

GET /player/jw8/provider.hlsjs.js?v=4 HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1; file_id=32705548; aff=20725
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Mar 2024 10:38:54 GMT
etag: W/"6742f-612d355042b80"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QfofSiIGo%2Bl8bwmIqOg5%2Ftz%2BT6lWnQrdl9bKUjgu%2Bnb0Et8txZ9pLkNQf%2Be9gENwj2ZOXGIudl27ZdmZ14sX9qeC7%2BMXWTlproGU4NWCuxXp5ykSmI6w3l28DtcXynI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a809cb7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23975&min_rtt=17938&rtt_var=8530&sent=178&recv=25&lost=0&retrans=0&sent_bytes=181001&recv_bytes=4898&delivery_rate=103312&cwnd=123900&unsent_bytes=0&cid=8dac579383134f61&ts=721&x=1", cfHdrFlush;dur=0

hlsflast.com/player/jw8/jwplayer.core.controls.js?v=4

104.21.66.169

200 OK

91 kB

URL GET HTTP/3
hlsflast.com/player/jw8/jwplayer.core.controls.js?v=4
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
JavaScript source, ASCII text, with very long lines (65143)
Size
91 kB (91325 bytes)
Hash
fee77850b6b254569cf03f43a4dfdde4
35841d306d3404fbef6825371ffdbcd992ade913
50b22ddf7e9cf49716e33660cc9de3c2bbf3cb90f203d8af93810f8f97bdee3f

HTTP Headers

GET /player/jw8/jwplayer.core.controls.js?v=4 HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1; file_id=32705548; aff=20725
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Mar 2024 10:38:54 GMT
etag: W/"4fcf7-612d355042b80"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5898
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sa7wuFqIVi1Bbzx5em%2FnIkHyj%2FNYbo6ar6hIiQqaLmyYkLN%2FeUHVKJ0VwIqoqu40Ea%2FoOFSgD5nc9BXSO0aqjagZQLwqjzREG9xVb4CynkUCznXENWvrIeX%2Bt47G0M4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a809c97128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23975&min_rtt=17938&rtt_var=8530&sent=188&recv=25&lost=0&retrans=0&sent_bytes=193001&recv_bytes=4898&delivery_rate=103312&cwnd=123900&unsent_bytes=0&cid=8dac579383134f61&ts=721&x=1", cfHdrFlush;dur=23

hlsflast.com/wish/js/bootstrap.bundle.min.js

104.21.66.169

200 OK

33 kB

URL GET HTTP/3
hlsflast.com/wish/js/bootstrap.bundle.min.js
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
JavaScript source, ASCII text, with very long lines (65292)
Size
33 kB (32615 bytes)
Hash
e8890063e097beea88fd37621217af9c
bff78dd9c02a5008ab43642948739ce58c761b21
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2

HTTP Headers

GET /wish/js/bootstrap.bundle.min.js HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 15 Mar 2023 16:39:00 GMT
etag: W/"13ad7-5f6f2fb2b7100"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vhoqw54L99kLk3Zk9KfyiIz38xJT7klTqz2j6lU5O%2FjYr9oTwGgg%2FB5nEox1IhKmyoPB3I4jINFhxBS1nqHaWf%2FVgyZU%2BBdHpSnsrZvowBKg9zXnK1quNk6MEr3dTqs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a57d377128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=33&recv=17&lost=0&retrans=0&sent_bytes=16325&recv_bytes=4045&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=302&x=1", cfHdrFlush;dur=46

jturq6cd3wcv.premilkyway.com/hls2/01/06541/wanbpkw65a8w_n/master.m3u8?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304

217.147.172.53

200 OK

314 B

URL GET HTTP/1.1
jturq6cd3wcv.premilkyway.com/hls2/01/06541/wanbpkw65a8w_n/master.m3u8?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304
IP
217.147.172.53:443
ASN
#209155 Onehostplanet s.r.o.

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerLet's Encrypt
Subject*.premilkyway.com
Fingerprint13:79:CF:0F:38:2C:F5:C0:F4:1A:2D:3C:8F:9B:C1:AE:FE:58:BB:28
ValidityMon, 25 Nov 2024 03:10:24 GMT - Sun, 23 Feb 2025 03:10:23 GMT

File type
M3U playlist, ASCII text
Size
314 B (314 bytes)
Hash
5fda2865ccd8478d99b11451640723ba
9c57553f1fa5d6d05285ba1fd56b5564c43d90ed
adc5578f9efce15a085d67841c07169a7aa3f629189259f91d2f97831161d992

HTTP Headers

GET /hls2/01/06541/wanbpkw65a8w_n/master.m3u8?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304 HTTP/1.1
Host: jturq6cd3wcv.premilkyway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hlsflast.com
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Dec 2024 19:37:07 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Sun, 01 Dec 2024 19:37:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 10 Mar 2025 02:23:24 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Content-Encoding: gzip

jturq6cd3wcv.premilkyway.com/hls2/01/06541/wanbpkw65a8w_n/index-v1-a1.m3u8?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304

217.147.172.53

200 OK

716 B

URL GET HTTP/1.1
jturq6cd3wcv.premilkyway.com/hls2/01/06541/wanbpkw65a8w_n/index-v1-a1.m3u8?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304
IP
217.147.172.53:443
ASN
#209155 Onehostplanet s.r.o.

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerLet's Encrypt
Subject*.premilkyway.com
Fingerprint13:79:CF:0F:38:2C:F5:C0:F4:1A:2D:3C:8F:9B:C1:AE:FE:58:BB:28
ValidityMon, 25 Nov 2024 03:10:24 GMT - Sun, 23 Feb 2025 03:10:23 GMT

File type
M3U playlist, ASCII text
Size
716 B (716 bytes)
Hash
97953764d228351d4b373a807183c9ce
92874338ddbd915ac6a59ae8131f64b5e5ffad5f
de60b6bf367102f337237c7f537615d60dce9967747cfc68917195faea3e613f

HTTP Headers

GET /hls2/01/06541/wanbpkw65a8w_n/index-v1-a1.m3u8?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304 HTTP/1.1
Host: jturq6cd3wcv.premilkyway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hlsflast.com
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Dec 2024 19:37:07 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Sun, 01 Dec 2024 19:37:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 10 Mar 2025 02:23:24 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Content-Encoding: gzip

roseimgs.com/wanbpkw65a8w_xt.jpg

172.67.180.200

200 OK

85 kB

URL GET HTTP/2
roseimgs.com/wanbpkw65a8w_xt.jpg
IP
172.67.180.200:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjectroseimgs.com
Fingerprint0E:16:5D:C7:A8:FC:A8:93:67:1F:9B:D8:B2:FC:2C:A9:68:79:79:BF
ValidityMon, 21 Oct 2024 00:48:38 GMT - Sun, 19 Jan 2025 00:48:37 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 875x496, components 3
Size
85 kB (84846 bytes)
Hash
a78a9520eaf3ef213589e8590b029ff1
cebb1f41080631656688688141cfcd1d0f1f1dec
b28b5db8f9b866319401a23b26e5792adc3efbe4656addcf7c63308ed136e232

HTTP Headers

GET /wanbpkw65a8w_xt.jpg HTTP/1.1
Host: roseimgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:37:07 GMT
content-type: image/jpeg
content-length: 84846
last-modified: Sat, 30 Nov 2024 01:45:35 GMT
etag: "674a6e3f-14b6e"
expires: Sun, 08 Dec 2024 19:37:07 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AafGkTKGi5I0EtCOYqfVNTm1Gz0TLCUEuKv4%2FwuWD5%2BbLFhOwMGUnjMcHIf9y0q4P1eS8bOh6PWHb%2FYd4tBLlr5b9TgQIsHH9%2BFdlCbRa4W0RfdrHmvUimy4lT8%2FOeg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a6090656c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23063&min_rtt=16882&rtt_var=14134&sent=9&recv=12&lost=0&retrans=0&sent_bytes=3205&recv_bytes=1159&delivery_rate=242830&cwnd=254&unsent_bytes=0&cid=96d1bd765eca2031&ts=1201&x=0"
X-Firefox-Spdy: h2

hlsflast.com/wish_dark/images/favicon/apple-touch-icon.png?v=1

104.21.66.169

200 OK

14 kB

URL GET HTTP/3
hlsflast.com/wish_dark/images/favicon/apple-touch-icon.png?v=1
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
14 kB (14386 bytes)
Hash
c41af652d0aacc20c50f21bfc575a85d
10c68a3261e74e37db73d889052dc94bc329907f
5d646cc00015083a5af78ebd95a48c8045dc711243d704b1293d9df97eba6c48

HTTP Headers

GET /wish_dark/images/favicon/apple-touch-icon.png?v=1 HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1; file_id=32705548; aff=20725; _ga_2TL7NH453R=GS1.1.1733081826.1.0.1733081826.0.0.0; _ga=GA1.1.585404728.1733081827; prefetchAd_8544034=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:07 GMT
content-type: image/png
content-length: 14386
last-modified: Fri, 03 Nov 2023 12:06:33 GMT
etag: "3832-6093e55e14c6e"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4384
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mswXbLZs7Z7Yra3hsLK977UibyRCCqW%2Bfpg6lxQ%2Fget1djHOtOpbH6uOJFpojxIct%2FCqK3P0tcMf0XEY775FultcNh6JafsmiS1W8%2FyS%2BhLplttQ3csqka9y7DB8y%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587af1d227128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22459&min_rtt=17501&rtt_var=5196&sent=377&recv=34&lost=0&retrans=0&sent_bytes=412962&recv_bytes=6365&delivery_rate=74962&cwnd=247500&unsent_bytes=0&cid=8dac579383134f61&ts=1839&x=1", cfHdrFlush;dur=0

hlsflast.com/wish_dark/images/favicon/favicon-16x16.png?v=1

104.21.66.169

200 OK

627 B

URL GET HTTP/3
hlsflast.com/wish_dark/images/favicon/favicon-16x16.png?v=1
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
627 B (627 bytes)
Hash
852104566a39c0c95a6ac4cb08e145bc
ef075f389ad4625e5426b01db8dc0945114ca919
955ac708f9131264b25cde64a092e7b3e33d1f4730d2c675529e20c808503361

HTTP Headers

GET /wish_dark/images/favicon/favicon-16x16.png?v=1 HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1; file_id=32705548; aff=20725; _ga_2TL7NH453R=GS1.1.1733081826.1.0.1733081826.0.0.0; _ga=GA1.1.585404728.1733081827; prefetchAd_8544034=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:07 GMT
content-type: image/png
content-length: 627
last-modified: Fri, 03 Nov 2023 12:06:33 GMT
etag: "273-6093e55e15ff6"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bcrkOso6%2BFnOOJGSb9GKlOru32vx20Oe4MMxg3rqobSg46633f1lhiWqoRhfI1EJ%2BRNzigEDx1MgJDfTyiUiRiitDDSj21gzqAVL88lQuaSJ8nvUxHsJcnVOZGw%2BGQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587af1d247128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22459&min_rtt=17501&rtt_var=5196&sent=390&recv=34&lost=0&retrans=0&sent_bytes=428350&recv_bytes=6365&delivery_rate=74962&cwnd=247500&unsent_bytes=0&cid=8dac579383134f61&ts=1840&x=1", cfHdrFlush;dur=0

roseimgs.com/wanbpkw65a8w0000.jpg

172.67.180.200

200 OK

743 kB

URL GET HTTP/2
roseimgs.com/wanbpkw65a8w0000.jpg
IP
172.67.180.200:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjectroseimgs.com
Fingerprint0E:16:5D:C7:A8:FC:A8:93:67:1F:9B:D8:B2:FC:2C:A9:68:79:79:BF
ValidityMon, 21 Oct 2024 00:48:38 GMT - Sun, 19 Jan 2025 00:48:37 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 2000x1120, components 3
Size
743 kB (742680 bytes)
Hash
3988686ada9b49322673a35323397719
4c62b88a38065f03d0c470cab8a73ce02ffde3b0
b58294d2e9ae8d5187c20fa35791e73a1d517071bd2aba48eef0c34e552d09bf

HTTP Headers

GET /wanbpkw65a8w0000.jpg HTTP/1.1
Host: roseimgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:37:07 GMT
content-type: image/jpeg
content-length: 742680
last-modified: Sat, 30 Nov 2024 01:45:36 GMT
etag: "674a6e40-b5518"
expires: Sun, 08 Dec 2024 19:37:07 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wq9AuIdKLhX6bOm3YdMzPt%2BoXvDj2OapvJpqIXA1GJwh%2FbV%2FbcIOOF1l6CVPWy0FiSIYAFU3XS3MTE8c3bxmVOoECOkBQJtO%2FoNs8o%2FrEXIOsBRhj9lSxVHU3sBHoYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587abcb6756c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16994&min_rtt=16571&rtt_var=666&sent=73&recv=43&lost=0&retrans=0&sent_bytes=89918&recv_bytes=1159&delivery_rate=1278022&cwnd=259&unsent_bytes=0&cid=96d1bd765eca2031&ts=1719&x=0"
X-Firefox-Spdy: h2

jturq6cd3wcv.premilkyway.com/hls2/01/06541/wanbpkw65a8w_n/seg-1-v1-a1.ts?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304

217.147.172.53

200 OK

1.9 MB

URL GET HTTP/1.1
jturq6cd3wcv.premilkyway.com/hls2/01/06541/wanbpkw65a8w_n/seg-1-v1-a1.ts?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304
IP
217.147.172.53:443
ASN
#209155 Onehostplanet s.r.o.

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerLet's Encrypt
Subject*.premilkyway.com
Fingerprint13:79:CF:0F:38:2C:F5:C0:F4:1A:2D:3C:8F:9B:C1:AE:FE:58:BB:28
ValidityMon, 25 Nov 2024 03:10:24 GMT - Sun, 23 Feb 2025 03:10:23 GMT

File type
MPEG transport stream data
Size
1.9 MB (1946552 bytes)
Hash
8329bfb98122399cf271817e293cc9d8
0d7d686e084716fa77c2e0d9e5310e76b8e298e8
6afb1c9c897be3c15b80196d4d8ae2bda1840d8cf3506a36d85bc40718840c96

HTTP Headers

GET /hls2/01/06541/wanbpkw65a8w_n/seg-1-v1-a1.ts?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304 HTTP/1.1
Host: jturq6cd3wcv.premilkyway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hlsflast.com
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Dec 2024 19:37:07 GMT
Content-Type: video/MP2T
Content-Length: 1946552
Connection: keep-alive
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Expires: Mon, 10 Mar 2025 02:23:24 GMT
ETag: "5f693e80-1db3b8"
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes

hlsflast.com/player/jw8/polyfills.webvtt.js?v=4

104.21.66.169

200 OK

3.0 MB

URL GET HTTP/3
hlsflast.com/player/jw8/polyfills.webvtt.js?v=4
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (10446)
Size
3.0 MB (3021955 bytes)
Hash
fc0d51af099f1379a409b4c960e5b40a
c41d9034712a4f11875d8381788d6f282393b2b4
54b5ae4cdc7dfdc86bccb9cc8423fcce7753a05cdcb4178b4d042a9ba6ccea50

HTTP Headers

GET /player/jw8/polyfills.webvtt.js?v=4 HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1; file_id=32705548; aff=20725; _ga_2TL7NH453R=GS1.1.1733081826.1.0.1733081826.0.0.0; _ga=GA1.1.585404728.1733081827; prefetchAd_8544034=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Mar 2024 10:38:54 GMT
etag: W/"2a5c-612d355042b80"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3427
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQv1tHxBN5Az3MaHZPqQ1aez087%2BefqE26cg7lFmA7vV2W646qb%2Fyw0xdaK0ZSkUTVbYKw4GvZvwPHRWLy1TIbiGKrOIy8HqLj4MSlLjQCQGtfY7D%2BIzv3obGX8xXqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587c6e82e7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21535&min_rtt=17501&rtt_var=4489&sent=393&recv=37&lost=0&retrans=0&sent_bytes=429706&recv_bytes=6829&delivery_rate=574512&cwnd=247500&unsent_bytes=0&cid=8dac579383134f61&ts=5654&x=1", cfHdrFlush;dur=0

hlsflast.com/wish_dark/css/style.css?v=37

104.21.66.169

200 OK

310 kB

URL GET HTTP/3
hlsflast.com/wish_dark/css/style.css?v=37
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
ASCII text, with very long lines (392)
Size
310 kB (310187 bytes)
Hash
cfa7e164d2369771b8a008a2e9a673fc
e9fb73958e83633eaf04fa6251a3451d1623aa2e
a6e401cb1e7e1b173abaf35f329617968d344fd2aa3bc68f8cd7e650d67a0c28

HTTP Headers

GET /wish_dark/css/style.css?v=37 HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: text/css
last-modified: Sat, 31 Aug 2024 02:06:31 GMT
etag: W/"4bbab-620f1280cdc24"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zoljoxEUw2nV6LCUQtzuicDOR6uhJUUgLM0jPJLYAqj8stHTr2NGKrxN765YMxckHRtJCsNNrDk4L6fDYXhg4WkvwSfSw3mc7HaHTOl%2B%2Bwg%2BVSpFckJxcsk%2Bhx%2FEhNE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a54cf17128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=31&recv=14&lost=0&retrans=0&sent_bytes=16273&recv_bytes=3275&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=285&x=1", cfHdrFlush;dur=19

ib.spninxcuppas.com/tQ9unxqPhae3A55/62124

188.42.108.108

200 OK

5 B

URL GET HTTP/1.1
ib.spninxcuppas.com/tQ9unxqPhae3A55/62124
IP
188.42.108.108:443
ASN
#7979 SERVERS-COM

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerLet's Encrypt
Subjectib.spninxcuppas.com
Fingerprint93:94:CC:23:CE:13:44:F7:F3:47:45:FA:71:3D:0E:69:51:9D:8C:39
ValidityThu, 10 Oct 2024 06:28:25 GMT - Wed, 08 Jan 2025 06:28:24 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

HTTP Headers

GET /tQ9unxqPhae3A55/62124 HTTP/1.1
Host: ib.spninxcuppas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Dec 2024 19:37:06 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hlsflast.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Mon, 02-Dec-2024 19:37:06 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 02-Dec-2024 19:37:06 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

media.dalysv.com/js/push/code2.js

104.21.75.100

200 OK

7.4 kB

URL GET HTTP/3
media.dalysv.com/js/push/code2.js
IP
104.21.75.100:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjectdalysv.com
Fingerprint64:2B:6C:FC:35:79:E7:B3:8E:6C:3F:CD:F5:0F:12:1E:CA:6A:6F:1E
ValidityFri, 15 Nov 2024 16:39:30 GMT - Thu, 13 Feb 2025 16:39:29 GMT

File type
JavaScript source, ASCII text, with very long lines (7442), with no line terminators
Size
7.4 kB (7414 bytes)
Hash
31a4359950f9225a08a18407217c45cd
31b2c70997c866a0bb4ef22474e4274a8e8fbe05
095361ce356095a244b7cb6e4f8b9ddb0ed0dbd0617430de0da8b62407413ab8

HTTP Headers

GET /js/push/code2.js HTTP/1.1
Host: media.dalysv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 18:22:36 GMT
etag: W/"674a066c-1cf6"
expires: Mon, 02 Dec 2024 18:28:07 GMT
cache-control: max-age=259200
content-encoding: gzip
cf-cache-status: HIT
age: 52890
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WuKNLEkv74%2BUWaPzEqbhVpOoPlnMaTYEeg9nT4cQeMgPO0Cmn54fdAsAEPI%2F9T2Pca2OypKuoKWg4D9sTnaiq2K%2FL%2FWCgMJ4LAy17EUhS3EG8JPWdRzw1l4TINKMNcBieV%2Fr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a81cff5699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20980&min_rtt=18776&rtt_var=8615&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4034&recv_bytes=1057&delivery_rate=31635&cwnd=12000&unsent_bytes=0&cid=cd57f61370467b14&ts=258&x=1", cfHdrFlush;dur=0

hlsflast.com/assets/jquery/style100.js?v=1.0

104.21.66.169

200 OK

5.5 kB

URL GET HTTP/3
hlsflast.com/assets/jquery/style100.js?v=1.0
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
ASCII text, with very long lines (5668), with no line terminators
Size
5.5 kB (5507 bytes)
Hash
442d6e992183b75fde43308046eb84bf
fc2a39e2928938259b25be2d39c45c02047a3b3a
e54fcda1a30e25b062de530811a14a27dd932d2fdf4ba60b57b3ffc9757ca3ad

HTTP Headers

GET /assets/jquery/style100.js?v=1.0 HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: text/javascript; charset=UTF-8
expires: Sat, 30 Nov 2024 19:37:06 GMT
x-frame-options: DENY
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 01 Dec 2024 19:37:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DgVQZ%2BXNbxhBpaRpk3M0ahdmUlGSEvkLCshJhMvBYsxCtan415jTJmkhSwQYn405W%2BO273BzuF1bL9n4OOuxULuqUUApVKnYNHFSw67fIPRCNnXFaihcmkoKiHta4lE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a56d157128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24821&min_rtt=17938&rtt_var=9116&sent=175&recv=22&lost=0&retrans=0&sent_bytes=179068&recv_bytes=4270&delivery_rate=1371646&cwnd=123900&unsent_bytes=0&cid=8dac579383134f61&ts=451&x=1", cfHdrFlush;dur=0

hlsflast.com/wish_dark/js/jquery-3.2.1.min.js

104.21.66.169

200 OK

87 kB

URL GET HTTP/3
hlsflast.com/wish_dark/js/jquery-3.2.1.min.js
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /wish_dark/js/jquery-3.2.1.min.js HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 02 Nov 2023 14:32:37 GMT
etag: W/"15283-6092c4269071f"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwKCjqI%2FT90au3ojX5VTEk9phjDcpOx9ZO5o0Jp%2FC%2BqCaMU21m7Xbnq72%2FDRqJQUvi0RxzdEtbIMQuyvR8IIQolov8mdx6ZcNVCORMXkhoGsL1yvU9AfT7Pj3nD4k4k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a55cf67128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=21&recv=14&lost=0&retrans=0&sent_bytes=5102&recv_bytes=3275&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=282&x=1", cfHdrFlush;dur=0

jouwaikekaivep.net/tag.min.js

104.21.12.178

200 OK

71 kB

URL GET HTTP/2
jouwaikekaivep.net/tag.min.js
IP
104.21.12.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjectjouwaikekaivep.net
Fingerprint05:EE:CA:3C:85:6D:8A:7A:BD:4A:95:D9:F4:83:81:AB:79:AF:6D:B0
ValidityWed, 30 Oct 2024 17:16:18 GMT - Tue, 28 Jan 2025 17:16:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
71 kB (71412 bytes)
Hash
bb12715dc3535d3f119e18164d83cc6a
ee33017dc8c162f0e0655744987622a449cd5d9d
c3c606d6aa3b5cf637346347f3c543f2da02f57905106461f0ac39a2469b64ce

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: jouwaikekaivep.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: d3aff141cc52424df59ff8dbe6934988
cache-control: max-age=86400
last-modified: Sat, 30 Nov 2024 12:08:40 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 02 Dec 2024 12:17:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 26349
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wtn0HXKModrU7VEdC1yHO9awpoIClnPK%2BNjrnnDDQ8ZGEhNtirACBMaz%2ByfqwWwOOOKTarCKMDbPeXRyEaQyyykL1breoYr4%2FZVqLfO4M4WOBgtWm6rcsAS5gnX0I4GirMCqhXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a75f91b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17705&min_rtt=17132&rtt_var=4476&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3221&recv_bytes=1026&delivery_rate=230121&cwnd=252&unsent_bytes=0&cid=dc6dbfff52f24d16&ts=58&x=0"
X-Firefox-Spdy: h2

hlsflast.com/wish_dark/js/xupload.js?v19

104.21.66.169

200 OK

10 kB

URL GET HTTP/3
hlsflast.com/wish_dark/js/xupload.js?v19
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
JavaScript source, ASCII text
Size
10 kB (10399 bytes)
Hash
0a753b61e4feca4a95c2a2335a201e1e
050166d99d69b885885d2861d95d040f17985971
cd3a1331541dc0dd5bc347ba986c594707931cc71cf7f73e2c6180e8c2bad239

HTTP Headers

GET /wish_dark/js/xupload.js?v19 HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 2024 06:50:40 GMT
etag: W/"289f-624bab89bd000"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFOxVVxXFl9N4nH0Z8g%2FwPz%2BpNo0vClU%2FXTf0C80L%2FnkUjutp5AbcyDPfJY597yCqEF7gJW0LfWLJ%2BkrmF2BaO1H%2FYCBWMOHKU7z2jY%2FFPpruM2LY8V1v8PD6MDxNHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a55d007128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=31&recv=14&lost=0&retrans=0&sent_bytes=16273&recv_bytes=3275&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=282&x=1", cfHdrFlush;dur=41

hlsflast.com/wish/js/app.js

104.21.66.169

200 OK

120 B

URL GET HTTP/3
hlsflast.com/wish/js/app.js
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
ASCII text, with no line terminators
Size
120 B (120 bytes)
Hash
ffa99c7e3202a8c0e9820d78e7a3c118
b1528344fb8268362b42502f698dbfba2a5403ee
4616f6164a541a9b7295a01908412c6f4e6d1000aa1602d5cacd07a631cb165e

HTTP Headers

GET /wish/js/app.js HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 15 Mar 2023 16:39:00 GMT
etag: W/"78-5f6f2fb2b7100"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X9gfcHwYMOKtgYPyhDbWzioQBiU3pXLdTpW3X84OPRMlw080T%2ByRRTSilZDT8gVKF1Sw6%2Br33qSoIFkQMPNS5jG9a4FglP0T1KA5%2BFS83%2Fhk5o%2BKc8X67TXSntMdaRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a57d3b7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=33&recv=17&lost=0&retrans=0&sent_bytes=16325&recv_bytes=4045&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=301&x=1", cfHdrFlush;dur=47

hlsflast.com/wish_dark/js/app.js

104.21.66.169

200 OK

120 B

URL GET HTTP/3
hlsflast.com/wish_dark/js/app.js
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
ASCII text, with no line terminators
Size
120 B (120 bytes)
Hash
ffa99c7e3202a8c0e9820d78e7a3c118
b1528344fb8268362b42502f698dbfba2a5403ee
4616f6164a541a9b7295a01908412c6f4e6d1000aa1602d5cacd07a631cb165e

HTTP Headers

GET /wish_dark/js/app.js HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 02 Nov 2023 14:32:35 GMT
etag: W/"78-6092c42414f2a"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EBRNP3XbK7a1N05D%2BhCAdqQo%2BjnIB3thV11tyJ%2BSq6YEG3WhViu4czqZfJ72%2FQ%2FUeYk1sD7N7aVBK%2FO2tL9y%2FiccpKBauwRawg7ReH%2FEmkf5grpuF1a57xQCPakkZto%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a55cf97128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=18&recv=12&lost=0&retrans=0&sent_bytes=4221&recv_bytes=2752&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=276&x=1", cfHdrFlush;dur=0

hlsflast.com/player/jw8/jwplayer.js?v=4

104.21.66.169

200 OK

111 kB

URL GET HTTP/3
hlsflast.com/player/jw8/jwplayer.js?v=4
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type

Size
111 kB (111441 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /player/jw8/jwplayer.js?v=4 HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 27 Mar 2024 02:50:53 GMT
etag: W/"1b351-6149b799bbd40"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1148
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pc9FLcFoHU0tpvIn%2BtIshw9ndHMBgqEXGSiyYsAPYSScINu%2FjtTiV8OlYwTxB6rjBWDCxICHMQbseZfbBqD7p8hPojH1D5KavXNS9TWpf6yQuX4IVZitG0bp1jwA690%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a56d187128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=33&recv=17&lost=0&retrans=0&sent_bytes=16325&recv_bytes=4045&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=290&x=1", cfHdrFlush;dur=33

luckaltute.net/5/8544034/?oo=1&js_build=iclick-v1.1016.0&dmn=jouwaikekaivep.net&tt=2&ix=0

139.45.197.245

200 OK

4.0 kB

URL GET HTTP/2
luckaltute.net/5/8544034/?oo=1&js_build=iclick-v1.1016.0&dmn=jouwaikekaivep.net&tt=2&ix=0
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerLet's Encrypt
Subjectluckaltute.net
Fingerprint67:6A:83:BF:7E:47:B7:1C:A9:20:AD:87:EF:B1:BE:27:5E:46:1F:76
ValiditySun, 17 Nov 2024 14:59:44 GMT - Sat, 15 Feb 2025 14:59:43 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3961), with no line terminators
Size
4.0 kB (3957 bytes)
Hash
b3171362938ed284e5f043a8e2619e7c
7d47de2f8ace7ce526073421466de1c1aea4c1d3
b7bc9ed3743c32f101d9e411fcbafe6d946f86562f579760c493757d7ea7ec30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/8544034/?oo=1&js_build=iclick-v1.1016.0&dmn=jouwaikekaivep.net&tt=2&ix=0 HTTP/1.1
Host: luckaltute.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hlsflast.com
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/json
x-trace-id: 436178957925241c5b8034a1e7036574
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://hlsflast.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0081250e68704705f11c3309919df2d3; expires=Mon, 01 Dec 2025 19:37:06 GMT; path=/; secure; SameSite=None
oaidts=1733081826; expires=Mon, 01 Dec 2025 19:37:06 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

hlsflast.com/dl?op=get_slides&length=1224&url=https://roseimgs.com/wanbpkw65a8w0000.jpg

104.21.66.169

200 OK

9.4 kB

URL GET HTTP/3
hlsflast.com/dl?op=get_slides&length=1224&url=https://roseimgs.com/wanbpkw65a8w0000.jpg
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
WebVTT subtitles, ASCII text, with very long lines (9730), with no line terminators
Size
9.4 kB (9428 bytes)
Hash
c2c49820e74cdb9f6b0597382def0dfb
5b9ab9f49fc25e572e975c121e9ae7136e258d72
6ef443fe25d9cb3952f1ca022f8944bf497ede18cce6561f8f1c1b46977d5d9b

HTTP Headers

GET /dl?op=get_slides&length=1224&url=https://roseimgs.com/wanbpkw65a8w0000.jpg HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1; file_id=32705548; aff=20725; _ga_2TL7NH453R=GS1.1.1733081826.1.0.1733081826.0.0.0; _ga=GA1.1.585404728.1733081827
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:07 GMT
content-type: text/vtt
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KlfNej9GnwMzETf9rdbcUfdsgqwGOlJBFu33wN3Y%2F5cRdR64z4ceGlv1pu7egMmCJWY8jerLL%2BJ%2F5e9zThhzYr5SSttZir4w8U4TUYi2sMR1ggwiYlEBn8a6q%2BhdCHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587aa9dd47128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23167&min_rtt=17938&rtt_var=5040&sent=366&recv=31&lost=0&retrans=0&sent_bytes=402644&recv_bytes=5496&delivery_rate=4819286&cwnd=247500&unsent_bytes=0&cid=8dac579383134f61&ts=1222&x=1", cfHdrFlush;dur=0

luckaltute.net/?rb=W7HDYhrrIg4QZbYqWGFILHn8jy3RUpVWJQ6cerqHgLUij4xdwo_hqspIsKUnsp8iLvXEbu45cuHvCC9EPQvwQceNgMfvd5-siNzjHx3UintFGycoO1V7_LiWUxTDu4n_oBQMx1YtGuYFx5b9_fx45R_WQOjW32zooMhI-Q500IGPR-2mtH4pKhWjSSL9o7H4dB9P_jmt4OHaqgyaNaUXiqLCDi9m8f816k8XiKzxYE-pO-ZFvdvQ-H0cTd4dbIvgX52qcyDHoetbNEgAeObcyQ%3D%3D&request_ab2=0&zoneid=8544034&js_build=iclick-v1.1016.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fhlsflast.com%2Fwanbpkw65a8w&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=&js_build=iclick-v1.1016.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=ee98837d-56a1-462f-a2e9-95bd2c783e9b&wasm=1&userId=0081250e68704705f11c3309919df2d3&m=link

139.45.197.245

200 OK

2.8 kB

URL GET HTTP/2
luckaltute.net/?rb=W7HDYhrrIg4QZbYqWGFILHn8jy3RUpVWJQ6cerqHgLUij4xdwo_hqspIsKUnsp8iLvXEbu45cuHvCC9EPQvwQceNgMfvd5-siNzjHx3UintFGycoO1V7_LiWUxTDu4n_oBQMx1YtGuYFx5b9_fx45R_WQOjW32zooMhI-Q500IGPR-2mtH4pKhWjSSL9o7H4dB9P_jmt4OHaqgyaNaUXiqLCDi9m8f816k8XiKzxYE-pO-ZFvdvQ-H0cTd4dbIvgX52qcyDHoetbNEgAeObcyQ%3D%3D&request_ab2=0&zoneid=8544034&js_build=iclick-v1.1016.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fhlsflast.com%2Fwanbpkw65a8w&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=&js_build=iclick-v1.1016.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=ee98837d-56a1-462f-a2e9-95bd2c783e9b&wasm=1&userId=0081250e68704705f11c3309919df2d3&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerLet's Encrypt
Subjectluckaltute.net
Fingerprint67:6A:83:BF:7E:47:B7:1C:A9:20:AD:87:EF:B1:BE:27:5E:46:1F:76
ValiditySun, 17 Nov 2024 14:59:44 GMT - Sat, 15 Feb 2025 14:59:43 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2803), with no line terminators
Size
2.8 kB (2774 bytes)
Hash
490a8162d61251c248906a4a724f8d19
0e1bbae9e0096ebb8f2550b98f7e5e843b97304f
bcf4b0559b2039f9f48103205b40da145eaed36eb72bc8e13a6e854f8a7da0b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=W7HDYhrrIg4QZbYqWGFILHn8jy3RUpVWJQ6cerqHgLUij4xdwo_hqspIsKUnsp8iLvXEbu45cuHvCC9EPQvwQceNgMfvd5-siNzjHx3UintFGycoO1V7_LiWUxTDu4n_oBQMx1YtGuYFx5b9_fx45R_WQOjW32zooMhI-Q500IGPR-2mtH4pKhWjSSL9o7H4dB9P_jmt4OHaqgyaNaUXiqLCDi9m8f816k8XiKzxYE-pO-ZFvdvQ-H0cTd4dbIvgX52qcyDHoetbNEgAeObcyQ%3D%3D&request_ab2=0&zoneid=8544034&js_build=iclick-v1.1016.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fhlsflast.com%2Fwanbpkw65a8w&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=&js_build=iclick-v1.1016.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=ee98837d-56a1-462f-a2e9-95bd2c783e9b&wasm=1&userId=0081250e68704705f11c3309919df2d3&m=link HTTP/1.1
Host: luckaltute.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlsflast.com/
Origin: https://hlsflast.com
DNT: 1
Connection: keep-alive
Cookie: OAID=0081250e68704705f11c3309919df2d3; oaidts=1733081826
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 01 Dec 2024 19:37:07 GMT
content-type: application/json
x-trace-id: e8976ef33beab5bf496f32976d958f0a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://hlsflast.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0081250e68704705f11c3309919df2d3; expires=Mon, 01 Dec 2025 19:37:07 GMT; path=/; secure; SameSite=None
oaidts=1733081827; expires=Mon, 01 Dec 2025 19:37:07 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 08 Dec 2024 19:37:07 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

hlsflast.com/js/tabber.js

104.21.66.169

200 OK

6.1 kB

URL GET HTTP/3
hlsflast.com/js/tabber.js
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
JavaScript source, ASCII text, with very long lines (6328), with no line terminators
Size
6.1 kB (6147 bytes)
Hash
38e8b0be7bbad043ec4b7ab7a8a3c4ed
e3204c599334395a050b0120a2c08a2162bf63ad
2e5f719a8540a8b7ff5ecf46ad8d995ad08231c5d6bce5aadd51ed021f4d707e

HTTP Headers

GET /js/tabber.js HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 06 Jul 2010 18:48:00 GMT
etag: W/"4c337a60-1803"
expires: Wed, 04 Dec 2024 09:26:47 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cf-cache-status: HIT
age: 382219
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHWtZ12MKVjqIaArY1NaOrXIUqUGSv78VynajMCh6G6ve0RbdBwtSfYaI4sfvmzkSJrPvFu36fgFAOPj3qyKeRxG6W71czfEbKPWsfvTk%2BZmvEvgAWNyUAFUpVFUbqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a57d357128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=33&recv=17&lost=0&retrans=0&sent_bytes=16325&recv_bytes=4045&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=297&x=1", cfHdrFlush;dur=51

my.rtmark.net/gid.js?userId=0081250e68704705f11c3309919df2d3

188.114.97.1

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=0081250e68704705f11c3309919df2d3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint8A:B7:CD:87:FA:39:07:A8:88:41:1C:9E:2D:0E:97:51:61:75:C1:34
ValidityWed, 06 Nov 2024 10:31:42 GMT - Tue, 04 Feb 2025 10:31:41 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
aedc808efdb435ef67d8e300ec68411b
1fb4aa51b0f0c32995065a3830df19981c070303
499784228ffd193b8ff1a9354b68299aadbadf885e9a76b3ea067976a2357f0c

HTTP Headers

GET /gid.js?userId=0081250e68704705f11c3309919df2d3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hlsflast.com
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:37:07 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hlsflast.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=0081250e68704705f11c3309919df2d3; expires=Mon, 01 Dec 2025 19:37:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0OGHf7Kz7Y%2BeUfvggMZI17QN678cHule6091Cf7Pz6YWomnyLlpq7FsMt9y5fK82ior8Eb%2F28OCnqmvhuGUKrHbfarhXcnExKYHbJENhMteIL%2FcPa7isbR8qpX%2BecewQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb587abce4656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16605&min_rtt=16564&rtt_var=2689&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3278&recv_bytes=1226&delivery_rate=261371&cwnd=253&unsent_bytes=0&cid=ad1235e5c5650441&ts=72&x=0"
X-Firefox-Spdy: h2

jturq6cd3wcv.premilkyway.com/hls2/01/06541/wanbpkw65a8w_n/seg-2-v1-a1.ts?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304

217.147.172.53

200 OK

3.0 MB

URL GET HTTP/1.1
jturq6cd3wcv.premilkyway.com/hls2/01/06541/wanbpkw65a8w_n/seg-2-v1-a1.ts?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304
IP
217.147.172.53:443
ASN
#209155 Onehostplanet s.r.o.

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerLet's Encrypt
Subject*.premilkyway.com
Fingerprint13:79:CF:0F:38:2C:F5:C0:F4:1A:2D:3C:8F:9B:C1:AE:FE:58:BB:28
ValidityMon, 25 Nov 2024 03:10:24 GMT - Sun, 23 Feb 2025 03:10:23 GMT

File type

Size
3.0 MB (3017400 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hls2/01/06541/wanbpkw65a8w_n/seg-2-v1-a1.ts?t=-ERHZDQ8kXMOZYl_By4n1dArD80_B9HYMkGh7PwRvB4&s=1733081825&e=129600&f=32705548&srv=6x71sfq2g4l07bi&i=0.0&sp=500&p1=6x71sfq2g4l07bi&p2=6x71sfq2g4l07bi&asn=50304 HTTP/1.1
Host: jturq6cd3wcv.premilkyway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hlsflast.com
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Dec 2024 19:37:11 GMT
Content-Type: video/MP2T
Content-Length: 3017400
Connection: keep-alive
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Expires: Mon, 10 Mar 2025 02:23:30 GMT
ETag: "5f693e80-2e0ab8"
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes

hlsflast.com/js/localstorage-slim.js

104.21.66.169

200 OK

2.1 kB

URL GET HTTP/3
hlsflast.com/js/localstorage-slim.js
IP
104.21.66.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hlsflast.com/wanbpkw65a8w
Certificate
IssuerGoogle Trust Services
Subjecthlsflast.com
Fingerprint92:17:67:05:8F:B4:95:54:9D:97:C5:EE:2C:D1:F7:3F:B3:DB:DE:0C
ValidityTue, 26 Nov 2024 08:43:50 GMT - Mon, 24 Feb 2025 08:43:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2081), with no line terminators
Size
2.1 kB (2064 bytes)
Hash
08a1ba68560486fde4d74f0ab0f313da
8f4068b45f2e731f146611d0d7b03d6bb0241876
9993f955d5c1239c7ec7a87a364032c892d0271761871b02b702eb2b632494f7

HTTP Headers

GET /js/localstorage-slim.js HTTP/1.1
Host: hlsflast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hlsflast.com/wanbpkw65a8w
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:37:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 16 Nov 2021 13:32:00 GMT
etag: W/"6193b2d0-810"
expires: Wed, 04 Dec 2024 09:10:34 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cf-cache-status: HIT
age: 383192
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJ4EFvqcGZgvjGcx2vir8ls0Ev%2BUmwX7biz4LtxBRYkyGY9MNh1ZRNGPuAQyC1Dd%2FIh4h%2BHgl0kaQZasRIXyf%2BS3ZYV0BlLc79v8rmf0prXav%2FrRX7%2BQOxVDryhciDI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb587a56d1c7128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26661&min_rtt=17938&rtt_var=12957&sent=32&recv=16&lost=0&retrans=0&sent_bytes=16299&recv_bytes=3792&delivery_rate=32833&cwnd=12000&unsent_bytes=0&cid=8dac579383134f61&ts=288&x=1", cfHdrFlush;dur=60

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL