firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HBUcrMu2sKh7USdrwqoLRBAuUdSUcClH0LAlGozz2GIlOQ9MlnPFWw==
Age: 106317
french-stream.123megaproxy.com/
200 OK 287 kB URL HTTP/1.1 french-stream.123megaproxy.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60411), with CRLF, LF line terminators
Size 287 kB (286550 bytes)
Hash 7791eafeae8b6c18a57a201f53282746
765323dc5f25bc294cb73130aaada3ded015c9c7
9a0f3c7530295aee2a0ce0e48ddc7a9a6043387c6ba5e9a2566268aa942acab4
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kM614NYEgHvoUH7RgMN%2FW%2BOUCpwSIyiUvVI3pkvmvSKaIna%2Fd6uVTQTay2xiFJjuJVCXuO2ijax31oiHRu1r7aCJqx71g6MXzf3M%2Fy4tp%2F%2BP2CNo9%2BT964vaNaBgxKNl%2BtfvmC5TOWfoL50n29MKeQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75616f29ba82b512-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4119
Expires: Thu, 06 Oct 2022 22:27:54 GMT
Date: Thu, 06 Oct 2022 21:19:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11459
Expires: Fri, 07 Oct 2022 00:30:14 GMT
Date: Thu, 06 Oct 2022 21:19:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dLbeNqcFst21ydFyeAJyB2eHS/8bs7+v4FO0HNm5IA6fvGSNGahA5MXjeFUiWw8kKRBWHIX/xOI=
x-amz-request-id: YJPF35N9VHF41VQV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 20:58:53 GMT
age: 1222
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
glimtors.net/ntfc.php?p=2651991
200 OK 5.9 kB URL HTTP/1.1 glimtors.net/ntfc.php?p=2651991
IP
File type C source, ASCII text, with very long lines (14504), with no line terminators
Hash 1609bee48bdf1fd65d6538c2bd4305b8
dfdbfe7c83015676985e72a1a9cbc4590e32c816
3a4ab584d97816bb567424b5fb673c67a5d8ac7ececf1cb4dd4a07fb0b3cf2fb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ntfc.php?p=2651991 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: application/javascript
Last-Modified: Tue, 27 Sep 2022 13:19:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6332f869-38a8"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
french-stream.123megaproxy.com/
200 OK 287 kB URL HTTP/1.1 french-stream.123megaproxy.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60411), with CRLF, LF line terminators
Size 287 kB (286550 bytes)
Hash 7791eafeae8b6c18a57a201f53282746
765323dc5f25bc294cb73130aaada3ded015c9c7
9a0f3c7530295aee2a0ce0e48ddc7a9a6043387c6ba5e9a2566268aa942acab4
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KULmtMoe2AB1DfX4WJDMNuqJXMLAtYN%2BdZTsnu3pRnN6PcvcWvVE8%2BXAXsX5SDwelWwYmwm0bJOB1JwB2T8sJxI9gPFKW8B6urYZmUErgq%2FCV8IzjSYnRzEitds3UqB1V9YXEcV5omKOP4WexaWXfDk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75616f2d4ec3b512-OSL
alt-svc: h2=":443"; ma=60
glimtors.net/ntfc.php?p=2651991
304 Not Modified 0 B URL HTTP/1.1 glimtors.net/ntfc.php?p=2651991
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ntfc.php?p=2651991 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
If-Modified-Since: Tue, 27 Sep 2022 13:19:37 GMT
If-None-Match: W/"6332f869-38a8"
HTTP/1.1 304 Not Modified
Server: nginx
Date: Thu, 06 Oct 2022 21:19:16 GMT
Last-Modified: Tue, 27 Sep 2022 13:19:37 GMT
Connection: keep-alive
ETag: "6332f869-38a8"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
s7.addthis.com/js/300/addthis_widget.js
308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/300/addthis_widget.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/300/addthis_widget.js
Date: Thu, 06 Oct 2022 21:19:16 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
i.imgur.com/TH5z5DM.png
200 OK 1.5 kB IP
File type PNG image data, 94 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash 063ed504acc2ee96cec413d248379761
c2ba3db79e0b25c801ff431539a63d17014533ca
5718709bc4408d9d06689ad12333e3e79299dd44abcf447ca6a5718aedc8a517
GET /TH5z5DM.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 25 Jul 2021 13:23:59 GMT
etag: "063ed504acc2ee96cec413d248379761"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 06 Oct 2022 21:19:16 GMT
age: 3851446
x-served-by: cache-iad-kcgs7200177-IAD, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1665091156.308391,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1476
X-Firefox-Spdy: h2
french-stream.123megaproxy.com/static/templates/ZStream/style/styles.css
200 OK 8.1 kB URL HTTP/1.1 french-stream.123megaproxy.com/static/templates/ZStream/style/styles.css
IP
File type ASCII text, with very long lines (33346), with no line terminators
Hash f7d4abf23442a3578416171d57c8d0b3
2dd906899bc165ddc76a0acb69caaed19dee6b57
20ecdf210b86efe1b2b034125e3917d045cca87d923393b92b41bbd188b2b261
GET /static/templates/ZStream/style/styles.css HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWgp%2BTTtCpf%2FIxlqSxy%2B%2FiYvifU6A67hVuiZPO%2Beyw8JxLHS%2Fnk5VL%2Br4PxpiF7J6djdRf9mlQaBJlLPsFyo8cy%2BEmOl8mw9Br3KIxyihDYaMqTqRT7A97gqvrndsCTWGcl2HHgGNCUdEwInp2rZ46I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2e6ff5b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash e063dc8504121e45a5a94a7eaf3bd924
0e5e408f5feeb5806de402f24ccb00753272640b
d1ec11eeb319e9993251bc74f3ba9c55e8c2e6d9cd992d137d09432952528b79
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D1EC11EEB319E9993251BC74F3BA9C55E8C2E6D9CD992D137D09432952528B79"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13912
Expires: Fri, 07 Oct 2022 01:11:08 GMT
Date: Thu, 06 Oct 2022 21:19:16 GMT
Connection: keep-alive
s7.addthis.com/js/300/addthis_widget.js
200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP
File type ASCII text, with very long lines (54602)
Size 116 kB (116397 bytes)
Hash ab5316902b2331dd2955fa1f46076602
d60979fcbecaf6635ad72347c15a3f1af2c142b1
2d70f3bc72aebbbef72f22141bb174cf948084415815d498cdecf9bc0ab458b7
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116397
date: Thu, 06 Oct 2022 21:19:16 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
french-stream.123megaproxy.com/app/apx19.js
200 OK 2.6 kB URL HTTP/1.1 french-stream.123megaproxy.com/app/apx19.js
IP
File type ASCII text, with very long lines (9183), with no line terminators
Hash 9ea8acd8d74e4f328d558b64219e02c5
156ce99860c738bee0a97dbe9c543a83f4fd5457
cc0dc5bf2c19d0830dd3962179d22ed40f200ecf8dc905a4e64bba0c1ccf9dff
Analyzer Verdict Alert fortinet Phishing
GET /app/apx19.js HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:46:59 GMT
ETag: W/"5f610c23-23df"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXogpG8JuCDsCzezdMzXRaVg1gW5qbRUpUHPXJFvE02Z9XGd3mb%2F696J0ciMzl79hnIl8i1QzHJooqRNFWcLySoT6Zl%2FUVOAGpfG%2Bkug2rBR7myqs4ClcWtdJPQ9RWCsAlVjt6Rzo4aFXgkNXwFg%2Blw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2eac7ab4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/static/templates/ZStream/style/filter-xf.css
200 OK 2.4 kB URL HTTP/1.1 french-stream.123megaproxy.com/static/templates/ZStream/style/filter-xf.css
IP
File type ASCII text, with very long lines (10729), with no line terminators
Hash d9cc2ce18322d5c64c6f67f3745b19db
5320e127b298ed8d738168a09f65fa5780051cee
a1d8d8772fbaac6c36a3fd82eec9dff616730c5759dd2f0f5a82c7b8653bccbb
GET /static/templates/ZStream/style/filter-xf.css HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReXhBQeFV9UK32hWbOtp%2F1PDW%2Bq%2F2PDHMPE7WrnIsDW4tAOlFsF0hZEN25DGCSOwjllY6YbDF0%2F0L6w7HpQ8HcxniXMDqroVhQescy5vtCeaEMKpAamY5hvwligjuR37kv3FHDdXdUqpUpILcLo%2B12M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2eaa07b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
benumelan.com/5/2632704
200 OK 23 kB IP
File type ASCII text, with very long lines (62327), with no line terminators
Hash ca46175d2c2de6a2c678976e5630eef7
f974999c7b4f728f1f4fb8f1e9505ecd40b15687
b5b537d7c7e52cacddbd04aa848cb6cee7ad123f710720147bdd59ddf14e0bb2
Analyzer Verdict Alert quad9 Sinkholed
GET /5/2632704 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: ed6ba5266b64fd127950eec6cffd7434
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=7df1f66e0c674c7b84b25f6a1e970245; expires=Fri, 06 Oct 2023 21:19:16 GMT; path=/
oaidts=1665091156; expires=Fri, 06 Oct 2023 21:19:16 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
inpagepush.com/400/3064505
200 OK 31 kB URL HTTP/1.1 inpagepush.com/400/3064505
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8229118f3164eb84183d521a760f4dab
6261c187af11ac910977dbb7a3e96b244a60eb8c
a92827e1292787a4a3a5bec92ac444445b760bc525f08f98ac8faf4dde79c1e3
Analyzer Verdict Alert fortinet Malware
GET /400/3064505 HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 3230fd939fe4bffa11862aef18482ffe
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=f8be5c4894cc4321984d6eefc8bbc808; expires=Fri, 06 Oct 2023 21:19:16 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
french-stream.123megaproxy.com/static/templates/ZStream/js/jquery-2.2.4.js
200 OK 57 kB URL HTTP/1.1 french-stream.123megaproxy.com/static/templates/ZStream/js/jquery-2.2.4.js
IP
File type ASCII text, with very long lines (65470)
Hash eec8e2562ec696b4885a14875aefc9b1
5a75344fdd4868421301490c94aaf3fe454ba65d
2eea74c84666ba0e2b17d91273e7cc210920195b5bc48f5288ec285ee6c0931c
Analyzer Verdict Alert fortinet Phishing
GET /static/templates/ZStream/js/jquery-2.2.4.js HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8wRj7oWUvpMTZmAP2%2Bb18B%2FRjAi8QLZaZ%2BjE1JqV%2FjVF1A0L7RQOGX%2F0nbgwY3nQakzuJz8zTA13qevRmOd5bWnKxd5SsTG0LKdeciG0kTFJ8XgM6fm1xllKHzt4f7n7aa6S6W0865DMnaqiWMYIC0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2e68ed1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9124d46f96c2f8e98db4149c31d8d52c
7293a8d6f0387a797e345a529d64d1392e856078
5aaad8310ef86f53f4991fd00e46f8663c5489eaf511d6fb452e5efdaf8335eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5AAAD8310EF86F53F4991FD00E46F8663C5489EAF511D6FB452E5EFDAF8335EB"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2422
Expires: Thu, 06 Oct 2022 21:59:38 GMT
Date: Thu, 06 Oct 2022 21:19:16 GMT
Connection: keep-alive
french-stream.123megaproxy.com/static/templates/ZStream/style/engine.css
200 OK 28 kB URL HTTP/1.1 french-stream.123megaproxy.com/static/templates/ZStream/style/engine.css
IP
File type ASCII text, with very long lines (58132), with CRLF line terminators
Hash 9d6f4dc2e64b59b25abd086086a03eb4
29867985e7b8740bb17cf9d1cca5dca1ffdf57d8
222cbb07c39b6f33c4bdb74689ccd9fe832f94296a059aeb90531ad35353b97d
GET /static/templates/ZStream/style/engine.css HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DU8V%2BhpKBx0x7Rydpp3OaWaEwFPgWImL9dhXW%2B2nH7jvfH0AW0AnEqrOCuPQ5FpjcA8obYEq18sWsJT08pmk5fZHGocgSoRSjdBO5e8GAdOleN8yIGjCtasc%2BYBEXJcS7VCPPo3qwH%2B96bnX6gE7Wng%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2e6d900b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9124d46f96c2f8e98db4149c31d8d52c
7293a8d6f0387a797e345a529d64d1392e856078
5aaad8310ef86f53f4991fd00e46f8663c5489eaf511d6fb452e5efdaf8335eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5AAAD8310EF86F53F4991FD00E46F8663C5489EAF511D6FB452E5EFDAF8335EB"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2422
Expires: Thu, 06 Oct 2022 21:59:38 GMT
Date: Thu, 06 Oct 2022 21:19:16 GMT
Connection: keep-alive
c.palama2.com/j/m/qqqq.js
200 OK 18 kB URL HTTP/2 c.palama2.com/j/m/qqqq.js
IP
File type ASCII text, with very long lines (48351), with no line terminators
Hash 27b7ab6765273ce1ef25136811a171b8
761a2ab6e83a522b6be417005e874dcb9512adec
b68857ce544f9024d1c848b64c2925948616e0629a094d60735fafff46443d55
GET /j/m/qqqq.js HTTP/1.1
Host: c.palama2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
etag: W/"603dadf6-bcdf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1330914
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okEVHzhRG7N4VQFAX08EJxI%2B0Plss30NLyZRr4xx07Odr%2B8yRRrPqCTUQmwWa4FkyxSkXV9DTz0OzG7jC%2B%2FjCtsyswNhGkWDpb2kaSNyfWXju6KGVYu80ww87IDEAbCd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75616f2f5cbe0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
french-stream.123megaproxy.com/hy.js?q22q2q2
200 OK 18 kB URL HTTP/1.1 french-stream.123megaproxy.com/hy.js?q22q2q2
IP
File type ASCII text, with very long lines (56131), with no line terminators
Hash f12634066d38736854588dc61b5ba109
623e90c430f1609e59e16407553e2d2ff8882d8e
7ca898a6218b8e61a9a999ffb0c76a9c60f86dfd4353b2496225e6473c72c0de
Analyzer Verdict Alert fortinet Phishing
GET /hy.js?q22q2q2 HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 05:54:49 GMT
ETag: W/"603dd329-db43"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2zdjt3xUrUA48iyayWcPU%2Fe4SUoRSdPSTpJBuvVSZshVCvy9FLzxpW7MXgEIz3Gp3bsgMJoPUoleWSFC3bjq8NviO%2FaCVbQo8GTZTpbWj%2BusCincmN%2B3nJ2pI1igmfgaiV0mZ7KHFF%2BHE6ggmXOdjs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2ef8acb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=french-stream.123megaproxy.com&var=&ymid=&var_3=
200 OK 705 B URL HTTP/2 glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=french-stream.123megaproxy.com&var=&ymid=&var_3=
IP
File type JSON data\012- , ASCII text, with very long lines (704)
Hash 51f7ff6b6661d6d302f90cc270d850de
018bb61c1d2b9897add8599742037a69f7816f78
39bfd2f670200f31a92aa0445a09408522a7be8b371c61fd234140533e194eca
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=2651991&is_mobile=false&domain=french-stream.123megaproxy.com&var=&ymid=&var_3= HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:16 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: cbed066ff611914b04681a8de53fa85e
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
french-stream.123megaproxy.com/app/apx14.js
200 OK 2.2 kB URL HTTP/1.1 french-stream.123megaproxy.com/app/apx14.js
IP
File type ASCII text, with very long lines (7663), with no line terminators
Hash 5fd0d992c153321728eef72725f9e2f1
11af100c190b0c91d3126ca0c792aa6cd3954897
f39352e9834fda1868dab410b72a2850f516686f140843e9f0eef835be503330
Analyzer Verdict Alert fortinet Phishing
GET /app/apx14.js HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:26:19 GMT
ETag: W/"5f61074b-1def"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=me0Mg2X0MymMyr%2BuLId85jEZteqM0evzbItbhXHjjp7BHz%2FKFyHi8Z79ZeSWCWMkrr89iGNrjT1Q9p1S%2FIq4RrdWrJpU%2ByvbxYU%2BubPEZSHhmfSmm9oFPmzc%2FUvu02MyUUnqUdrYfaGGveSggU1GUZo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2f4ad0b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/app/x12.js
200 OK 3.0 kB URL HTTP/1.1 french-stream.123megaproxy.com/app/x12.js
IP
File type ASCII text, with very long lines (11180), with no line terminators
Hash 7f0c811d15a31a93662cfa30df4ef5ea
3f5b8f499bc7f50d2315eadc7cf043d317b60b95
af3050874dc2886642989014b75a7b4734239520ee7d36ea06d4527e41d92beb
Analyzer Verdict Alert fortinet Phishing
GET /app/x12.js HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:26:18 GMT
ETag: W/"5f61074a-2bac"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZOcDCr3y61orYLgQkCktCdkLDZhAR53rnWp3GHKJ9676Ka0jaRAK0InRGArp%2BzMc6aTHqyfooq4ZYDQquF2v87A%2BoG6R4HWy8dFRgW8%2FCQ7KjDixCs6JxDScjJKMY9zdEXfstpBXFdMGvkazg5R%2BHA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2fb9ec1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/zpp/zpp4.js?q22q2q2
200 OK 14 kB URL HTTP/1.1 french-stream.123megaproxy.com/zpp/zpp4.js?q22q2q2
IP
File type ASCII text, with very long lines (38995), with no line terminators
Hash 3c741ddc90399bc2910b2cdc0a826716
163182c6b04f146fbf6de424ead05c91e59e3c51
e6753c7588e28e17f44aa00cbe8c314de3f2bbcb8e892a439eed11dd989b1d84
Analyzer Verdict Alert fortinet Phishing
GET /zpp/zpp4.js?q22q2q2 HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 05:54:51 GMT
ETag: W/"603dd32b-9853"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRTMQIqygPdDUd5srjlNGLgdCbW9B318sEQQSXOeAhNojHn2k5goj2Fbe8HDKl8rb6KJ5wBZa2oN9mqFTv17c0jOFiZks4f76PVtNZsG1WwZERs57OVzysof6PT%2FLJAiF2CI3W7Nd5%2Fd9YGX4RWWT8A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2f4d20b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
french-stream.123megaproxy.com/img/poster/escape-game.jpg
200 OK 7.1 kB URL HTTP/1.1 french-stream.123megaproxy.com/img/poster/escape-game.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 154x231, components 3\012- data
Hash 494f6c6084d5f4569785048c12a61ab0
b46a466c055a411b1e846866ab74cb988089ea0e
d3512f2370e6477d005598123e4d0ec6c971046936aad9a178e4b75121ae6eef
GET /img/poster/escape-game.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00VzEk3mbFgER9o4EzbTb%2B%2Fyz95K3wFZmxNajUesNah0Fd83fFi%2BtD8Qs4ug3Hm7tcSUoUNb3kfhuzyIuefhTf%2Fuh%2FD8JVKNBtPO%2FL3QVQnJb7PT666MWBGLhs1jIOuBP5l4SMARDdqYON%2FjYhhJ8qM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2feee5b529-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 20:29:41 GMT
Expires: Thu, 06 Oct 2022 20:54:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IFNxCQHeF_WBBRD8WhZnQsYUh1TbCHmFieyUi5HYiPfHAFTFhWsc0Q==
Age: 2975
french-stream.123megaproxy.com/poster/marcel-the-shell-with-shoes-on.jpg
200 OK 14 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/marcel-the-shell-with-shoes-on.jpg
IP
File type JPEG image data, baseline, precision 8, 279x402, components 3\012- data
Hash 9faa69f4de599c525e8d8e5bee6a39bb
49d1ab97d9dd611283485e50a20fa6bd2673e241
f021b547e2cd8f74e61ba61a955ca2aaf6078e0bda19f615f1e433793416d580
GET /poster/marcel-the-shell-with-shoes-on.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6aU7%2BOtdyPFjCZehAc5QaBUPxXKT%2BVU1OUSUV8ych1%2BB1QA%2B%2BClCpteM5DTnNS583IiH2dorpE9%2Fqflh8VtGypOtdJz%2BcU6TTig8E6hDvR3UimDuX2Xvrf8A2PRFErLeJ4n0OZ8oR3oxkU73RpHmSI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f2feedb0b51-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/fullmetal-alchemist-la-dernire-alchimie.jpg
200 OK 153 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/fullmetal-alchemist-la-dernire-alchimie.jpg
IP
File type PNG image data, 250 x 350, 8-bit/color RGB, non-interlaced\012- data
Size 153 kB (153277 bytes)
Hash e43651550e28a1bf25e6893c15046426
0a7529cdcc5cd5025725b4ba32418e7ba54dc027
8a06e96caf18793637b2af60c0594d3ef45306fcf1ee27507835729aff177c38
GET /poster/fullmetal-alchemist-la-dernire-alchimie.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMhc07HNL0KpVQ56pnpG%2FL3eKDsQ%2FWfb6v3%2FAZb0LRUi61gXogHYEi4r4kfHELzWEKKT%2Bxs7zcngg9PE1L80Y9OZfqF9B%2FldcTiJmp7QZPyIUL46v%2FKBuQEIoS4V2NFnM0CveTD%2B6a2qvMVsSXBm%2BWA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f305bfab524-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/margaux.jpg
200 OK 109 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/margaux.jpg
IP
File type JPEG image data, progressive, precision 8, 535x791, components 3\012- data
Size 109 kB (108619 bytes)
Hash 1c920082a083ffd24820acc23af8f59b
4aefac1ae104ea34380a2c4cf1273d32f77b5c0c
7772287934bd00a49ad396b8c77320a1184229e6da90ffc09ea2eeca6e5cdb5b
GET /poster/margaux.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MAlK5Kj02lHSjwcZ73z3q6t14MzYrs%2FPI7UsyW7TwpMmjFtps60cPSN4Uq55EFq%2FGF7gcYwEI9zzN1uIAU0pLM9WtKmWc5qc46%2BRu4C1aO2Fso%2FrrnsyRFQW5KEmd35nNp1RrY%2BeIfMsEwiwEYLT1k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f306e51b4f4-OSL
alt-svc: h2=":443"; ma=60
matomo.hellohi.me/matomo.js
301 Moved Permanently 169 B URL HTTP/1.1 matomo.hellohi.me/matomo.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f3099a531821c476589c3d2d00d53772
8e539d05a8355d6835a56f94b75f405c6e55f6f3
a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
GET /matomo.js HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.js
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 195
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jh5LKD%2FWqmO4Gc6fC72yz1p5nfdGnFoOtMOr%2BZ6peNOEYW8mozzgI4Lvs9XOr%2FBagspHbTjQ%2B%2BPx66v9WTeWHRWR7FwX9TiINehdq7XuedgcRIRMANRkHpPcUCtSZWFGB46JOA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f316b6b0b61-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/the-fury.jpg
200 OK 232 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/the-fury.jpg
IP
File type PNG image data, 330 x 480, 8-bit/color RGB, non-interlaced\012- data
Size 232 kB (232088 bytes)
Hash 843b6e1b146e73c78553600757ff372c
e0631574a979a4ca0d4f09392e2617a12da2d59e
9fa69ceb404ee45449982d0a3bb3bebab07e2713a8dc79b668b3b6a3d8f8542d
GET /poster/the-fury.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2l4FdOXPFM68PGNq6nqzLwcldDYcceImzRnEt5l6D6OMNlyGGq4lKG4HVRpSQ662baRW%2FL%2FA6EFrBCN4E7w6YFlIlRFvUMvQ3wvNQC6ct3l6R13q1KJDZPJg2qivtRZJ7MZPhx2AmkNsVfuvCygRA4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f306a8d1c06-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 92708
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
french-stream.123megaproxy.com/img/poster/happy-birthdead-2-you.jpg
200 OK 5.9 kB URL HTTP/1.1 french-stream.123megaproxy.com/img/poster/happy-birthdead-2-you.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 154x231, components 3\012- data
Hash ac9c50c245ff0fa5bb87398b24404953
3345f2377faad2d49ebde18d195568e658164e66
d43bdd909502aae879049c77eff8a65e88704cdd4be63d5db55fe5ead5d2ca67
GET /img/poster/happy-birthdead-2-you.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZCl%2BWzcZKwZzUNK1BcpWhZmYCazbybpNmTT%2FLvuj3kvsVXfvGbeC96ANtwmJjYpiBoEWbub775ccOy4VBLrnJq0CqtkoDmISdffen8woEBraG%2FrOwSOZ1EKKSe02OYXjcL7rloNXHjYXf50QkcYDVY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f317f4cb4f4-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/static/templates/ZStream/fonts/fontawesome-webfont.woff2?v=4.5.0
200 OK 67 kB URL HTTP/1.1 french-stream.123megaproxy.com/static/templates/ZStream/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Analyzer Verdict Alert fortinet Phishing
GET /static/templates/ZStream/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/static/templates/ZStream/style/engine.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3sbDr%2Bx2ZvQRPjQXEmcFz3xfzXNlmhxO09iyATcOx8T2c9mb386SldFbWg9Fhz5d03VScJr1spBh5%2BWl11XK0AZw3Y%2BscExBiKUS1IsLZjTWBzhvu0tj%2Fbay4z0c6CtQaxXOK6Mcxc%2BPSyUe%2B9l72g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f30dfd80b51-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
french-stream.123megaproxy.com/img/poster/sang-froid.jpg
200 OK 9.3 kB URL HTTP/1.1 french-stream.123megaproxy.com/img/poster/sang-froid.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 154x231, components 3\012- data
Hash 92b96f046dac182578dfe8c17f91505f
72de4276d462e7870d177791f0214e871d59926c
fbbde442108dfa8a5e22e5dcabdc043dc6660c072bbd050819e474b8f35dcf9b
GET /img/poster/sang-froid.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FizP2tkUcvviEJMoy8nhDD4hdD0U%2B3kO%2FETpJewY43NEhFM3DQS1MfQzfR5cEDufvI4tpTzuAQ1Ox7ElxUM47rSL1%2BgCh%2F8Ey4%2FsZqTwQKtDAjCnvBQw2qR6iETnej6T8D5ECFKnitLwAoRShZSmIQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f319bb91c06-OSL
alt-svc: h2=":443"; ma=60
benumelan.com/42/38?z=3372123
200 OK 0 B URL HTTP/2 benumelan.com/42/38?z=3372123
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /42/38?z=3372123 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: scm=1; OAID=33a568ccbe1c4b2e846dfc5122b49daf; oaidts=1665091156
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:16 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f66983932e37de97754dec8cac252938
access-control-expose-headers: X-Sc
set-cookie: OAID=33a568ccbe1c4b2e846dfc5122b49daf; expires=Fri, 06 Oct 2023 21:19:16 GMT; secure; SameSite=None
oaidts=1665091156; expires=Fri, 06 Oct 2023 21:19:16 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
french-stream.123megaproxy.com/static/templates/ZStream/fonts/LeagueGothicRegular.woff
200 OK 30 kB URL HTTP/1.1 french-stream.123megaproxy.com/static/templates/ZStream/fonts/LeagueGothicRegular.woff
IP
File type Web Open Font Format, TrueType, length 29856, version 1.0\012- data
Hash 5e7fcfe04de0fd9ac9a2d8ac4fa9dc0f
4a484305d7c70be550bd370dfcf696783343f8a5
96ac9072d217c5546604ecd9f18f7dd6c8abacbe89e7131f487469121957ed08
Analyzer Verdict Alert fortinet Phishing
GET /static/templates/ZStream/fonts/LeagueGothicRegular.woff HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/static/templates/ZStream/style/styles.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZwtXkry54gXD1zMUUsODXBa9OwUqA%2FI4lNvMt0BGiS%2BagPWbNAzAD5SGo2m2WibWoVWVlJdMEG8kGKSUFWK3pDxcCjEULvM4mhHU1AY71rh99OOY0KFwGQ02SapjZ%2FyC3gw%2B09PbXa8C7gWHSY3BVg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f314d14b524-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 471 B IP
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6565
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:19:16 GMT
Last-Modified: Thu, 06 Oct 2022 19:29:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
french-stream.123megaproxy.com/img/poster/captain-marvel.jpg
200 OK 12 kB URL HTTP/1.1 french-stream.123megaproxy.com/img/poster/captain-marvel.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 154x228, components 3\012- data
Hash 4e5f9b6c9123a56ee5c373d8adc5b5a9
d721c45187a7e932a72aad599799873601b42508
0dbe6c67f0ce6fcd04558419c8f3a951e0065e47e38109659453d1175141650d
GET /img/poster/captain-marvel.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vn9CBT4e7E7wqJ236Iz2Cv1R04g9THvZsd0jbe9WUhetouYnkweuB0ty6QOu6utzAp4FukTDH4oI2Gc2Sd5djjVGZcBXI%2BriEXhCNg76gFAoOPeHA2d6X9g30jjQOR2oZB41ra7aX1REBtrC%2F20HWk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f3218f40b51-OSL
alt-svc: h2=":443"; ma=60
borrowdefeat.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
200 OK 13 kB URL HTTP/1.1 borrowdefeat.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37155), with no line terminators
Hash b9002a5de9bb9dd9c552cd0ee2255c49
186d7c9ab8317f5c021c0cf936d5bbe7e7b566b1
3a15b79c2927b46f5e120db75c54173e4da1b42ec60a25a85d44cf80160f6743
Analyzer Verdict Alert quad9 Sinkholed
GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1
Host: borrowdefeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c0e4155f94c2ed7d8d2e6cae3780acc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
french-stream.123megaproxy.com/img/poster/shazam.jpg
200 OK 11 kB URL HTTP/1.1 french-stream.123megaproxy.com/img/poster/shazam.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 154x231, components 3\012- data
Hash a44e53224af3b167050ab064e348f72f
83837932afd21b47c4b538e3df54c651b6c8f8b6
c24987805f05172edf27e5c92da5334f00dfb1268226f71c16f9abb8c5ddcafe
GET /img/poster/shazam.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2VMOcHOQZwvWK%2FU7lyLdzFUZrG9rO5ezmYRWYqXWB5P57ZWrwNPNLQVv2yUATmxojg9bo2uIW1eep9oRYuuJJP86EuGHKswDTz0sLESMy9okeFrTeA4c9VSYt9FLWxtovBTMySkwCgHXD7myD5Y0IA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f322c201c06-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/pokmon-les-chroniques-darceus.jpg
200 OK 36 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/pokmon-les-chroniques-darceus.jpg
IP
File type JPEG image data, baseline, precision 8, 320x480, components 3\012- data
Hash 3889a2c2565daa6d179474f68b58be6f
ce65598b830940cfdf01b76fb2b7470e8e2a5942
99c80c5988fd81f78f986bdfc029dac413229bd167e4910b2df2db171c4848e0
GET /poster/pokmon-les-chroniques-darceus.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMFjINpMj7kcd5Edo9aAlyPBhCSKyPLZ0EwzzuGImCErTq%2F7z5ACpXAeFoQelEyjCHVuZnWKjkRk%2BMdmnEANK9KmOCSwlIxqbPkaf7Y%2FKKyqLWgvOtEMozzfnr7GaO1Oh9fB73SzMC%2FVvqKIPHIgSWY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f322de5b524-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/img/poster/avengers-endgame.jpg
200 OK 14 kB URL HTTP/1.1 french-stream.123megaproxy.com/img/poster/avengers-endgame.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 154x231, components 3\012- data
Hash a13dba05851bc5030608dbe4da91ffb9
feb680cbdcaf5455caf242bdd57c86137745d154
2398ecda02df35c7843de9f698d6289330c4d6e9db3625aeacf23ad9f714349f
GET /img/poster/avengers-endgame.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZVgcdJFtcX5VJ6S5xERmDxhz7lj%2BjCcWyobMab947lYDhJu%2FFaQ53%2FaE3Gy1LHEQdjAdA%2BBLjkgo0S5crDykLyrlec398xsXOTY2rjC8MWaNjrYUhhbmydYnucFMJcKLbJVGOQ7M7yiJxZR3ak%2FSnI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f320fefb4f4-OSL
alt-svc: h2=":443"; ma=60
glimtors.net/ntfc.php?p=2651991
304 Not Modified 0 B URL HTTP/1.1 glimtors.net/ntfc.php?p=2651991
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ntfc.php?p=2651991 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
If-Modified-Since: Tue, 27 Sep 2022 13:19:37 GMT
If-None-Match: W/"6332f869-38a8"
HTTP/1.1 304 Not Modified
Server: nginx
Date: Thu, 06 Oct 2022 21:19:16 GMT
Last-Modified: Tue, 27 Sep 2022 13:19:37 GMT
Connection: keep-alive
ETag: "6332f869-38a8"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
french-stream.123megaproxy.com/poster/lou.jpg
200 OK 26 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/lou.jpg
IP
File type JPEG image data, baseline, precision 8, 320x480, components 3\012- data
Hash 04785eeab6c31267db428750fdbc4d99
cd3af0aa832bcded3b57ab1ab2ff4dd59aa1ef0c
684e5989bf1e8e25435b2d1f4beb39935206606f8a2fac96cbb1dfa8492b35ba
GET /poster/lou.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dq8ux8SaXo5r17pkHhde6ZNEqWBbVj6PMs6%2BU6MBvLOCJ0SvGUcQSifSRCI4Hapg3uCPFoiXb6%2Fze3YSjUgXVAOxUDqy6x6X00zAjf0e121Q1vxWe2Yfeojcf0WD7PVjF5F79rt%2FCmXdLiwqzjlPCos%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f3279360b51-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/helper-js/
200 OK 1.1 kB URL HTTP/1.1 french-stream.123megaproxy.com/helper-js/
IP
File type ASCII text, with very long lines (2612), with CRLF line terminators
Hash cf93f13c4f2bfa57c7bf6e29db3f5a0b
658305c6d1926e69a67ff7b0e30ce38c32b83b5a
68728f300804447b83934c858b9d82bca05bcefa0c7835d100b3eaf24ca71a3d
Analyzer Verdict Alert fortinet Phishing
GET /helper-js/ HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIu1W9J8YPPGvq%2BspDSKrD0dzHcTsyK1YDC3LyjIYwtfEPtsMn6v4wG9%2Fz8pXbkHw%2B6eVR8gUma2U47TMPPCa41o%2FVh2ichRrAyl%2BhJKAoH4kTB0WHO1dSzG6DJTyQ4Zxbj6HhtZHqvf3dgwruRb3Ik%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75616f32bc9e1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/la-machine-infernale.jpg
200 OK 422 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/la-machine-infernale.jpg
IP
File type JPEG image data, baseline, precision 8, 1000x1481, components 3\012- data
Size 422 kB (421929 bytes)
Hash b49ff96c239d3f8771fe59c6d0772695
57822fa2d226d52feae6e9ab9ba59edfad9852d4
7e8e93f6a938e099c493e3766da9d7c6145f31217b51ae35fbaaaaab6577d89d
GET /poster/la-machine-infernale.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCryIrihykElZPhc4VeRD3iF0v1Qetv7LuFYbh%2Bjoac4Hq%2B%2FD1SXMX3a9qEKLowC1WYFAtIHNM1oDqVnspjSXSzzZX2prVaIhVCgTGHz%2BQDEYUrUFgS0snrybs4T%2BQin0sg2Iik1CkNDC0daCxwbXlE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f307f7fb529-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/athena.jpg
200 OK 16 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/athena.jpg
IP
File type JPEG image data, baseline, precision 8, 332x480, components 3\012- data
Hash 61546726d3674fbd22487233461ac054
b9ecca8f1c14493d5cc4cd0056f3a5a4b82b13de
575faf4fc9df8c8ad63237b9aa0b9ed0b975a6df3395a22a13fa02ee82c23bec
GET /poster/athena.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7d7Xu9dR0BsQvvpHvqJnmCZ%2Fn4xfD3E4Szr8GEtYdLT8avCLqIqBvX2Yx6DZs202VVmTPv%2BiJ3WxOZP%2Bbx4UkY0w8tQ7dzD1NVNg2y0UI3oqLQMfN4as8Bzl0iEM%2FMEh0jeqNmAKk9nXodakUn1uUE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f32ce88b524-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/after-chapitre-4.jpg
200 OK 24 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/after-chapitre-4.jpg
IP
File type JPEG image data, baseline, precision 8, 320x480, components 3\012- data
Hash 0fbb498ddade25891c250507c731a36e
fc59c8d9874eaa1ddb9e2ae3643eb878bb17cbbd
fc1c6a02904f338051bead186799982fe518c7f51c1b64ab9ce5c56ee79febc3
GET /poster/after-chapitre-4.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyV1T07KK%2Bu1PVy2o3zoGAGhfUPzByiQXh6BfZyFBuKMOHqglTFachUdZxFu9zbetEB9AaX8LEUWIbwD2krsdi%2BWcbbragsyNeUhJQ1QDZ%2Bcg7JWaxHow73a8L5WDkb9mIMGXVh4zs9HAMIymyw5hV0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f3329b00b51-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/a-jazzmans-blues.jpg
200 OK 32 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/a-jazzmans-blues.jpg
IP
File type JPEG image data, baseline, precision 8, 324x480, components 3\012- data
Hash f85934bd5df7c2d59aa08ed47114c93c
c321953c6cd50b03dec2ea68d9631219e86a4d32
6575325546e343ab847ca68ff05375ea2a6b6eb92aac5d8da572b262225c5b49
GET /poster/a-jazzmans-blues.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMGEg79wfU%2FADNeBaN2vs3RW5tw1Nciqo7LRXp9O%2F48fx62NxVHO6MCd1gPT25i9%2BV6Zbm%2Fp%2Fv0fQ%2B8JDXPp4C0KLCJRXQabGJIq6gxBlLWwwasr8lOW8aEy2KjRNeZeWxvqxfY5ryGWbGDgwmORj5I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f32f8d9b4f4-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FzhGk7sGPCqFUOEH/tgLRw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UtMuYoYrRRE9oNEWc/x0PWm+o2Y=
french-stream.123megaproxy.com/poster/the-daughter-la-hija.jpg
200 OK 19 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/the-daughter-la-hija.jpg
IP
File type JPEG image data, baseline, precision 8, 336x480, components 3\012- data
Hash d1bd199f0c14fc4650c49deff06cb888
0714f1647727bc54a36fa4b3a60d90b6e9e8cb09
7bab8705a8c2001b02e9b7813edcd17d6edd64caa1d6f452b0e5ca984093fd9c
GET /poster/the-daughter-la-hija.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qhf624xMbjJKGwD6JZGRJ3SY30%2FmHkrExkSCC4S9QD35y19DitlXv6FGm5xd6JUGz6ilfOWp85vqekCCFhI3rpoug1xZ2rrWPI9n42vKJqvpmWGkejq4QifGXWhsRgqMVXCx4MU7YQ6X%2FGIokNL4k0I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f33baf8b529-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/meet-cute.jpg
200 OK 35 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/meet-cute.jpg
IP
File type JPEG image data, baseline, precision 8, 324x480, components 3\012- data
Hash 1d8268b3c811308488c9d47307aba5dd
455920053b844be0f2f974696f3465012205780a
410df73f85fe4d91dd14273693cf0e4c2e36955836dd81b55ab208a096b70e0e
GET /poster/meet-cute.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLZwPsillchAZfVWRMsd3aRXtQiAPd0kgc84rRyx6IV89urh0bUyT75XidQjJxEKX0hTQB5Jk4CfRHxXFHPd0o3PSyv%2FGDRMAC2Vvx%2FU3ofSC5KTcUsr792euG8AD3Tr1fD9LSk%2BlB7desXO0mlN1KI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f33bf71b524-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/hors-du-monde.jpg
200 OK 181 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/hors-du-monde.jpg
IP
File type JPEG image data, baseline, precision 8, 1000x1334, components 3\012- data
Size 181 kB (181116 bytes)
Hash 6f5126b6e4ab785793a1753fa196a746
3c8a25a854f70af0d9c29a4f3c724d410fcd26bd
2e9e0a3f72cde52f457c54a4246d59327d1ab67a0f4bd6df632219d77d84acf6
GET /poster/hors-du-monde.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzT7ZSwgtB7fEgOcXnC3rtplVY%2FDscAedwq95KE%2BHPKnbpW4yY%2F3YTZslMlgLk4XxcqbSLDpsvhzieuOXpyPWWBlycW%2Bm2WOMAG30X8LJP241eLg%2BtusTBN7MIY%2BwO%2Fe3f62Fp2qltfB1itaeqhviao%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f33ba1e0b51-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/lt-nuclaire.jpg
200 OK 34 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/lt-nuclaire.jpg
IP
File type JPEG image data, baseline, precision 8, 353x480, components 3\012- data
Hash 28660717eed931b5f430885065835944
5eb32748008e34d1caa75ffde85f7638ada13780
c14f0219406615e294e467c55f36f8d8ed93a53dec7675d0842e6ac0355726ad
GET /poster/lt-nuclaire.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHF96k5d1dZsXslL4PmBior9pGr6%2BzCO753srWGINEVDzgS3KiFFmbB3zllIo7v%2FEuGdCGiDIZ8wPQyflG7jjXcbyGQv1o4Cx1Y6VpWZAZZVkGAzemcfHsysxfWSoN%2FDlk6sAzneWUth7WA28b7HamM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f33e9d7b4f4-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/jujutsu-kaisen-0.jpg
200 OK 39 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/jujutsu-kaisen-0.jpg
IP
File type JPEG image data, baseline, precision 8, 324x480, components 3\012- data
Hash 37a66613093958ca2fd230deb88a6594
618b7d7051771681daeba577941e75e243534600
1a09460565b8a641e31e4a56ae8d1161f59fde746a6917eb633d4aeb1f222c4e
GET /poster/jujutsu-kaisen-0.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AmTcoNEqqRwcT3GIVNOFUD31N%2BWQW4R%2FQHSC8F7esbWZfXHnmk%2Bk25%2BJ4W6RtbOOnYnizaX%2Besm4nZjytP%2FntejC6EdTISmSfmH8kgV0QR3IOa%2F9%2FIZa795iRaAY7V8x2N9PBiElttwfiff2xD8WrA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f344babb529-OSL
alt-svc: h2=":443"; ma=60
dozubatan.com/400/4495524
200 OK 31 kB URL HTTP/1.1 dozubatan.com/400/4495524
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2cf3e7a098dacd69eb1a7a8b8060203d
6fb9bb6c4faa2f8452486ece0fb4aedd41a8622c
5de4a98a4882fb66c83af4dac78373d6d90f8ceed7d20f37131d2eccd0b01eae
GET /400/4495524 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 6ec9f40b5564f7bc78c533c382c882a4
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=c3a29204a5d24ecf973d92f24e526286; expires=Fri, 06 Oct 2023 21:19:17 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
french-stream.123megaproxy.com/poster/mortal-kombat-legends-snow-blind.jpg
200 OK 764 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/mortal-kombat-legends-snow-blind.jpg
IP
File type JPEG image data, progressive, precision 8, 947x1200, components 3\012- data
Size 764 kB (763856 bytes)
Hash 11eb71e46ba28dfc51752d7302862cce
ffd670a7f27368d18f264d96ce5bf7edcbb0ddf0
c8faab3c812e20bafe028d90722400b5aa36cebfad471fc06a93ae73db3b46b6
GET /poster/mortal-kombat-legends-snow-blind.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:16 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:16 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ax3DJXhmpxhQ%2FWRvC67s%2BPVXRbMePF4DShnQMvgPHc63jVhCooUSbvJidpvGObWfQ0IJaujZokt893%2BSjzQ4imMI0XIhk6u5oFSx0K23B270V1Br2WepJxY8sO47j1r8GLsd%2FoSfB7AIAxx7j2FZJc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f302a0bb512-OSL
alt-svc: h2=":443"; ma=60
benumelan.com/5/2632704
200 OK 23 kB IP
File type ASCII text, with very long lines (62347), with no line terminators
Hash 6479c47cce508314f43afff7f261e65e
a840fd4715e5f217fcea75bfc8671640d85543be
a57e29b77209bfa5441eb8b662193ae061d26d6ce94aec01f1a62005b0f928b1
Analyzer Verdict Alert quad9 Sinkholed
GET /5/2632704 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 916bfd4a3bea101b61e1fc4e7a51d1fc
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=02a75041a29f4dff92c6d0a4a7baa141; expires=Fri, 06 Oct 2023 21:19:17 GMT; path=/
oaidts=1665091157; expires=Fri, 06 Oct 2023 21:19:17 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
french-stream.123megaproxy.com/poster/supercool.jpg
200 OK 35 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/supercool.jpg
IP
File type JPEG image data, baseline, precision 8, 310x420, components 3\012- data
Hash aa069305580ccff26d3a84f6000335ab
a305bb50f7b8267090731ae7d664c8b954e578c8
bf0605b00e76f9d460bd6188a9ab967275ce1d9dcfd6f247044d342253421ee3
GET /poster/supercool.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUOfFO01GBL3LOVRv4QSwA46DFpyxbbE4V%2BjF9CSQ5GCMOu6bAvGBJHGpGhnNgGPvEbEnxUig3dwoUmMgGnVoNBFQEBwGMvrgW38vpJG7YUQN9FA9%2Fe3vJW8tAff26H3XsW56qSgkDNwVXFHq%2FREtYc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f34cad9b4f4-OSL
alt-svc: h2=":443"; ma=60
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5690c00c386c753af6de22646db06434
aa5b0574bf8aa58bc5608d593e7dcba23100b454
741af8ab8cb30aac3a08fe0ae823577cb602c717416f9bcd52cef5b830b5fb0e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 18:25:20 GMT
Expires: Thu, 13 Oct 2022 18:25:19 GMT
Etag: "aa5b0574bf8aa58bc5608d593e7dcba23100b454"
Cache-Control: max-age=593761,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75616f352bd1fab4-OSL
french-stream.123megaproxy.com/poster/simon-coleman.jpg
200 OK 758 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/simon-coleman.jpg
IP
File type JPEG image data, progressive, precision 8, 1200x1600, components 3\012- data
Size 758 kB (758446 bytes)
Hash 9cbac00f0cdf7e55c76257d397a5c369
2f16c3235c8b6d5800406e0c6d719e92caa2b81f
56f543281e23cef071a4f23bc52f6be1994df062b2b1726ed9dcc428c41871be
GET /poster/simon-coleman.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnSlg3gnF46N4WDNT1rLQwvs%2BqreKeouxSkcFj7obvhW8G44%2FtEwaIX9TRPT6o9Spr3aN60BO0NKHyWHO2cANtBkop8J4i2lMi4DjLbcI3Q2SXMEeQOFEpcGEubt9pzMtbqOWpLwrYmBon%2FqbVuheAk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f333d831c06-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/freda.jpg
200 OK 17 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/freda.jpg
IP
File type JPEG image data, baseline, precision 8, 320x480, components 3\012- data
Hash 364850e09ab299d9eed132a553dfe354
d39eaec04a16dd13a88efdcf1b1989b87e98c684
1aeed41613abfd7a99f202825bc154e8c4bd17ad7524641dc5f60578b1930354
GET /poster/freda.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80KjJ9tDvirBbVHUyy3G84KRnOe0WJ80fYI6qPBCdSBtqJRg3912HOubqKKZOfWd%2FdKuWEO10rWGJkGXCVYV8EhF3WM1Ku0ioostfkq1kcmC7YWv3sa1yfxWFbacA1lvKWM4DRi81pWvPVJdiUCJwOc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f34dc41b529-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/coupez-.jpg
200 OK 46 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/coupez-.jpg
IP
File type JPEG image data, baseline, precision 8, 362x480, components 3\012- data
Hash 542f515ef58d66111ccfe44d12e0071a
5bfbd1f6c72a7ee06f80d6bbd6f24c09aa1f5ec9
990ac78a7a3c67710b8314aeaf69040dc5a4eb5a7f298140e84ddfb392e9b1ef
GET /poster/coupez-.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EyvYzhBHO4%2FnzTPieGoVsh6Abgxq1RqDZFsXU3rYWJy4JHm801FZvvdbfS43tGJbxDSRvgxyiH5l65Ov9O9kV64HDUJufSUms0zWhrKk8V2Jc8A%2FOFFvx2GXPOCJisx97I%2FtUS8m8lCDF0LwOwi9IY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f34884fb524-OSL
alt-svc: h2=":443"; ma=60
my.rtmark.net/gid.js?userId=7df1f66e0c674c7b84b25f6a1e970245
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=7df1f66e0c674c7b84b25f6a1e970245
IP
File type JSON data\012- , ASCII text
Hash 16c972d38ba0dae39570680210bbfce8
2ca612baebfb9dd61667acc5abf4282550e9a52f
93f4245345b9db176916ef030a7d820c3122d7910da4e17d136feccf98386b15
GET /gid.js?userId=7df1f66e0c674c7b84b25f6a1e970245 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:17 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7df1f66e0c674c7b84b25f6a1e970245; expires=Fri, 06 Oct 2023 21:19:17 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 30327e25d4669c7d9908598ed6f7fe96
0fd8845167020021955c8ece0c52512714101926
429651e5880ce93fd3237b01290eb8ad298322393dc7a6b2f9b2fefe8e10c8e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429651E5880CE93FD3237B01290EB8AD298322393DC7A6B2F9B2FEFE8E10C8E2"
Last-Modified: Tue, 04 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17155
Expires: Fri, 07 Oct 2022 02:05:12 GMT
Date: Thu, 06 Oct 2022 21:19:17 GMT
Connection: keep-alive
french-stream.123megaproxy.com/static/templates/ZStream/fonts/LeagueGothicRegular.ttf
200 OK 266 kB URL HTTP/1.1 french-stream.123megaproxy.com/static/templates/ZStream/fonts/LeagueGothicRegular.ttf
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60411), with CRLF, LF line terminators
Size 266 kB (265475 bytes)
Hash 2974ca4c2d859eb814b3dd08a7a3749d
6a64d2e870398c1d33e7f47da5d443ff85f9fecd
4d71dc065e858337a2ead7bc5b7c846b118bdc0d5e131df31b81d0ef707b4453
Analyzer Verdict Alert fortinet Phishing
GET /static/templates/ZStream/fonts/LeagueGothicRegular.ttf HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/static/templates/ZStream/style/styles.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7R5OjxQw6VODCqWlKU9Tx%2BEvNGsuvkgB5NvQxSMYWSR3MV1Y4S4ANXnYQdHORE2X7wQ%2BUIU%2B9Um3BJ2w3ofw%2B%2BAIy%2F2Ju2Bbw9z57Ak4GebZYFRPImULDulIP8oZdxb3Ty4F1pAGtIj7BbPrEfrkWnM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f355808b512-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/static/templates/ZStream/images/logo.png
200 OK 5.8 kB URL HTTP/1.1 french-stream.123megaproxy.com/static/templates/ZStream/images/logo.png
IP
File type PNG image data, 230 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a74eb040045390aa7921dc17067cc37
3683b05cbcf86e5ad1ad84895787f0004d8a789c
6d13b5e776c08353a0acc07dd2b8b162153c0243ece982d605f1453d62edf5c4
GET /static/templates/ZStream/images/logo.png HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/static/templates/ZStream/style/styles.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlZyOrXVtVkXLIXuJN%2FQCfGbAkdBnXI0tus40FQHqVJbX95rpzViewL9tKqM4GbxVpbt0tq%2B9d%2B%2F%2FWQfGA0TZwn6OQVanFvcNNXq4gBi1PgcqOAB2fVQKO%2F9Lh52FPuEeXcPs9xpEH6M1FgRWXN6quc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f35e9d6b524-OSL
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0487695e0218f07012260b1c4679cfb2
2ef42a2e4d45ec28d1811f8f435e8357054601c8
094e6e226db6fe1a0739438731be603ebeca76abe32254cc54b23bd2e7589efb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 21:19:17 GMT
Last-Modified: Thu, 06 Oct 2022 19:32:25 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: z2p8WR5TkUR3378Q9P5QIiCyDkYcHo77GEkBWue6lG1oPfYxi-ZGBw==
Age: 6412
creepingbrings.com/sfp.js
200 OK 28 kB URL HTTP/1.1 creepingbrings.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: c45b0e79c49650c9090ef2177b468d53
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfG1uoKAqFqJOhiQKd6auG%2FxfWonyKA8GpemQSyAINAOA73l7gql7TeA7RmEfFEAtbPMCeLfvp4QgpfnHS7U6VsIyqkmZ%2FkOELJHEGS2rOYaVcwLqTwAeiYKdPR2%2FLgkGGPxSX8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f35690d76bf-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/abandoned.jpg
200 OK 76 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/abandoned.jpg
IP
File type JPEG image data, baseline, precision 8, 269x370, components 3\012- data
Hash 954dfb4e176100a4610e574e06d40a2b
3096f3f90fdaab1262040a849323a17f2ed7453e
8c7a392914a7d04536ed46bf20afa4c554ded67bc549a9bef9a88edc784eff35
GET /poster/abandoned.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Bx7%2F5wdTxgWDqgqLV995LCRGIjJ1W2%2FzIsXUkF8N5LQ10fZ4R2DP2oFti4iMHtEpeMICZ%2BqAs6TLsYSYgL%2BHu0KJ5bt0RfWRO0X2Eh4EpzTv8pczUogTqnEIDSODwJzpfdk6DvQj7THKINWvMmLeVM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f35cfbc1c06-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/poster/restart-the-earth.jpg
200 OK 36 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/restart-the-earth.jpg
IP
File type JPEG image data, baseline, precision 8, 320x480, components 3\012- data
Hash 7ad638877cb9a74eaa116377570719ed
05cc8a9b6799710a9c2109e533d31d59a5bb865b
f4f6dfa4057b7f41eba29f4b011ddb4bce3724846c50133bb9d3cd6317137c47
GET /poster/restart-the-earth.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxnjma7gceBYIDXwvDAeDoOw7dw5KZ%2FVKTzXj25vzCFvLTAvjz4uuTiE0Issprcaic6XT43jxu6SZTptInYUJn2VHnRIUm9cJddWe%2FDJNmwrJ16MahZEU9Fmbd0FFeVzhHOTp55c3GSJiCM307guzcA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f357c10b4f4-OSL
alt-svc: h2=":443"; ma=60
french-stream.123megaproxy.com/static/templates/ZStream/images/google.png
302 Found 0 B URL HTTP/1.1 french-stream.123megaproxy.com/static/templates/ZStream/images/google.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/templates/ZStream/images/google.png HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 302 Found
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: /
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7SJsBO5i%2BJwIpkpO1dK3cn4Bc6H1xf1i7Oh5Irmd2r2bZUBB9MggWDwKwRmi9Bw7Kgxj3be6IpH2DyaDx6CzIbypN89CN3zK28eqnnqNROr5jpFjr3hIEguUIr6LFQd6BzgRM3Rh6P8IBKQubgz31c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f366966b512-OSL
alt-svc: h2=":443"; ma=60
rndskittytor.com/400/4837723
200 OK 31 kB URL HTTP/1.1 rndskittytor.com/400/4837723
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 381ef3e51966f453026001e0fd29eff7
174dea2561d119692469bb6cc5fcdbce28af211c
85381379956b26e118c22443ac7405535c462f42fcc23c141e2896ea03be6682
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4837723 HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 1b15761f22e9d78fa6b717fb04d00ec5
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=8b8f16e7c8d44e43b748ce2f430f3720; expires=Fri, 06 Oct 2023 21:19:17 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 94acc1cce2e60565a671ef804ae54b10
9bcaa1cdb9bcd80fb457c156f9d51b68407e059b
f2d12dc6c0d5bba376b91b6253e06a710962796ced9216bab11df8fb7096aafd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
set-cookie: uid_id2=af94cf6d-5f52-4352-a0ce-bf3720e96f44:3:1; expires=Sun, 03 Oct 2032 21:19:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
french-stream.123megaproxy.com/poster/l-o-chantent-les-crevisses.jpg
200 OK 82 kB URL HTTP/1.1 french-stream.123megaproxy.com/poster/l-o-chantent-les-crevisses.jpg
IP
File type JPEG image data, progressive, precision 8, 600x900, components 3\012- data
Hash a0f045dac8c2354480ef5a9848dec74c
523af8c3e727173ca8cb7c3e015be746db9414af
b6054a7435292b58218db47e0890fc9598904b8d4c95ba0c93f84cda0e8f94fe
GET /poster/l-o-chantent-les-crevisses.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5FY9wKoIlPmkZ9x1XHuKVL3KneDh7TpPhjfqzPTK7UYpotr7mwl5uC%2BP0CjjvlvhznCybYUxheiYX2uKEKRwf3N%2ByCQ3cxTS3sj7m%2BQAKE%2FKUFDhUJQBfb0dv01Pyl3rAtUlDqVNgivGrPDGXzRIoM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f35ed78b529-OSL
alt-svc: h2=":443"; ma=60
glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=french-stream.123megaproxy.com&var=&ymid=&var_3=
200 OK 705 B URL HTTP/2 glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=french-stream.123megaproxy.com&var=&ymid=&var_3=
IP
File type JSON data\012- , ASCII text, with very long lines (704)
Hash 51f7ff6b6661d6d302f90cc270d850de
018bb61c1d2b9897add8599742037a69f7816f78
39bfd2f670200f31a92aa0445a09408522a7be8b371c61fd234140533e194eca
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=2651991&is_mobile=false&domain=french-stream.123megaproxy.com&var=&ymid=&var_3= HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:17 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: 2a8585e030391677ef427bb5b08275be
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
glimtors.net/pfe/current/universal.min.js?v=3.1.396
304 Not Modified 0 B URL HTTP/2 glimtors.net/pfe/current/universal.min.js?v=3.1.396
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 13:19:37 GMT
If-None-Match: W/"6332f869-1fafa"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 06 Oct 2022 21:19:17 GMT
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: "6332f869-1fafa"
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
overzubatan.com/5/2632704
200 OK 23 kB URL HTTP/1.1 overzubatan.com/5/2632704
IP
File type ASCII text, with very long lines (62331), with no line terminators
Hash 1f9640e380435e618bba7c505d53643d
8b4e8db62cd642b9d0d09c68e692f4caf1728f3a
dd345797446c796ad09d35099bb6e0d1a2a219d72890f2410ca266f491ee90bc
Analyzer Verdict Alert quad9 Sinkholed
GET /5/2632704 HTTP/1.1
Host: overzubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: e591b5550690ae2a36de7b57436162d8
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=258dc94b30744da8aa9619baaddb227f; expires=Fri, 06 Oct 2023 21:19:17 GMT; path=/
oaidts=1665091157; expires=Fri, 06 Oct 2023 21:19:17 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
french-stream.123megaproxy.com/poster/le-parfumeur.jpg
200 OK 1.3 MB URL HTTP/1.1 french-stream.123megaproxy.com/poster/le-parfumeur.jpg
IP
File type JPEG image data, progressive, precision 8, 1000x1500, components 3\012- data
Size 1.3 MB (1302850 bytes)
Hash 95eb940a42d72868d31b799e63d8a08e
2495230422bb0fc3f7a042f9b8d6ab48dea9aaf5
68d0e5f7b1af45902207eb8120378a5f877dbb54570d98640db38a87fef3bbd0
GET /poster/le-parfumeur.jpg HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:17 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipKxqs7Qx9nWJlYWxwRRfUgvYMLWnpBY5xkN%2FzFrclV55bWtUrfO2o5UlSS%2BIX3S5UPNBALHXhNAR%2FyYDOw3XQiwXCCdJTNeCfMkMwwGkdchx1WFyDda57r%2F3ZN1YkHITBw1gY9obZwxgVjfzD956qk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f34cb290b51-OSL
alt-svc: h2=":443"; ma=60
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 06 Oct 2022 21:19:17 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
dozubatan.com/400/4495524
200 OK 31 kB URL HTTP/1.1 dozubatan.com/400/4495524
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash a0eba96ab29fdff027ad961c77ebd00a
831dcf1f31ea110477babcd86190415a022deb16
cde498347a7eceba0728d79fbe1ef55464b4b5d01215cbda7b277ea40d0753e2
GET /400/4495524 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 2c3ae126a4a11b7ae2c47d59e23c730b
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=27b1e9fc0f7d4365a88ecbdec79baded; expires=Fri, 06 Oct 2023 21:19:17 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
dozubatan.com/400/4495524
200 OK 31 kB URL HTTP/1.1 dozubatan.com/400/4495524
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7411cf3eb1bb4b52079b08ddddba0cf6
92b471fd346ed7238fa93ffb20d15bc5d59da49e
934bb94534744ba8fa577b3cc3fdb6dc18d604b098d998c4691f2b6c789ab32b
GET /400/4495524 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 0da19bda43115c202eaf84b4e635c3ff
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=175c4a9267a2498aa67f5ff080cb1a24; expires=Fri, 06 Oct 2023 21:19:17 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
matomo.hellohi.me/matomo.php?action_name=French%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&idsite=1&rec=1&r=748171&h=21&m=19&s=17&url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&_id=78d0adef5fb1b058&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=NPmwkD&pf_net=0&pf_srv=71&pf_tfr=105&pf_dm1=1470
301 Moved Permanently 169 B URL HTTP/1.1 matomo.hellohi.me/matomo.php?action_name=French%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&idsite=1&rec=1&r=748171&h=21&m=19&s=17&url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&_id=78d0adef5fb1b058&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=NPmwkD&pf_net=0&pf_srv=71&pf_tfr=105&pf_dm1=1470
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f3099a531821c476589c3d2d00d53772
8e539d05a8355d6835a56f94b75f405c6e55f6f3
a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
POST /matomo.php?action_name=French%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&idsite=1&rec=1&r=748171&h=21&m=19&s=17&url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&_id=78d0adef5fb1b058&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=NPmwkD&pf_net=0&pf_srv=71&pf_tfr=105&pf_dm1=1470 HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 21:19:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.php?action_name=French%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&idsite=1&rec=1&r=748171&h=21&m=19&s=17&url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&_id=78d0adef5fb1b058&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=NPmwkD&pf_net=0&pf_srv=71&pf_tfr=105&pf_dm1=1470
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F460pp7V2fcO2bGJXhqecoh1cROB5oIKnoibVPcc6mfQvJ8BWxTXbnAH0LfeDL7e6LIPHn84wPBZghk2hvxBGFiIlwCWq5UVgidfk2Rb8RunHFnPUaKYPAPR%2FTAzannvV0PX8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75616f396b670b61-OSL
alt-svc: h2=":443"; ma=60
z.moatads.com/addthismoatframe568911941483/moatframe.js
200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=25059
date: Thu, 06 Oct 2022 21:19:18 GMT
X-Firefox-Spdy: h2
s7.addthis.com/l10n/client.fr.min.json
200 OK 1.9 kB URL HTTP/2 s7.addthis.com/l10n/client.fr.min.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3945), with no line terminators
Hash 3fc80c8f9f9e4c30b96b50482ee20e38
4f2ff610a55517e3a4a89ca1e841021b38dbccb3
b50d348d22b317777da9e2e9071b395095791c39737fec686d253f0d29c51bd2
GET /l10n/client.fr.min.json HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
etag: W/"5d77be05-fb9"
cache-control: public, s-maxage=604800
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 1924
date: Thu, 06 Oct 2022 21:19:18 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
200 OK 4.5 kB URL HTTP/1.1 s10.histats.com/js15_as.js
IP
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash 2b153cb2287eac49566b32fce9c385f8
206074b038daff8bc66d86bca0c5ff35f9f72655
7398435bd3f0dae8206173dd66954ae029dc8787962d5f089bcb548f53409869
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
date: Thu, 06 Oct 2022 21:13:23 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 513640273
etag: W/"-375139978"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4547
x-iplb-request-id: 5B5A2A9A:6158_2E69C9F0:0050_633F4656_F4AE0:19195
x-iplb-instance: 42475
v1.addthisedge.com/live/boost/ra-5c9dd60f1ea0ae6d/_ate.track.config_resp
200 OK 542 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-5c9dd60f1ea0ae6d/_ate.track.config_resp
IP
File type ASCII text, with very long lines (1519), with no line terminators
Hash 3b5e29ddf45390ba380342e03a84e11a
2fcb72e761e166a5127b91d21255729a330790d4
e1a64b46a56c0b62f6e21de16132a922b8f902832bc8a7abb3de30a3c6549a10
GET /live/boost/ra-5c9dd60f1ea0ae6d/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 542
etag: -1956145957--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=13, s-maxage=86400
date: Thu, 06 Oct 2022 21:19:18 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
french-stream.123megaproxy.com/static/templates/ZStream/images/favicon.png
200 OK 1.6 kB URL HTTP/1.1 french-stream.123megaproxy.com/static/templates/ZStream/images/favicon.png
IP
File type PNG image data, 34 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fe31cbb3dccb5b31ba42fd35650b474
b9474c878422bcd011fa01f548fbd1d4957715d1
79f4242f000dc8e3b9fc19b8c93d0f7175bf668bb496d6622fa3b2072620e6b3
GET /static/templates/ZStream/images/favicon.png HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: __atuvc=1%7C40; __atuvs=633f46545f4ed122000; _pk_id.1.f560=78d0adef5fb1b058.1665091158.; _pk_ses.1.f560=1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:18 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Thu, 06 Oct 2022 21:19:18 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1JF48pYx2U267GLKwaLl5ZvZQWEPHjPl%2FhF4laiBYYjbcTLqTOjvehKlVBT5tHz9yJ%2Bucrw5CAX%2BBU4iK%2BsMFtV3VTxhAXxEzsO8KzNdgVV1pb8aob6M4yHilBaQvrG2Vyr1vv63sCFBCzG1yrh7fo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f3a4c691c06-OSL
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/gseccovsslca2018
200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 66396a30442089e51398f949b3e7963b
cf9a68c0dc14f5c4de4e618a33a197cc02460517
8c170ca36c62de8d31d7873cdec02782af6cb2e98dc783c74178b178a4c4f2f5
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:18 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 10 Oct 2022 19:31:35 GMT
ETag: "cf9a68c0dc14f5c4de4e618a33a197cc02460517"
Last-Modified: Thu, 06 Oct 2022 19:31:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1223
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75616f3ace78b512-OSL
benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=s7td453291ls622626062g3q4rqqj338
204 No Content 0 B URL HTTP/2 benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=s7td453291ls622626062g3q4rqqj338
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=s7td453291ls622626062g3q4rqqj338 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 21:19:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=s7td453291ls622626062g3q4rqqj338
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=s7td453291ls622626062g3q4rqqj338
IP
File type JSON data\012- , ASCII text
Hash 16c972d38ba0dae39570680210bbfce8
2ca612baebfb9dd61667acc5abf4282550e9a52f
93f4245345b9db176916ef030a7d820c3122d7910da4e17d136feccf98386b15
GET /gid.js?userId=s7td453291ls622626062g3q4rqqj338 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: ID=7df1f66e0c674c7b84b25f6a1e970245
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:18 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7df1f66e0c674c7b84b25f6a1e970245; expires=Fri, 06 Oct 2023 21:19:18 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aa57afff10f5f2fae269852c025c82cf
5b4bebae8a171ff3b37d319ee94eaf6e6245efea
f0566da870e39ec64855d7c72c3e12810c46263e1c48c0bb393930c77dbbcc90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F0566DA870E39EC64855D7C72C3E12810C46263E1C48C0BB393930C77DBBCC90"
Last-Modified: Wed, 05 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2354
Expires: Thu, 06 Oct 2022 21:58:32 GMT
Date: Thu, 06 Oct 2022 21:19:18 GMT
Connection: keep-alive
m.addthis.com/live/red_lojson/300lo.json?si=633f465409deebde&bkl=0&bl=1&pdt=187&sid=633f465409deebde&pub=ra-5c9dd60f1ea0ae6d&rev=v8.28.8-wp&ln=fr&pc=men&cb=0&ab=-&dp=french-stream.123megaproxy.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=french%20stream%2Cfrench%20streaming%2Cstreaming%2Cstream%20complet%2Cfilm%20streaming%2Cvoir%20film%2Cfilm%20gratuit%2Cfilm%20complet%2Cstreaming%20vf%2Cstreamcomplet&colc=1665091157758&jsl=0&uvs=633f46545f4ed122000&skipb=1&callback=addthis.cbs.jsonp__15993763813921180
200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=633f465409deebde&bkl=0&bl=1&pdt=187&sid=633f465409deebde&pub=ra-5c9dd60f1ea0ae6d&rev=v8.28.8-wp&ln=fr&pc=men&cb=0&ab=-&dp=french-stream.123megaproxy.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=french%20stream%2Cfrench%20streaming%2Cstreaming%2Cstream%20complet%2Cfilm%20streaming%2Cvoir%20film%2Cfilm%20gratuit%2Cfilm%20complet%2Cstreaming%20vf%2Cstreamcomplet&colc=1665091157758&jsl=0&uvs=633f46545f4ed122000&skipb=1&callback=addthis.cbs.jsonp__15993763813921180
IP
File type ASCII text, with no line terminators
Hash 2a836d2a2c17f46164bf0d52116d26a0
c87fa5422876dce6ae8cf887dbc19375e94480a0
86b464fd22df39881c707b0e831bc9265acdb5dd9c33bff46dc5072cea096c02
GET /live/red_lojson/300lo.json?si=633f465409deebde&bkl=0&bl=1&pdt=187&sid=633f465409deebde&pub=ra-5c9dd60f1ea0ae6d&rev=v8.28.8-wp&ln=fr&pc=men&cb=0&ab=-&dp=french-stream.123megaproxy.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=french%20stream%2Cfrench%20streaming%2Cstreaming%2Cstream%20complet%2Cfilm%20streaming%2Cvoir%20film%2Cfilm%20gratuit%2Cfilm%20complet%2Cstreaming%20vf%2Cstreamcomplet&colc=1665091157758&jsl=0&uvs=633f46545f4ed122000&skipb=1&callback=addthis.cbs.jsonp__15993763813921180 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Thu, 06 Oct 2022 21:19:18 GMT
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Thu, 06 Oct 2022 21:19:18 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s10.histats.com/counters/cc_511.js
200 OK 6.0 kB URL HTTP/2 s10.histats.com/counters/cc_511.js
IP
File type HTML document, ASCII text, with very long lines (14926), with no line terminators
Hash e0963faf9f8d4dd4683c649033bfe3e6
8b8365dac8c2d50836e19456f025370ee782598f
80ac8877a54d16e397e9518ce7221d0abad87a39ffd0221a99227540eeb8b2a8
GET /counters/cc_511.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:15:15 GMT
etag: "1364484781"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 833946413
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5984
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
200 OK 65 B URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
Hash 16c972d38ba0dae39570680210bbfce8
2ca612baebfb9dd61667acc5abf4282550e9a52f
93f4245345b9db176916ef030a7d820c3122d7910da4e17d136feccf98386b15
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Thu, 06 Oct 2022 21:19:18 GMT
access-control-allow-origin: *
etag: "633be002-11a95"
expires: Thu, 06 Oct 2022 22:19:18 GMT
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7976
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:19:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7976
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:19:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7976
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:19:18 GMT
Connection: keep-alive
benumelan.com/27/8895279539f8e7258627d3f113c8e00a
200 OK 134 kB URL HTTP/2 benumelan.com/27/8895279539f8e7258627d3f113c8e00a
IP
Size 134 kB (133975 bytes)
Hash f670ae4d5a93970e0224e4d75acd8df9
287fb185e107983f862180c4e39f0a02885be9ec
b27903eb25ed6fc62d351593bcc20c1521b338d24638a2e778d314d4b0b55300
Analyzer Verdict Alert quad9 Sinkholed
GET /27/8895279539f8e7258627d3f113c8e00a HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: scm=1; OAID=33a568ccbe1c4b2e846dfc5122b49daf; oaidts=1665091156
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:16 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 06 Oct 2022 06:46:02 GMT
expires: Thu, 05 Nov 2082 06:46:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:27:43 GMT
age: 60695
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 85357
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 488ec5b4267ccb1cdc4e6e08556f7f3b
42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 9b3b52d6-08b4-4893-962b-3dfe67e2f11d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjTijF0vIAMFq3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dffa9-0a128734418b6c4d6375e2ac;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 22:05:29 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iRuujAZLL_0mf5_-FhMXpuWwHy-jidhBkFuBIZLo0tLlJArZgFEcbA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 16:10:55 GMT
age: 18503
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: 13fcd792-1fcc-44b5-aa9e-d2773a60fe77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHrbIAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5b5f5d781b9d651b68c04f2e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wfnbRpTKni8hbAmJXO9vdisV6ZPoRP-eBb3wP4RzPS7MlXvp7282dw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 85357
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 84158
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://french-stream.123megaproxy.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://french-stream.123megaproxy.com
Content-Length: 2699
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 06 Oct 2022 21:19:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://french-stream.123megaproxy.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=s7td453291ls622626062g3q4rqqj338
200 OK 2.7 kB URL HTTP/2 benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=s7td453291ls622626062g3q4rqqj338
IP
Hash dced9b2d1559d208d9c49854e381e716
542b09324e0ebde7db68e4211980fe426e61285d
cdfbfdc11d568d1829e6246844f517d0c53911d9398f50fa7910ed6561f53642
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=s7td453291ls622626062g3q4rqqj338 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 409
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: scm=1; OAID=33a568ccbe1c4b2e846dfc5122b49daf; oaidts=1665091156
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:18 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2de2efe93367739d8ebf846eb5d79d81
access-control-expose-headers: X-Sc
set-cookie: OAID=s7td453291ls622626062g3q4rqqj338; expires=Fri, 06 Oct 2023 21:19:18 GMT; secure; SameSite=None
oaidts=1665091156; expires=Fri, 06 Oct 2023 21:19:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 94acc1cce2e60565a671ef804ae54b10
9bcaa1cdb9bcd80fb457c156f9d51b68407e059b
f2d12dc6c0d5bba376b91b6253e06a710962796ced9216bab11df8fb7096aafd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: uid_id2=af94cf6d-5f52-4352-a0ce-bf3720e96f44:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:18 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=s7td453291ls622626062g3q4rqqj338
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=s7td453291ls622626062g3q4rqqj338
IP
File type JSON data\012- , ASCII text
Hash 16c972d38ba0dae39570680210bbfce8
2ca612baebfb9dd61667acc5abf4282550e9a52f
93f4245345b9db176916ef030a7d820c3122d7910da4e17d136feccf98386b15
GET /gid.js?userId=s7td453291ls622626062g3q4rqqj338 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: ID=7df1f66e0c674c7b84b25f6a1e970245
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:18 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7df1f66e0c674c7b84b25f6a1e970245; expires=Fri, 06 Oct 2023 21:19:18 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
benumelan.com/11?rnd=1404601413&z=3372123&b=14566424&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw==&ruid=ceb40a44-2cbb-4b9d-9820-70aaf44b2da4&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=544
200 OK 0 B URL HTTP/2 benumelan.com/11?rnd=1404601413&z=3372123&b=14566424&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw==&ruid=ceb40a44-2cbb-4b9d-9820-70aaf44b2da4&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=544
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=1404601413&z=3372123&b=14566424&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw==&ruid=ceb40a44-2cbb-4b9d-9820-70aaf44b2da4&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=544 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: scm=1; OAID=s7td453291ls622626062g3q4rqqj338; oaidts=1665091156
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:18 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 549ca699c360fe91880a68ba9a13d473
access-control-expose-headers: X-Sc
set-cookie: OAID=s7td453291ls622626062g3q4rqqj338; expires=Fri, 06 Oct 2023 21:19:18 GMT; secure; SameSite=None
oaidts=1665091156; expires=Fri, 06 Oct 2023 21:19:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
inpagepush.com/500/3064505?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/1.1 inpagepush.com/500/3064505?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/3064505?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:18 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, OPTIONS
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://french-stream.123megaproxy.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
dozubatan.com/500/4495524?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/1.1 dozubatan.com/500/4495524?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4495524?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:18 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, OPTIONS
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://french-stream.123megaproxy.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
inpagepush.com/500/3064505?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 1.1 kB URL HTTP/1.1 inpagepush.com/500/3064505?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1304), with no line terminators
Hash 4ba84729f57a8ac94202b3857eb94a02
fcd51dc6aa187e2796c7fd15688aaca855413549
c7079dd436bf965eaf50a2e6fdf320c6a680fff9961c8498d1165e58e366a972
GET /500/3064505?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 25644043bbc58901c2fdb177a7a732a1
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Vary: Origin
Access-Control-Allow-Origin: http://french-stream.123megaproxy.com
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=s7td453291ls622626062g3q4rqqj338; expires=Fri, 06 Oct 2023 21:19:18 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
dozubatan.com/500/4495524?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 1.1 kB URL HTTP/1.1 dozubatan.com/500/4495524?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1302), with no line terminators
Hash aea04b653c6330d0506a1d7865e3e743
6377e2c10fe18688b1de512d67d5b2826974d778
49d08eebdaa86306301f04fb916fdc642765b101f8b5241ecd4d8107a1dbbddc
GET /500/4495524?excludes=&oaid=s7td453291ls622626062g3q4rqqj338&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: f875d38eb9ea3cb51a07cb5081e483d5
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: http://french-stream.123megaproxy.com
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=s7td453291ls622626062g3q4rqqj338; expires=Fri, 06 Oct 2023 21:19:18 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
offerimage.com/www/images/96d73cf80f752e9319997c6e575c3b82.jpeg
200 OK 11 kB URL HTTP/2 offerimage.com/www/images/96d73cf80f752e9319997c6e575c3b82.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 96d73cf80f752e9319997c6e575c3b82
3dcf9d3b3e94698a842b1a98de17a02a8c3b4457
44dc0e0d92f12e669842f12722ca1a1848fb4be50deabd86c7d9deb64946db86
GET /www/images/96d73cf80f752e9319997c6e575c3b82.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:18 GMT
content-type: image/jpeg
content-length: 11449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "627e5574-2cb9"
expires: Fri, 07 Oct 2022 04:56:42 GMT
last-modified: Fri, 13 May 2022 12:56:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 58956
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75616f3f8cb998f1-ARN
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ed00c15fb5776a25bcd17fb9e34bc34c
367bbede0390b84504fc91f79dbd36f3c190ac4b
7e327d731dcfa45d68e2596df1c43429be237fd4ec13ce9d3633e3704333eff4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E327D731DCFA45D68E2596DF1C43429BE237FD4EC13CE9D3633E3704333EFF4"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15575
Expires: Fri, 07 Oct 2022 01:38:54 GMT
Date: Thu, 06 Oct 2022 21:19:19 GMT
Connection: keep-alive
matomo.hellohi.me/matomo.php?action_name=French%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&idsite=1&rec=1&r=542282&h=21&m=19&s=17&url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&_id=78d0adef5fb1b058&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=yNJYof&pf_net=0&pf_srv=71&pf_tfr=105&pf_dm1=1470
301 Moved Permanently 169 B URL HTTP/1.1 matomo.hellohi.me/matomo.php?action_name=French%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&idsite=1&rec=1&r=542282&h=21&m=19&s=17&url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&_id=78d0adef5fb1b058&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=yNJYof&pf_net=0&pf_srv=71&pf_tfr=105&pf_dm1=1470
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f3099a531821c476589c3d2d00d53772
8e539d05a8355d6835a56f94b75f405c6e55f6f3
a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
POST /matomo.php?action_name=French%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&idsite=1&rec=1&r=542282&h=21&m=19&s=17&url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&_id=78d0adef5fb1b058&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=yNJYof&pf_net=0&pf_srv=71&pf_tfr=105&pf_dm1=1470 HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 21:19:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.php?action_name=French%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&idsite=1&rec=1&r=542282&h=21&m=19&s=17&url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&_id=78d0adef5fb1b058&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=yNJYof&pf_net=0&pf_srv=71&pf_tfr=105&pf_dm1=1470
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSkXqCgiceg3vMqUoDagv%2FbHryDO6fQk4xcGaNcIBIAb%2BnzPkWrtKZJ1fBLENvFiPjmTquXBeS6jF7Ybf1evh5nMOkMcEC9bqJlGhrIrXsqb9vkXowjE4VOX1nHCQYBHIRfiAw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75616f3f49b10b61-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4f02499111f3797c5a096e9f9a23f37c
19daaa3d50e5acd25ec41242b0bedf54a9dd5a37
8158e4bd8ad6b27907098b5e0e958152f08f95ec1f99d3f31f3d5f49038e865e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8158E4BD8AD6B27907098B5E0E958152F08F95EC1F99D3F31F3D5F49038E865E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13143
Expires: Fri, 07 Oct 2022 00:58:22 GMT
Date: Thu, 06 Oct 2022 21:19:19 GMT
Connection: keep-alive
s7.addthis.com/static/195.461912c47007775093ae.js
200 OK 298 B URL HTTP/2 s7.addthis.com/static/195.461912c47007775093ae.js
IP
File type ASCII text, with very long lines (384), with no line terminators
Hash b3a09bfb320e3798865e9543432f891f
1b852bdc37086072c734acec0af4d1971e6ec320
62048a133b36399f6990ddbf705fc3a2cd9a8a9d010e1fb89ed8bdd25d56fca3
GET /static/195.461912c47007775093ae.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-180"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 298
date: Thu, 06 Oct 2022 21:19:19 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 06 Oct 2022 21:19:19 GMT
access-control-allow-origin: *
etag: "633be002-2b"
expires: Thu, 06 Oct 2022 22:19:19 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
glimtors.net/custom
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
glimtors.net/custom
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=ba8f7c65470f4e5bb1201caf31a4261e&zoneId=2651991&checkDuplicate=true&ymid=&var=
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=ba8f7c65470f4e5bb1201caf31a4261e&zoneId=2651991&checkDuplicate=true&ymid=&var=
IP
File type JSON data\012- , ASCII text
Hash 16c972d38ba0dae39570680210bbfce8
2ca612baebfb9dd61667acc5abf4282550e9a52f
93f4245345b9db176916ef030a7d820c3122d7910da4e17d136feccf98386b15
GET /gid.js?pub=0&userId=ba8f7c65470f4e5bb1201caf31a4261e&zoneId=2651991&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Cookie: ID=7df1f66e0c674c7b84b25f6a1e970245
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7df1f66e0c674c7b84b25f6a1e970245; expires=Fri, 06 Oct 2023 21:19:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
glimtors.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Content-Type: application/json
Origin: http://french-stream.123megaproxy.com
Content-Length: 396
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: becc60a128195b3db857ddf9c2a5d4c3
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
glimtors.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Content-Type: application/json
Origin: http://french-stream.123megaproxy.com
Content-Length: 784
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: fa9e4616e56e4daf93beee090b3e69ff
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/d8/50/db/3008ab8caf4cc7d31e3920dfd5/0876908758031.jpeg
200 OK 21 kB URL HTTP/2 interstitial-07.com/contents/s/d8/50/db/3008ab8caf4cc7d31e3920dfd5/0876908758031.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash d850db3008ab8caf4cc7d31e3920dfd5
27d23973fff676162e979b4696e2a3aa07801c73
6e46cbcff6d5b6b01c3b0ad71034fafcb1f590cec4d189d61a7a0c36c14498af
GET /contents/s/d8/50/db/3008ab8caf4cc7d31e3920dfd5/0876908758031.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D752488278%26z%3D3372123%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw%3D%3D%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3Dceb40a44-2cbb-4b9d-9820-70aaf44b2da4%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Ffrench-stream.123megaproxy.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: image/jpeg
content-length: 20778
last-modified: Thu, 16 Sep 2021 07:03:01 GMT
etag: "6142ec25-512a"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Ffrench-stream.123megaproxy.com%2F
200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Ffrench-stream.123megaproxy.com%2F
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Ffrench-stream.123megaproxy.com%2F HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://french-stream.123megaproxy.com/
last-modified: Thu, 06 Oct 2022 21:00:00 GMT
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 06 Oct 2022 21:19:19 GMT
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&callback=_ate.cbs.rcb_a3u30
200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&callback=_ate.cbs.rcb_a3u30
IP
File type ASCII text, with no line terminators
Hash 2513088d18a437d5fc6934e7299e2044
32778b2f558ce1a7b860cfca5220a35f97676a33
45694a33578cb5e38fb19e844b4f987ba6f04fd29a99b6a719940e6fbc681453
GET /url/shares.json?url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&callback=_ate.cbs.rcb_a3u30 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: french-stream.123megaproxy.com/
last-modified: Thu, 06 Oct 2022 21:19:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Thu, 06 Oct 2022 21:19:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Ffrench-stream.123megaproxy.com%2F&callback=_ate.cbs.rcb_evm10
200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Ffrench-stream.123megaproxy.com%2F&callback=_ate.cbs.rcb_evm10
IP
File type ASCII text, with no line terminators
Hash 78d75960cc6fbdacd293bdd27fb3fabc
f3d48e44eade185e390957879eaa4e26163f1486
22f304933fb6dcbe59271ca228cfbe6065760c95eeaa76b83f0d5f7cd2d8a7a0
GET /url/shares.json?url=https%3A%2F%2Ffrench-stream.123megaproxy.com%2F&callback=_ate.cbs.rcb_evm10 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: french-stream.123megaproxy.com/
last-modified: Thu, 06 Oct 2022 21:19:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Thu, 06 Oct 2022 21:19:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 671e371ca656241a058e39f941f52b91
e2f8c597830dbf6798c6e67563b25f8f2c5b9761
c8cf9147235e2f68fb2a2aa6aaab3d8934bb8e1a2a19e94e8c9ef6310ffdf88a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8CF9147235E2F68FB2A2AA6AAAB3D8934BB8E1A2A19E94E8C9EF6310FFDF88A"
Last-Modified: Wed, 05 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12987
Expires: Fri, 07 Oct 2022 00:55:46 GMT
Date: Thu, 06 Oct 2022 21:19:19 GMT
Connection: keep-alive
interstitial-07.com/contents/s/2f/0c/5c/05fe4242e3b0d6a0486ead3410/033925084315.jpeg
200 OK 47 kB URL HTTP/2 interstitial-07.com/contents/s/2f/0c/5c/05fe4242e3b0d6a0486ead3410/033925084315.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 2f0c5c05fe4242e3b0d6a0486ead3410
2fe595fc2851b76263649bb2c4781f2c20933dd2
a22ffbd7bf69000b15925f4c7e1655fecf0774e360a897134a7708103a25024d
GET /contents/s/2f/0c/5c/05fe4242e3b0d6a0486ead3410/033925084315.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D752488278%26z%3D3372123%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw%3D%3D%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3Dceb40a44-2cbb-4b9d-9820-70aaf44b2da4%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Ffrench-stream.123megaproxy.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: image/jpeg
content-length: 47320
last-modified: Thu, 16 Sep 2021 07:03:00 GMT
etag: "6142ec24-b8d8"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: c856d4e229d90473cd2cc7b6285555f8
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
interesteddeterminedeurope.com/sbar.json?key=a286902791a7f4c98bcb1e812322cd78
200 OK 3.9 kB URL HTTP/1.1 interesteddeterminedeurope.com/sbar.json?key=a286902791a7f4c98bcb1e812322cd78
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5542), with no line terminators
Hash d5ea53bc140e73a14e1082f04057d64a
75201d701df1e6859499b4da257c4c4db0095bfc
85b420121786da69d170ff9323f04f0ad5a749a3b36b2d33cc79537019781f17
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a286902791a7f4c98bcb1e812322cd78 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 21:19:19 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://french-stream.123megaproxy.com
Access-Control-Allow-Origin: http://french-stream.123megaproxy.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15816950; expires=Fri, 07 Oct 2022 21:19:19 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 07 Oct 2022 21:19:19 GMT; secure; SameSite=None
uncs=1; expires=Fri, 07 Oct 2022 21:19:19 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 07 Oct 2022 21:19:19 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 07 Oct 2022 21:19:19 GMT; secure; SameSite=None
sleca286902791a7f4c98bcb1e812322cd78=[3364902]; expires=Thu, 06 Oct 2022 21:19:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1233bd5dcbd8607860838fe90c5111aa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
unseenreport.com/pxf.gif?uuid=af94cf6d-5f52-4352-a0ce-bf3720e96f44&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=a286902791a7f4c98bcb1e812322cd78&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=af94cf6d-5f52-4352-a0ce-bf3720e96f44&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=a286902791a7f4c98bcb1e812322cd78&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=af94cf6d-5f52-4352-a0ce-bf3720e96f44&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=a286902791a7f4c98bcb1e812322cd78&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 21:19:19 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 352aeceec418588b5f70f3195d8809c7
Strict-Transport-Security: max-age=0; includeSubdomains
glimtors.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Content-Type: application/json
Origin: http://french-stream.123megaproxy.com
Content-Length: 393
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 596a54fe4c86b3ce937c3990f16aa780
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ba99add6af98f78ce97861e6c56950ed
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash b775d6c88f4a45316c1c349524612975
9bd094bc5eaa63e5577dd4bce357fe7c0e065fc7
c6de78e375d38ab778cc5d69c6195821fd25017ed5ab2729fd2b6419007031d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1222
Cache-Control: max-age=159969
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:19:19 GMT
Etag: "633f0f72-117"
Expires: Sat, 08 Oct 2022 17:45:28 GMT
Last-Modified: Thu, 06 Oct 2022 17:25:06 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
interesteddeterminedeurope.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzc5CJ6UvSgogwdRkEl3z6Rnxj0EY4wEs5t1V9nctLqqZlJOdVdT1TU9ySm4KLk5%2Fgedb5INq0EUvLrIZGEPAWHHizmY%2F2ERcvIgMzs4%2BqB57%2FX3Dr%2Fvvfr60F0SH45erN3Ue1IpurRc9StvbQfBjcqmTF2%2F0m9Gn0X1GxXTe7cVVf23Kx8K1tVLoR%2F4fuAHlXVpRFv3lyYiZHbaCqotv1oPq8FyHX3z%2F946D5Z64L1L8jIkHy8%2B9q5DshHS5Mc1Ybu5zt75IHGK5tqgx08%2BTbupLlIk87JtPLTTk9k0tH26%2Fgg6PZ7iQvf%2BHYzlmHhPHiFOT2aQiHtHU85YQaSI%2BYsoeiMINYKkIzB9H5I%2FJQDjuLWFNHlwS5uC7j5X6UQdk8WrvyCLMVn88zrS5IdVJfuVu1q5XOrUot8uIfsjyM4ImTtDvncNsjgDy7%2BE5L%2BRpatNpMnRllUakpdT71KOINsjKDEAtR7c5JMeXNuDyzwk%2FKLCgiBo%2BJxRv9lirMYbIo64H9BGO6CBHzXh2ARvgDwbgKkBmNlHZvbRlQMY9yvsTgnLPdh8TLyP99HjJQpBUFiCghIUkqDICYpeecyVDW35gCvr4mCWw1mulUOddw7psc47IiWH2SV5abqXZ9tX6IqLCg2bUcsPG60JXJ21mjGLA9EMwloYMt5owsoS0l6bWt2b3Ki8RCbHhHzzB2J6BqvOwOQboO410GLYCH3QnWG96WMvPXVprDTrCl6VHFyXyPJF5Lveobokr0w5attvQrDzlc%2Fjm%2BNnD%2F8GMyUyU%2BIL%2BZigow6Gd3RBju7owpKftrJcJnKPTm53N6e5WPjuI7FbaMM31uzg4XtsIkzK00%2BEzTdpymXaseT7Vcm5MOvaMEF%2B2bD3RHzb2Z1VZ1KXbd5%2Bf30jyYywVup0BDqx9uQcTI7JCz8fT5%2Flq18dQJoRjCuRuHMyC0h9Bpbtw2ZzfqsXYNR8Js48FK4cmjCe%2F1SSQIl5T%2BMS9j99PK8P7QE65nXQ%2FD7SpETPlOipElQNYN3CMM%2FM%2BcrvtWkgVt4wVsY7ipVR3z5frpUXlUat5tOotRw0GlQ04nrYbEcBpzSsR2EU0RpyO2Yr6%2Ff%2BAQAA%2F%2F8BAAD%2F%2FzZgqKdhBAAA
200 OK 7 B URL HTTP/1.1 interesteddeterminedeurope.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzc5CJ6UvSgogwdRkEl3z6Rnxj0EY4wEs5t1V9nctLqqZlJOdVdT1TU9ySm4KLk5%2Fgedb5INq0EUvLrIZGEPAWHHizmY%2F2ERcvIgMzs4%2BqB57%2FX3Dr%2Fvvfr60F0SH45erN3Ue1IpurRc9StvbQfBjcqmTF2%2F0m9Gn0X1GxXTe7cVVf23Kx8K1tVLoR%2F4fuAHlXVpRFv3lyYiZHbaCqotv1oPq8FyHX3z%2F946D5Z64L1L8jIkHy8%2B9q5DshHS5Mc1Ybu5zt75IHGK5tqgx08%2BTbupLlIk87JtPLTTk9k0tH26%2Fgg6PZ7iQvf%2BHYzlmHhPHiFOT2aQiHtHU85YQaSI%2BYsoeiMINYKkIzB9H5I%2FJQDjuLWFNHlwS5uC7j5X6UQdk8WrvyCLMVn88zrS5IdVJfuVu1q5XOrUot8uIfsjyM4ImTtDvncNsjgDy7%2BE5L%2BRpatNpMnRllUakpdT71KOINsjKDEAtR7c5JMeXNuDyzwk%2FKLCgiBo%2BJxRv9lirMYbIo64H9BGO6CBHzXh2ARvgDwbgKkBmNlHZvbRlQMY9yvsTgnLPdh8TLyP99HjJQpBUFiCghIUkqDICYpeecyVDW35gCvr4mCWw1mulUOddw7psc47IiWH2SV5abqXZ9tX6IqLCg2bUcsPG60JXJ21mjGLA9EMwloYMt5owsoS0l6bWt2b3Ki8RCbHhHzzB2J6BqvOwOQboO410GLYCH3QnWG96WMvPXVprDTrCl6VHFyXyPJF5Lveobokr0w5attvQrDzlc%2Fjm%2BNnD%2F8GMyUyU%2BIL%2BZigow6Gd3RBju7owpKftrJcJnKPTm53N6e5WPjuI7FbaMM31uzg4XtsIkzK00%2BEzTdpymXaseT7Vcm5MOvaMEF%2B2bD3RHzb2Z1VZ1KXbd5%2Bf30jyYywVup0BDqx9uQcTI7JCz8fT5%2Flq18dQJoRjCuRuHMyC0h9Bpbtw2ZzfqsXYNR8Js48FK4cmjCe%2F1SSQIl5T%2BMS9j99PK8P7QE65nXQ%2FD7SpETPlOipElQNYN3CMM%2FM%2BcrvtWkgVt4wVsY7ipVR3z5frpUXlUat5tOotRw0GlQ04nrYbEcBpzSsR2EU0RpyO2Yr6%2Ff%2BAQAA%2F%2F8BAAD%2F%2FzZgqKdhBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzc5CJ6UvSgogwdRkEl3z6Rnxj0EY4wEs5t1V9nctLqqZlJOdVdT1TU9ySm4KLk5%2Fgedb5INq0EUvLrIZGEPAWHHizmY%2F2ERcvIgMzs4%2BqB57%2FX3Dr%2Fvvfr60F0SH45erN3Ue1IpurRc9StvbQfBjcqmTF2%2F0m9Gn0X1GxXTe7cVVf23Kx8K1tVLoR%2F4fuAHlXVpRFv3lyYiZHbaCqotv1oPq8FyHX3z%2F946D5Z64L1L8jIkHy8%2B9q5DshHS5Mc1Ybu5zt75IHGK5tqgx08%2BTbupLlIk87JtPLTTk9k0tH26%2Fgg6PZ7iQvf%2BHYzlmHhPHiFOT2aQiHtHU85YQaSI%2BYsoeiMINYKkIzB9H5I%2FJQDjuLWFNHlwS5uC7j5X6UQdk8WrvyCLMVn88zrS5IdVJfuVu1q5XOrUot8uIfsjyM4ImTtDvncNsjgDy7%2BE5L%2BRpatNpMnRllUakpdT71KOINsjKDEAtR7c5JMeXNuDyzwk%2FKLCgiBo%2BJxRv9lirMYbIo64H9BGO6CBHzXh2ARvgDwbgKkBmNlHZvbRlQMY9yvsTgnLPdh8TLyP99HjJQpBUFiCghIUkqDICYpeecyVDW35gCvr4mCWw1mulUOddw7psc47IiWH2SV5abqXZ9tX6IqLCg2bUcsPG60JXJ21mjGLA9EMwloYMt5owsoS0l6bWt2b3Ki8RCbHhHzzB2J6BqvOwOQboO410GLYCH3QnWG96WMvPXVprDTrCl6VHFyXyPJF5Lveobokr0w5attvQrDzlc%2Fjm%2BNnD%2F8GMyUyU%2BIL%2BZigow6Gd3RBju7owpKftrJcJnKPTm53N6e5WPjuI7FbaMM31uzg4XtsIkzK00%2BEzTdpymXaseT7Vcm5MOvaMEF%2B2bD3RHzb2Z1VZ1KXbd5%2Bf30jyYywVup0BDqx9uQcTI7JCz8fT5%2Flq18dQJoRjCuRuHMyC0h9Bpbtw2ZzfqsXYNR8Js48FK4cmjCe%2F1SSQIl5T%2BMS9j99PK8P7QE65nXQ%2FD7SpETPlOipElQNYN3CMM%2FM%2BcrvtWkgVt4wVsY7ipVR3z5frpUXlUat5tOotRw0GlQ04nrYbEcBpzSsR2EU0RpyO2Yr6%2Ff%2BAQAA%2F%2F8BAAD%2F%2FzZgqKdhBAAA HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: u_pl=15816950; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca286902791a7f4c98bcb1e812322cd78=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 21:19:19 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f82467faa24a40f4306af47b61b46266
Strict-Transport-Security: max-age=0; includeSubdomains
mc.yandex.ru/watch/71953213/1?wmode=7&page-url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A641595367198%3Ahid%3A90022406%3Az%3A0%3Ai%3A20221006211918%3Aet%3A1665091158%3Ac%3A1%3Arn%3A601529218%3Arqn%3A1%3Au%3A1665091158477788476%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C0%2C%2C0%2C%2C1487%2C17%2C%2C%2C%2C1729%3Ans%3A1665091156017%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665091158%3At%3AFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/71953213/1?wmode=7&page-url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A641595367198%3Ahid%3A90022406%3Az%3A0%3Ai%3A20221006211918%3Aet%3A1665091158%3Ac%3A1%3Arn%3A601529218%3Arqn%3A1%3Au%3A1665091158477788476%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C0%2C%2C0%2C%2C1487%2C17%2C%2C%2C%2C1729%3Ans%3A1665091156017%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665091158%3At%3AFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 7470adb1b56f4d9847e81097e017f5e5
b682f83997a53c07390ff53b62184fb13e07aa67
a8ca1150174b888ebe7093fa4a14793654d479a7052ba39befbe08c50800524e
GET /watch/71953213/1?wmode=7&page-url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A641595367198%3Ahid%3A90022406%3Az%3A0%3Ai%3A20221006211918%3Aet%3A1665091158%3Ac%3A1%3Arn%3A601529218%3Arqn%3A1%3Au%3A1665091158477788476%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C0%2C%2C0%2C%2C1487%2C17%2C%2C%2C%2C1729%3Ans%3A1665091156017%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665091158%3At%3AFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Referer: http://french-stream.123megaproxy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Thu, 06 Oct 2022 21:19:19 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 21:19:19 GMT
last-modified: Thu, 06-Oct-2022 21:19:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1b3dd97b97316a507c91c7d443c8d560
a30d5c9bfac0331de4632be66fc2ae9f326aa9b4
fa74d08e3a9f5c061543af6fe371b8e7a29df224333001950903a4f1f610135f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FA74D08E3A9F5C061543AF6FE371B8E7A29DF224333001950903A4F1F610135F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3563
Expires: Thu, 06 Oct 2022 22:18:43 GMT
Date: Thu, 06 Oct 2022 21:19:20 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 06 Oct 2022 21:19:20 GMT
Date: Thu, 06 Oct 2022 21:19:20 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg
200 OK 60 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 281x290, components 3\012- data
Hash 9337eb4f9526f6d16e6d1602d8fee3ae
203c7272c5a60a752db43857b2d337d644f690f5
1e803197ccab280a9285cdae1adbea170504d59ef0bbf02aab3d9785c0871422
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:20 GMT
content-type: image/jpeg
content-length: 59931
last-modified: Tue, 08 Feb 2022 14:18:00 GMT
etag: "62027b98-ea1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5570099
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPf9WTxeDmSSQm6e0BJNBiOg2mhfFn4xPqYHVaH%2FlYUDjebsRYMAeic8sj3mhe1SGPzRN0jjxZFbizDCdPf%2F0bKdtpS9WM6y3ITB7xII0MfTTBz2q%2BDG3teTvn3N3onxULY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75616f47c9d471bc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1b3dd97b97316a507c91c7d443c8d560
a30d5c9bfac0331de4632be66fc2ae9f326aa9b4
fa74d08e3a9f5c061543af6fe371b8e7a29df224333001950903a4f1f610135f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FA74D08E3A9F5C061543AF6FE371B8E7A29DF224333001950903A4F1F610135F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3563
Expires: Thu, 06 Oct 2022 22:18:43 GMT
Date: Thu, 06 Oct 2022 21:19:20 GMT
Connection: keep-alive
interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=669
200 OK 0 B URL HTTP/1.1 interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=669
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=669 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 21:19:20 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=258
200 OK 0 B URL HTTP/1.1 interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=258
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=258 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 21:19:20 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fanimate.css&l=79245&fd=264
200 OK 0 B URL HTTP/1.1 interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fanimate.css&l=79245&fd=264
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fanimate.css&l=79245&fd=264 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 21:19:20 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css
200 OK 2.5 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css
IP
Hash f1766bbd61c5bc27a636c8b30875588f
4a72ecdd5fa887887d2d8eb67b65491c9731708c
ba5bd2b5efbcbfb3c82b59173e4bbda4dd81477adae455c3d48f8c1005f444ab
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:20 GMT
content-type: text/css
last-modified: Wed, 09 Feb 2022 11:16:21 GMT
etag: W/"6203a285-2751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaov1Fn4yu6VhfTLyfK4u26aZZC07KTkydMenyU9ZtwE5ddQxMutDfJSrSe%2FgvDUX8upxqjnThje6bUofYYt9UHAgh42C0C52T1lmMGbLDPEWiI5mW7C5xbhHVl7DW70ho8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75616f47b9a071bc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 20:16:34 GMT
Expires: Thu, 05 Oct 2023 20:16:34 GMT
Cache-Control: public, max-age=31536000
Age: 90166
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 20:16:34 GMT
Expires: Thu, 05 Oct 2023 20:16:34 GMT
Cache-Control: public, max-age=31536000
Age: 90166
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js
200 OK 264 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js
IP
Hash f1d253bbf520e8385e1a4cd6316ca464
fd00e68441b30bcc93dce815b9db55306fdb5db5
9ec8bc78e9b33515e4d0da46ebc6ef50536443297afed70c6417a3cb4c2b9512
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:20 GMT
content-type: application/javascript
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2PnzIg1u%2BmgWsnso1oAbgvyHoKM9t7bUEeSdIASbqU7zGnapG861lGH6knQHOCoXEV5MxwOlutJqeJxB6EC1jODuJsFsv7nibtjERXRJySgS4fblsgJ7BEkg4snHugVvEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75616f47c9bc71bc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
interesteddeterminedeurope.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 interesteddeterminedeurope.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: u_pl=15816950; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca286902791a7f4c98bcb1e812322cd78=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 21:19:20 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
glimtors.net/pfe/current/defaultSkin.min.js
200 OK 19 kB URL HTTP/2 glimtors.net/pfe/current/defaultSkin.min.js
IP
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (52034)
Hash 0618e49233567190d18bfe72d6be54a1
acceb61e398cef1b90f42871ba51c2d70ab97ec2
baefbd5580db4a5f29278d7e19570e6fd102b8ac72b5a491fd0c06a83a5f8d63
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-df63"
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
rndskittytor.com/500/4837723?excludes=&oaid=7df1f66e0c674c7b84b25f6a1e970245&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 1.1 kB URL HTTP/1.1 rndskittytor.com/500/4837723?excludes=&oaid=7df1f66e0c674c7b84b25f6a1e970245&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1308), with no line terminators
Hash 05975e5bf7eef29896916d97122c83cc
e92706ea2fd42d79eae76753c3f961ef0ff59927
c0f5cd41d18e04f2e7cc7446a78bcf0f3a983932a818b403e4a3d67ae124bdc0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/4837723?excludes=&oaid=7df1f66e0c674c7b84b25f6a1e970245&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 21:19:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 8d47d2e6aee0304d4b7e1b504e56e238
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: http://french-stream.123megaproxy.com
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=7df1f66e0c674c7b84b25f6a1e970245; expires=Fri, 06 Oct 2023 21:19:22 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
benumelan.com/11?rnd=1404601413&z=3372123&b=14566424&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw==&ruid=ceb40a44-2cbb-4b9d-9820-70aaf44b2da4&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
200 OK 0 B URL HTTP/2 benumelan.com/11?rnd=1404601413&z=3372123&b=14566424&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw==&ruid=ceb40a44-2cbb-4b9d-9820-70aaf44b2da4&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=1404601413&z=3372123&b=14566424&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw==&ruid=ceb40a44-2cbb-4b9d-9820-70aaf44b2da4&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Cookie: scm=1; OAID=s7td453291ls622626062g3q4rqqj338; oaidts=1665091156
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:23 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e557a3ffd5002b4c6c192c5580bc0d90
access-control-expose-headers: X-Sc
set-cookie: OAID=s7td453291ls622626062g3q4rqqj338; expires=Fri, 06 Oct 2023 21:19:23 GMT; secure; SameSite=None
oaidts=1665091156; expires=Fri, 06 Oct 2023 21:19:23 GMT; secure; SameSite=None
oaidvc=1; expires=Fri, 06 Oct 2023 21:19:23 GMT; secure; SameSite=None
CNT=1_v1_GETeAAEAAABHSwAA; expires=Thu, 06 Oct 2022 22:19:23 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D752488278%26z%3D3372123%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw%3D%3D%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3Dceb40a44-2cbb-4b9d-9820-70aaf44b2da4%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Ffrench-stream.123megaproxy.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
200 OK 0 B URL HTTP/2 interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D752488278%26z%3D3372123%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw%3D%3D%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3Dceb40a44-2cbb-4b9d-9820-70aaf44b2da4%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Ffrench-stream.123megaproxy.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP
GET /?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D752488278%26z%3D3372123%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_zDa4uCoU4mRxlJlEEcxkTJaCd4GYN_k-DjI-RqDMUaQ6TXJ38s7ChoYCSoPG3bcdqBNJ6q-XjT23AlwndaDsk6vhiIRN0u6l0GtMxoHJ4z8hhB6Oj5cxAiNk_FgIGRS2isI3nwdco5YlDPr8OjWstaC3GCiM9DUm8rt32kKnH3igN_C2-G1jX9pBYkt-lqYybePdWYfn2V1ZbgVyzfQUQ3SIMFqUtzkL-s84Cxi_DeEYuSekyz95L9O8ckIWX_m6UsnmuuP5UsblEiv5rzJjS1XretVtUVN_zYXzGsDWDxv3JKvvEy1Ej7eBohL0T7c6w1ftM8CEoIWc5B4NnjSJ0qlivq0cyOQlyxWjrhQcaEW8QgJBNQPaeJz9jxi2k9NMoK3KU-NfonN_7IBkRbG9UkxifzMfpZXAO7bKOrLBccQflb4wUYMzKChmp10N5dDuE5S09Qd3q7fm_YjjdgkngxMdqkj5ngBvbEuljte_COC3TPMx5hzLjlgswrmwCfTQg_TgmEEcc3v9zBtwX4T_tbNHhxSEv3-SwdZd9UaLgdqe0bM6CvQUHeuzuKi4CwDS5vSrZrUvFKzJX2-EDUdOhlBZ7TRvAR-8YmiZsdrQkJS17a_X1mKSj5H2WXiejmffY3FO7FMp2Ur4Do-VZiHtw%3D%3D%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3Dceb40a44-2cbb-4b9d-9820-70aaf44b2da4%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Ffrench-stream.123megaproxy.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=PlhASXyNlPUJ9KNM3fuFus-PowLR1xkgxqXxOsYtqyY; expires=Thu, 06-Oct-2022 22:19:19 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddoan.club/apu.php?zoneid=3388548
200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/apu.php?zoneid=3388548
IP
GET /apu.php?zoneid=3388548 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:17 GMT
content-type: application/javascript
x-trace-id: ceb07e1eb3a225a0db68dd826bd32dcd
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=3b24e466abcf4d15a6094890ea64e267; expires=Fri, 06 Oct 2023 21:19:17 GMT; path=/; secure; SameSite=None
oaidts=1665091157; expires=Fri, 06 Oct 2023 21:19:17 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=1529461326
200 OK 0 B URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1529461326
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1529461326 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:19 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 182cbe1d591c52ce75675c10209ff0fa
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
french-stream.123megaproxy.com/
200 OK 0 B URL HTTP/1.1 french-stream.123megaproxy.com/
IP
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: french-stream.123megaproxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://french-stream.123megaproxy.com/
Connection: keep-alive
Cookie: __atuvc=1%7C40; __atuvs=633f46545f4ed122000
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:19:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWqLE3xGIG5MgP7likeRFepWpvh%2BNTf%2FY3SuBCv5PNLvDZ7otc1kTV%2BdLqfJ70CYp105X63EiatSjhaaSzOn5u9ncBRfvM9vik0uBS1ehua%2Brh7p4sN8DY3vLuJvdqd%2Bl%2F0jI8WFwjpBBtVL2prazIk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75616f395fa20b51-OSL
alt-svc: h2=":443"; ma=60
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html
200 OK 0 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:20 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 11:16:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xz5rwrI6LSHwtzGtO1hQf%2Bjr2%2Be1lwLRXcKLdKmcnui7qED21uKiyKMeIhpFECc%2BbzFjvrIRLAQQolJ50mpAQ7fYMVB4KLYzE%2BgXzuntXi37qy5t7dqqphzYWZDObIz6UbF%2Bl9o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75616f42fc06b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
glimtors.net/pfe/current/universal.min.js?v=3.1.396
200 OK 0 B URL HTTP/2 glimtors.net/pfe/current/universal.min.js?v=3.1.396
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:16 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1fafa"
access-control-allow-origin: http://french-stream.123megaproxy.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
benumelan.com/1?z=3372123
200 OK 0 B URL HTTP/2 benumelan.com/1?z=3372123
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=3372123 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:19:16 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e51061b722dd50c5b1c82871fe9091a2
access-control-expose-headers: X-Sc
x-sc: aqNyENWmup5qsc0N6CwVgzhW-cMAzybW9_3vUPdu3yTXtPY_l7kTfPzWT339X_NzaZwtEX_nY6gZSzVsOLep_wF3RUM=
set-cookie: scm=1; expires=Fri, 06 Oct 2023 21:19:16 GMT; secure; SameSite=None
OAID=33a568ccbe1c4b2e846dfc5122b49daf; expires=Fri, 06 Oct 2023 21:19:16 GMT; secure; SameSite=None
oaidts=1665091156; expires=Fri, 06 Oct 2023 21:19:16 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ecma.sidebyz.com/j/m/w2.js.php
200 OK 0 B URL HTTP/2 ecma.sidebyz.com/j/m/w2.js.php
IP
GET /j/m/w2.js.php HTTP/1.1
Host: ecma.sidebyz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Lvpe6Dy8s%2F7nS2FZ890Mogp2mBsGs71fAbeaVNpVgBcKylnM7ePhapg0D7N%2BY%2BkPfysQ4ui%2BLO3OeXOeuRHAU9xBsJr1lwx2KvCTFksVEDJ%2B0mLpl4qDSTKgaBTVoP5nTrI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75616f333d16b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71953213?wmode=7&page-url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A641595367198%3Ahid%3A90022406%3Az%3A0%3Ai%3A20221006211918%3Aet%3A1665091158%3Ac%3A1%3Arn%3A601529218%3Arqn%3A1%3Au%3A1665091158477788476%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C0%2C%2C0%2C%2C1487%2C17%2C%2C%2C%2C1729%3Ans%3A1665091156017%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665091158%3At%3AFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/71953213?wmode=7&page-url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A641595367198%3Ahid%3A90022406%3Az%3A0%3Ai%3A20221006211918%3Aet%3A1665091158%3Ac%3A1%3Arn%3A601529218%3Arqn%3A1%3Au%3A1665091158477788476%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C0%2C%2C0%2C%2C1487%2C17%2C%2C%2C%2C1729%3Ans%3A1665091156017%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665091158%3At%3AFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
GET /watch/71953213?wmode=7&page-url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A641595367198%3Ahid%3A90022406%3Az%3A0%3Ai%3A20221006211918%3Aet%3A1665091158%3Ac%3A1%3Arn%3A601529218%3Arqn%3A1%3Au%3A1665091158477788476%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C0%2C%2C0%2C%2C1487%2C17%2C%2C%2C%2C1729%3Ans%3A1665091156017%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665091158%3At%3AFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20!&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/71953213/1?wmode=7&page-url=http%3A%2F%2Ffrench-stream.123megaproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A641595367198%3Ahid%3A90022406%3Az%3A0%3Ai%3A20221006211918%3Aet%3A1665091158%3Ac%3A1%3Arn%3A601529218%3Arqn%3A1%3Au%3A1665091158477788476%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C0%2C%2C0%2C%2C1487%2C17%2C%2C%2C%2C1729%3Ans%3A1665091156017%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665091158%3At%3AFrench%20Stream%20-%20Films%20et%20S%C3%A9ries%20en%20HD%20Streaming%20Gratuit%20et%20Sans%20PUB%20%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 06 Oct 2022 21:19:19 GMT
access-control-allow-origin: http://french-stream.123megaproxy.com
set-cookie: yandexuid=4703648691665091159; Expires=Fri, 06-Oct-2023 21:19:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4703648691665091159; Expires=Fri, 06-Oct-2023 21:19:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1447261591665091159; Path=/; SameSite=None; Secure
i=RpLpCzH9WOonFi9ZgHS/89QEku5LCgpl8mWDHmmHAhW1mgOh0rYh+WdfFgL/qk0HHGt9/0otDym0gpBaQ2Fn+m8Czgo=; Expires=Sun, 03-Oct-2032 21:19:07 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696627159.yrts.1665091159#1696627159.yrtsi.1665091159; Expires=Fri, 06-Oct-2023 21:19:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 21:19:19 GMT
last-modified: Thu, 06-Oct-2022 21:19:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 0 B IP
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:17 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4777
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roj0r3i%2FKSCBssRo8H9IvYPiXz1o0uYWcHhxeiL31NWgqJyolckTfw8vOuzN%2BZIQrBKwbFDntxj%2BKXg4CGQDanHDx4klpV7lXi60GNq3IUtNMiml5ZsGVzu2v%2FPb0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75616f355b150afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
matomo.hellohi.me/matomo.js
200 OK 0 B URL HTTP/2 matomo.hellohi.me/matomo.js
IP
GET /matomo.js HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://french-stream.123megaproxy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 19 Aug 2022 17:37:06 GMT
etag: W/"62ffca42-fbde"
expires: Thu, 06 Oct 2022 22:12:10 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 427
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMNZtbTaftzz2jCLlPcGmGcWxeXdMUTX4R3l2c4aaNVLWL8LEUv4Rv4oAYPv7SEDDewPXM3Sw%2FzkQdwAmPTHSTrWLlsNAbylgFLzaBGA%2FuIQXUz2vCyVRKotKwRhfe82W9L1rA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75616f360c15b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://french-stream.123megaproxy.com
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:20 GMT
content-type: text/css
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB63KTVgihKo%2BCeBPnU29MYv92Pb2PEqs1GaoLd3OIjpuQc3h%2FsIqSQgADWQeCM3jppy1cehvnPPF%2B0ovMGiRi2rZ0nEOaxxsxPA4RibrLjBPZOQ7pkofYt5JKvigt0Ra7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75616f47c9d071bc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
metrica-yandex.com/metrika/tag.js?1001
200 OK 0 B URL HTTP/2 metrica-yandex.com/metrika/tag.js?1001
IP
GET /metrika/tag.js?1001 HTTP/1.1
Host: metrica-yandex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://french-stream.123megaproxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:19:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
etag: W/"61564186-eb6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 32047130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrL11eIe5oJtF3jybzIvLAJpTxTrMbYNeXiFpGz1UVWF9jvmn1ePXdzXxBUdKSz3F47H%2BMvcDAjwEUVj6M5JTvrDvZFAL4r3EnQki14WqyItvtgpWhhLXlW4XfEB0c%2FFq2Tg2gM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75616f2cfa461c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.177.70
23.36.76.226
93.184.220.29
3.67.146.56
104.21.94.42
151.101.84.193
93.158.134.119
46.105.201.240