| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css |  104.17.24.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:22 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 514587
expires: Sun, 27 Apr 2025 21:25:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5MY%2BQvu1wWiKtECCukumnVSxylCik17q1ZNMsx%2FNBwxDCdxn%2Bbr9ve9TGYHdJnEt8%2F7Q8X67GZCWBa6XERw1l%2B%2BNVw3KrfMvoReAPGAPWYZueIR4ImUxURV7Lr%2F0B7xfxuUT6PgP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880448409dd55688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js |  142.250.74.106 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 420281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pix1.wapkizfile.info/download/e9c95b92b2aa9d787bc332d77db2ac74/newmoviesupdate+wapqiz+com/AFilmyHub-Logo-(newmoviesupdate.wapqiz.com).png | 104.21.234.68 | 200 OK | 126 kB |
URL GET HTTP/2pix1.wapkizfile.info/download/e9c95b92b2aa9d787bc332d77db2ac74/newmoviesupdate+wapqiz+com/AFilmyHub-Logo-(newmoviesupdate.wapqiz.com).png IP104.21.234.68:443
CertificateIssuerGoogle Trust Services LLC Subjectwapkizfile.info FingerprintA3:EA:AE:14:DF:6C:CD:88:92:9F:5D:7C:31:A1:DE:4A:56:DD:CA:E7 ValidityFri, 29 Mar 2024 23:11:04 GMT - Thu, 27 Jun 2024 23:11:03 GMT
File typePNG image data, 1280 x 310, 8-bit colormap, non-interlaced Size126 kB (125827 bytes) Hash368a5450d083767bb77f54f5c2f2ebe7 d8540fa84c07465f857210048c346282121d21de 4eccb131435df9899a6a4bf5820fa74378e6da322ec298a262894b00b19e0f8d
GET /download/e9c95b92b2aa9d787bc332d77db2ac74/newmoviesupdate+wapqiz+com/AFilmyHub-Logo-(newmoviesupdate.wapqiz.com).png HTTP/1.1
Host: pix1.wapkizfile.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:22 GMT
content-type: image/gif
content-length: 125827
x-powered-by: PHP/5.6.40
access-control-allow-origin: *
cache-control: max-age=2678400
cf-cache-status: HIT
age: 97725
last-modified: Mon, 06 May 2024 18:16:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=glyX5gbv7rQ7i9H2gsXtBPa4IryNGYsxmvZPVpCKKxI%2F6CzlKmGqYdLmtHMjuFpqrKD5dSngwpADtwbDRmWpC921DlR01nUaW1CiAGzswOIuPrhilr6gXpKmtX39d9qyekqwOoh9rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448412f5b76f3-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.extraimage.info/pix/FWImW.gif | 104.21.235.31 | 301 Moved Permanently | 167 B |
URL GET HTTP/2i.extraimage.info/pix/FWImW.gif IP104.21.235.31:443
CertificateIssuerGoogle Trust Services LLC Subjectextraimage.info Fingerprint85:89:CD:3F:64:6E:F5:26:76:3E:28:A1:58:E8:A3:52:3F:72:13:4B ValiditySat, 13 Apr 2024 21:02:17 GMT - Fri, 12 Jul 2024 21:02:16 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /pix/FWImW.gif HTTP/1.1
Host: i.extraimage.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 07 May 2024 21:25:22 GMT
content-type: text/html
content-length: 167
location: https://i.cloudimage.xyz/pix/FWImW.gif
cache-control: max-age=3600
expires: Tue, 07 May 2024 22:25:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nykUGMELGLLALTXzFPkqAwaw%2B0nes5FITS6KYaDiuhia524B2bcGNHEk6jhZ0s0Dppb0XNJ%2F%2FkOSiMswiYzM8qLNET%2Foo7krYbIztmm5rWNcOGOxak5f6Q%2BteqHbFWPqtt%2FX1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448420fbd954a-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL | 142.250.74.168 | 200 OK | 103 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size103 kB (102608 bytes) Hashdaf175c696316897f5b06ea97d994e8b 14a7fc0ad2973fea60bc745108d18f24416d7797 62e1e31cc786d1b1ef14afef1cb4d58e21f1d16befc009dbc5f8bd56b9589e1b
GET /gtag/js?id=G-P0LJR3FHEL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:25:22 GMT
expires: Tue, 07 May 2024 21:25:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-QLSVXWJR59 | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-QLSVXWJR59 IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101588 bytes) Hash98f4723608af0cb01f181e0fdae8fc55 33f481cad26ae196ee95adb43a1b0e342e63c32b c184194844dd676dffde23ca95acaab11a7e822e57de867d0ade6b77559c6650
GET /gtag/js?id=G-QLSVXWJR59 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:25:22 GMT
expires: Tue, 07 May 2024 21:25:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101588
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| greenfox.ink/d/asyncjs.php |  5.45.74.150 | 200 OK | 4.4 kB |
URL GET HTTP/1.1greenfox.ink/d/asyncjs.php IP5.45.74.150:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
File typeJavaScript source, ASCII text, with very long lines (4401), with no line terminators Hash7dd2e8fda9c2505366169943cbf2d2d2 3b64b2fc61220dfc88ed53644eb786e313183c61 aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89
GET /d/asyncjs.php HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 21:25:23 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
ETag: 1d63e790351363d29b61f9cf59b98fad
Expire: Tue, 07 May 2024 22:25:23 GMT
Cache-Control: private, max-age=3600
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; secure; SameSite=none
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUFc_p__p_jd6PQgZkmJUHu4fjAl_p__p_W8IkP2Yjn7zuAXwiIeB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqL3E7jMzwiGQdxNEZB2QTlwANDGJSf6IEzH4w5ojBYexo3M_p_M4LSxT0HOHa0q4LJ8yEWD9CYMdV7U9vsBaRsNjUwbkCDuX1pMTiyxvBZ1P7uo.webp | 104.21.68.249 | 200 OK | 7.2 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUFc_p__p_jd6PQgZkmJUHu4fjAl_p__p_W8IkP2Yjn7zuAXwiIeB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqL3E7jMzwiGQdxNEZB2QTlwANDGJSf6IEzH4w5ojBYexo3M_p_M4LSxT0HOHa0q4LJ8yEWD9CYMdV7U9vsBaRsNjUwbkCDuX1pMTiyxvBZ1P7uo.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hash6f3817611d19b4208415e7c82d057182 efd5c901ca5d28e9895e2f3633971fdcee9f0404 c0ecbcf894ef797d059b05676810784e5bc3f7f5bd364c3afabfd9232ecc4505
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUFc_p__p_jd6PQgZkmJUHu4fjAl_p__p_W8IkP2Yjn7zuAXwiIeB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqL3E7jMzwiGQdxNEZB2QTlwANDGJSf6IEzH4w5ojBYexo3M_p_M4LSxT0HOHa0q4LJ8yEWD9CYMdV7U9vsBaRsNjUwbkCDuX1pMTiyxvBZ1P7uo.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
content-length: 7248
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 13:39:27 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 13:39:28 GMT
cf-cache-status: HIT
age: 181056
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2csGjAmdnkHyASuyVtyjPbYvp6Bsp6lvOrzvonAebvC7rTeGT3TmDilO5o26L%2B5%2F5IAZtv1u3KN74VZFPf1Jnuv8YT0VAzDo1YgfmHGicXvdPaT2LLhxyUss9iiEJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448443a5056ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUId7qjcvbcjM52Kxu_s_46_s_GmuuR_s_NwOjIHmvmrTXwrfex3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqEyVX2KyVucFA3aVou5AvQ1FpcbNPMqfkcKZ0k4Fllcxh_p_G7sIIS8L_s_2_s_ESVb5FNcTC3HhQeggf_s_RVoNpOAo4vfSulIBGKwdwVhyVrQN5c9vgCdNzm8a3a041L.webp | 104.21.68.249 | 200 OK | 7.2 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUId7qjcvbcjM52Kxu_s_46_s_GmuuR_s_NwOjIHmvmrTXwrfex3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqEyVX2KyVucFA3aVou5AvQ1FpcbNPMqfkcKZ0k4Fllcxh_p_G7sIIS8L_s_2_s_ESVb5FNcTC3HhQeggf_s_RVoNpOAo4vfSulIBGKwdwVhyVrQN5c9vgCdNzm8a3a041L.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hash4377bfb3ac023e79fec27b26b553b0d1 bd66fd8ee6271d55d92e34d2c9bcfb8396335bc8 2f68ab528239f2ec63cf239d86a92d4faa31048ce028671c15f2efa51f1ce188
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUId7qjcvbcjM52Kxu_s_46_s_GmuuR_s_NwOjIHmvmrTXwrfex3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqEyVX2KyVucFA3aVou5AvQ1FpcbNPMqfkcKZ0k4Fllcxh_p_G7sIIS8L_s_2_s_ESVb5FNcTC3HhQeggf_s_RVoNpOAo4vfSulIBGKwdwVhyVrQN5c9vgCdNzm8a3a041L.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
content-length: 7154
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 14:23:08 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 14:23:08 GMT
cf-cache-status: HIT
age: 181052
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AEoUu1ObLRabSJROKXAEgVVmObZHscl%2FSinnG2IWIunUfclMHx%2BFxDVKYnWzDsAq8tU3sVgCorHBgTbFcsNjxygr3toN630h%2FhDoIP9uM0sNN2A75dd4BORXB2fbCgE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448446ad256ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.17.24.14 | 200 OK | 77 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://afilmyhub.mom
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 518958
expires: Sun, 27 Apr 2025 21:25:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XccBh8rSCLWTcjx%2FvtNUnEsEUzXKdcYAj58gk0sbVFnmpsjqm2sRM%2FtcTZBqHK62HAUpZmU4KirQIbfEBkTjhh7eaYWTrOakzVY7aGV2Lh9yruROn7usB9r3cBTS6jc95IvLBwpt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880448447901b50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i.cloudimage.xyz/pix/FWImW.gif | 188.114.96.1 | 200 OK | 53 B |
URL GET HTTP/2i.cloudimage.xyz/pix/FWImW.gif IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcloudimage.xyz Fingerprint8A:8C:9B:F1:7F:2C:A3:0D:E8:05:55:77:F6:C2:29:C2:DA:51:54:3A ValidityMon, 18 Mar 2024 08:34:57 GMT - Sun, 16 Jun 2024 08:34:56 GMT
File typeGIF image data, version 89a, 6 x 9 Hashc44d7276d2ad8be4b161913858543240 a722fe7503521836755e11b85a031e7fd03cf74e 8f552b7abfb2893f5347d14573e46a539b8945a636b2939b4caf1849459514e8
GET /pix/FWImW.gif HTTP/1.1
Host: i.cloudimage.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afilmyhub.mom/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/gif
content-length: 53
last-modified: Tue, 30 Mar 2021 01:12:43 GMT
etag: "60627b0b-35"
expires: Fri, 07 Jun 2024 21:25:23 GMT
cache-control: public, max-age=2678400
cf-cache-status: HIT
age: 623247
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e7LxFvBHnKzfcBbFxAShovQnmK7MrsTYh9LcG2Oxqh3jF0Uc%2FUHlh0wJ%2FD6%2B7yRHwNuR5q9yuKiWOTRRPM8nsVKwaZWqBFENmtdb7rZFl66TMNnyPwuBGUf7Na%2F8BFUgclp%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88044844ad80b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ad.a-ads.com/2322036?size=320x100 |  78.46.33.196 | 200 OK | 8.1 kB |
URL GET HTTP/2ad.a-ads.com/2322036?size=320x100 IP78.46.33.196:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerSectigo Limited Subject*.a-ads.com FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6 ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash7e52800b213386f1205ad2816093c070 d2180ff5306adcc44fd065d799cc666dbdd32e55 a7d3333b5b6be816e93057d4a59b4720448fb325512aafbf20dadf8d48fd7946
GET /2322036?size=320x100 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:25:23 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://afilmyhub.mom/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUJJuugcaLYjJ9wfhe45v6Uyr6Q_p_ttVjty7vDuCCArQeB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqW1V3rNy0iWhhzNkVYoSjJ2RsXK46R4IE6A4Y0pDBWZxg_s_d4MDPilDmk7uAHqHNdBSVnfyBcI4avANj5tVBIYrGwX4Ag.webp | 104.21.68.249 | 200 OK | 79 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUJJuugcaLYjJ9wfhe45v6Uyr6Q_p_ttVjty7vDuCCArQeB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqW1V3rNy0iWhhzNkVYoSjJ2RsXK46R4IE6A4Y0pDBWZxg_s_d4MDPilDmk7uAHqHNdBSVnfyBcI4avANj5tVBIYrGwX4Ag.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hash8d8b11764c968bd6b2f4811f5950dd2a aac9e5f9ee721d0fdb7baa1d0bd53c47d2eacb9b a53950caf0ec5c656e4bc8ea0bd4f2f2060cbd4fab30b6e8a5ab467be75a0cfd
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUJJuugcaLYjJ9wfhe45v6Uyr6Q_p_ttVjty7vDuCCArQeB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqW1V3rNy0iWhhzNkVYoSjJ2RsXK46R4IE6A4Y0pDBWZxg_s_d4MDPilDmk7uAHqHNdBSVnfyBcI4avANj5tVBIYrGwX4Ag.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 13:28:57 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 13:28:58 GMT
cf-cache-status: HIT
age: 181056
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewINmkQfprqXqEnTyMe3DqOKdSBZ3QuXPfmu5zNCGxW1Lv4SklMJwcDDAo2EPG8r%2BurhERBoz7XBG20QQAAoSGXTIaEoHU1%2F327GC%2BiTop5yBD1QWHdPl0oAfG0RD%2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448448af756ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.a-ads.com/a-ads-banners/511236/320x100?region=eu-central-1 | 78.46.33.196 | 200 OK | 15 kB |
URL GET HTTP/2static.a-ads.com/a-ads-banners/511236/320x100?region=eu-central-1 IP78.46.33.196:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ad.a-ads.com/2322036?size=320x100 CertificateIssuerSectigo Limited Subject*.a-ads.com FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6 ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typePNG image data, 320 x 100, 8-bit/color RGBA, non-interlaced Hashc6c1e6b5c1a54e27528c04d726ee7188 b91fd65219d886719fd77db15128a5771878b4c3 99208c6cc981dd0abb3fd6ed95688cbde81b312100e40acd5915d1b9abadc767
GET /a-ads-banners/511236/320x100?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/png
content-length: 14921
x-amz-id-2: CZ/4T7UVTHWFBYgjz4S7uMhQ5HEhc/AKHKEuytfFINC1vj3OCoxi8SEJumDn80vchuDWVq0Tp4Q=
x-amz-request-id: GVSHHZ30SNPVEQ4K
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 May 2024 07:51:22 GMT
etag: "c6c1e6b5c1a54e27528c04d726ee7188"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: 2k.8UmWR0p3dpIB65z4QuXs9R8rz4nt2
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| counter.jdi5.com/online.js | 172.67.165.78 | 200 OK | 351 kB |
URL GET HTTP/2counter.jdi5.com/online.js IP172.67.165.78:443
CertificateIssuerGoogle Trust Services LLC Subjectjdi5.com Fingerprint0A:37:16:13:78:6E:DA:39:59:5C:BF:40:B2:52:20:5D:E0:13:DB:60 ValidityWed, 13 Mar 2024 22:43:31 GMT - Tue, 11 Jun 2024 22:43:30 GMT
File typeJavaScript source, ASCII text, with very long lines (772) Size351 kB (351129 bytes) Hash4f523ee76ef763cfac52a5cea048f88f a27896ed6e4d7c17138fb045eb9ee7bfd8f2e010 024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a
GET /online.js HTTP/1.1
Host: counter.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:22 GMT
content-type: application/javascript
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=4470
etag: W/"63404fee-1176"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 07 Oct 2022 16:12:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 609196
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3EbUIf3Q3kIrBkDCTlZEvZoNkHplwZS8saLX3hcarSZGRaSgE1ZJrJ%2F9sspURz85uGQK025Jxi4vHiKO1RvnNT5QpQQB%2FntX2810IraHlbZPTs12oVHIiubXhYMkxMW%2FJr6T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88044840fd28b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 216.58.207.227 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP216.58.207.227:443
Requested byhttps://ad.a-ads.com/2322036?size=320x100 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 124266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 216.58.207.227 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP216.58.207.227:443
Requested byhttps://ad.a-ads.com/2322036?size=320x100 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 124266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=0080555756f94478f3be5a4b414bab47 |  139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=0080555756f94478f3be5a4b414bab47 IP139.45.195.8:443
CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash842c8e1ebbafeb1559f514aa04944607 3d407577af54117295071e31cade6973946cf768 e8e36fc75daa8d4559326f39f0fc1902ea42233616ead8513ebc28c0e0ce675a
GET /gid.js?userId=0080555756f94478f3be5a4b414bab47 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afilmyhub.mom
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:25:23 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://afilmyhub.mom
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080555756f94478f3be5a4b414bab47; expires=Wed, 07 May 2025 21:25:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| i.cloudimage.xyz/pix/2020/07/23/cropped-Film-icon-1-32x329fbdc.png | 188.114.96.1 | 200 OK | 1.8 kB |
URL GET HTTP/3i.cloudimage.xyz/pix/2020/07/23/cropped-Film-icon-1-32x329fbdc.png IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcloudimage.xyz Fingerprint8A:8C:9B:F1:7F:2C:A3:0D:E8:05:55:77:F6:C2:29:C2:DA:51:54:3A ValidityMon, 18 Mar 2024 08:34:57 GMT - Sun, 16 Jun 2024 08:34:56 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash39230a8c60b91df7f58493242cdb7051 5632eea9f9bae59cdf2ec1529a39ec8afea843fc 88bc0f5af963c49ad81d0bcbcd1d454d4b7cc790e884dbad895e03952325bdda
GET /pix/2020/07/23/cropped-Film-icon-1-32x329fbdc.png HTTP/1.1
Host: i.cloudimage.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/png
content-length: 1793
last-modified: Tue, 30 Mar 2021 03:40:58 GMT
etag: "60629dca-701"
expires: Fri, 07 Jun 2024 21:25:23 GMT
cache-control: public, max-age=2678400
cf-cache-status: HIT
age: 576222
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R4tYRodkcTD6eL4SjhQfXBSUiey%2BcKFmn12js03BankEV%2Be9nHyqJjj1OB5kxRSUPbwQDAc04vq3BwfbCa7v04E5OKKPAfzAtb3xPNVCvDPGX0Q6JbiUmue4VPMYY7IMu8DJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88044848edb0b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i.extraimage.info/pix/2020/07/23/cropped-Film-icon-1-192x192bda09.png | 104.21.235.31 | 301 Moved Permanently | 167 B |
URL GET HTTP/3i.extraimage.info/pix/2020/07/23/cropped-Film-icon-1-192x192bda09.png IP104.21.235.31:443
CertificateIssuerGoogle Trust Services LLC Subjectextraimage.info Fingerprint85:89:CD:3F:64:6E:F5:26:76:3E:28:A1:58:E8:A3:52:3F:72:13:4B ValiditySat, 13 Apr 2024 21:02:17 GMT - Fri, 12 Jul 2024 21:02:16 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /pix/2020/07/23/cropped-Film-icon-1-192x192bda09.png HTTP/1.1
Host: i.extraimage.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Tue, 07 May 2024 21:25:23 GMT
content-type: text/html
content-length: 167
location: https://i.cloudimage.xyz/pix/2020/07/23/cropped-Film-icon-1-192x192bda09.png
cache-control: max-age=3600
expires: Tue, 07 May 2024 22:25:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQPvDuTLtbUiNBfXYwQkeIrbATpgthif0qC2mymxYEJ3KhPxauHmd0SFKfvs2rT12GYy5LqCynkJqRl0kiaGjifUpBTraViwkTThMJ%2FphvlDvbt6M0DCDt8Y9oy9cHCigbp%2FNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88044848ebac71da-LHR
alt-svc: h3=":443"; ma=86400
|
|
| i.cloudimage.xyz/pix/2020/07/23/cropped-Film-icon-1-192x192bda09.png | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3i.cloudimage.xyz/pix/2020/07/23/cropped-Film-icon-1-192x192bda09.png IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcloudimage.xyz Fingerprint8A:8C:9B:F1:7F:2C:A3:0D:E8:05:55:77:F6:C2:29:C2:DA:51:54:3A ValidityMon, 18 Mar 2024 08:34:57 GMT - Sun, 16 Jun 2024 08:34:56 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash122a431dd05b3c286c58f56b34c9a9a9 82aa056203bba07a7025104949bf24eb061ad3ba b048b8b16f615739bfdcbadde0c8d212ec92e286492f3e151d2db5ebb5aaec50
GET /pix/2020/07/23/cropped-Film-icon-1-192x192bda09.png HTTP/1.1
Host: i.cloudimage.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afilmyhub.mom/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:24 GMT
content-type: image/png
content-length: 14248
last-modified: Tue, 30 Mar 2021 03:40:58 GMT
etag: "60629dca-37a8"
expires: Fri, 07 Jun 2024 21:25:24 GMT
cache-control: public, max-age=2678400
cf-cache-status: HIT
age: 181039
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLlgZGREBwAIQLmNkwm5Ja%2FwF8O0AxriBpriydsKkyynV8OQOL3oAD%2BchHp%2BF5r6lQ7t2aQYzfAMWE1DW%2BUfrpKTzPvSKtKJS0b%2FoWY1UK6EUEprgKRIOdcwQD8XiWddwCMj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448493e06b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| afilmyhub-xyz.disqus.com/count.js | 199.232.192.134 | 200 OK | 871 B |
URL GET HTTP/1.1afilmyhub-xyz.disqus.com/count.js IP199.232.192.134:443
CertificateIssuerSectigo Limited Subject*.disqus.com FingerprintD5:19:5B:31:AD:E0:FA:FE:28:DF:43:18:5C:BB:1B:17:FC:38:F6:DC ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (528) Hash64932a1e2564351aa7642475acdf3fbf c3dd2b7d1d4604e3559c2732fd90d71059dd77d8 3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
GET /count.js HTTP/1.1
Host: afilmyhub-xyz.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 871
Content-Type: application/javascript; charset=utf-8
Server: nginx
Last-Modified: Mon, 06 May 2024 13:30:00 GMT
ETag: "6638db58-367"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: DFW56-P1
X-Amz-Cf-Id: cwcCz0RAwh28LRETt0_IqysxoL607UERPDSi_ebSm1iqgpsedbsacQ==
Cache-Control: public, max-age=300
Date: Tue, 07 May 2024 21:25:24 GMT
Age: 160
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
|
|
| greenfox.ink/d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cafilmyhub.online&loc=https%3A%2F%2Fafilmyhub.mom%2F | 5.45.74.150 | 200 OK | 1.2 kB |
URL GET HTTP/1.1greenfox.ink/d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cafilmyhub.online&loc=https%3A%2F%2Fafilmyhub.mom%2F IP5.45.74.150:443
CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
Hash246b90cdbc89aa46170ea4158b57bc77 6d7dd14fdac0f669c0d068e1915af024e037a7bb 05866328cece26542dbc0955cc7286f6cd25c50d181c62d40e1dd1e6a654e6ed
GET /d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cafilmyhub.online&loc=https%3A%2F%2Fafilmyhub.mom%2F HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afilmyhub.mom
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 21:25:24 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=93862e07ee27c23ca95bb64883cdf425; expires=Wed, 07-May-2025 21:25:24 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Access-Control-Allow-Origin: https://afilmyhub.mom
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| greenfox.ink/d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fafilmyhub.mom%2F&cb=c580b7ae8c | 5.45.74.150 | 200 OK | 43 B |
URL GET HTTP/1.1greenfox.ink/d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fafilmyhub.mom%2F&cb=c580b7ae8c IP5.45.74.150:443
CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fafilmyhub.mom%2F&cb=c580b7ae8c HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=93862e07ee27c23ca95bb64883cdf425
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 21:25:24 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=93862e07ee27c23ca95bb64883cdf425; expires=Wed, 07-May-2025 21:25:24 GMT; Max-Age=31536000; path=/; secure; SameSite=none
|
|
| greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fafilmyhub.mom%2F&cb=c48ca7ab4a | 5.45.74.150 | 200 OK | 43 B |
URL GET HTTP/1.1greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fafilmyhub.mom%2F&cb=c48ca7ab4a IP5.45.74.150:443
CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fafilmyhub.mom%2F&cb=c48ca7ab4a HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=93862e07ee27c23ca95bb64883cdf425
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 21:25:24 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=93862e07ee27c23ca95bb64883cdf425; expires=Wed, 07-May-2025 21:25:24 GMT; Max-Age=31536000; path=/; secure; SameSite=none
|
|
| counter.jdi5.com/fc.php?id=0d763b2dd75029a84fe84a1f6c957285&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref=&pn=https%3A%2F%2Fafilmyhub.mom%2F&wh=1280x1024&rand=92 | 104.21.11.61 | 200 OK | 114 B |
URL GET HTTP/3counter.jdi5.com/fc.php?id=0d763b2dd75029a84fe84a1f6c957285&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref=&pn=https%3A%2F%2Fafilmyhub.mom%2F&wh=1280x1024&rand=92 IP104.21.11.61:443
CertificateIssuerGoogle Trust Services LLC Subjectjdi5.com Fingerprint0A:37:16:13:78:6E:DA:39:59:5C:BF:40:B2:52:20:5D:E0:13:DB:60 ValidityWed, 13 Mar 2024 22:43:31 GMT - Tue, 11 Jun 2024 22:43:30 GMT
File typegzip compressed data, from Unix Hashba0cbcc14a39b68ca45a1d3cd3cfae29 4775bfaf40da32db939d3bb96cf975dbb2eacd6e 5dc3a1a8288b98e8d969c5ef376a7d23b37757a8ac079ec781c39fd8a99fcf9a
GET /fc.php?id=0d763b2dd75029a84fe84a1f6c957285&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref=&pn=https%3A%2F%2Fafilmyhub.mom%2F&wh=1280x1024&rand=92 HTTP/1.1
Host: counter.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: application/x-javascript
set-cookie: fcid1020570=1715117123; expires=Wed, 08-May-2024 21:25:23 GMT; Max-Age=86400; path=/
fcc1020570=1; expires=Wed, 08-May-2024 21:25:23 GMT; Max-Age=86400; path=/
cache-control: max-age=2592000
expires: Thu, 06 Jun 2024 21:25:23 GMT
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enVEZ6B4kBRTvkm8%2FZRiK%2B36Rmf8o8uF%2FJ8hcVTjzansBrjVOQh2kTQBXxMLWXpnFzYHtEfT1s3SuCLZiImN8LrLZaF6ym%2B0U1N8NgTVaSyx1AjmeNl5T9riobsnTt40NcbB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804484388ca569a-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
|
|
| greenfox.ink/d/asyncjs.php | 5.45.74.150 | 200 OK | 4.4 kB |
URL GET HTTP/1.1greenfox.ink/d/asyncjs.php IP5.45.74.150:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
File typeJavaScript source, ASCII text, with very long lines (4401), with no line terminators Hash7dd2e8fda9c2505366169943cbf2d2d2 3b64b2fc61220dfc88ed53644eb786e313183c61 aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89
GET /d/asyncjs.php HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=93862e07ee27c23ca95bb64883cdf425
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 21:25:24 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
ETag: 1d63e790351363d29b61f9cf59b98fad
Expire: Tue, 07 May 2024 22:25:24 GMT
Cache-Control: private, max-age=3600
P3P: CP="CUR ADM OUR NOR STA NID"
|
|
| www.googletagmanager.com/gtag/js?id=UA-46789381-59 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-46789381-59 IP142.250.74.168:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashb8e2521cd8c2d413cf71b0eaca4c30e3 89b21209e0d7990d6c6cb0d70e7dec3c6504bebf 4526006b6eac07dbc7216904a2f312240511717dfb4e1667b06b0f63d9119962
GET /gtag/js?id=UA-46789381-59 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:25:24 GMT
expires: Tue, 07 May 2024 21:25:24 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74675
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg | 50.7.24.35 | 200 OK | 47 kB |
URL GET HTTP/2amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg IP50.7.24.35:443
CertificateIssuerLet's Encrypt Subject*.custacin-crowlexing-i-283.site Fingerprint15:5C:FC:4D:37:46:2F:F0:59:3C:41:3A:E8:5D:BD:7E:EE:75:81:01 ValidityTue, 20 Feb 2024 08:44:50 GMT - Mon, 20 May 2024 08:44:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2024:03:21 01:33:00], baseline, precision 8, 500x200, components 3 Hash312149af823f3abf1ad97f0f62772348 0a972ac818b8bb014ccd6586955496edf367424e 49223161e0b9a2832de2e5841ff7219ecbd3f1947c2da8f3377967e880c01b08
GET /content/stream/Batery/500x200_ipl_2024_22_march.jpg HTTP/1.1
Host: amd-cdn-1.custacin-crowlexing-i-283.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afilmyhub.mom/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:25:24 GMT
content-type: image/jpeg
content-length: 47139
last-modified: Sun, 24 Mar 2024 14:06:40 GMT
etag: "66003370-b823"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-4SD8J57M3L&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-4SD8J57M3L&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash042acc59cf764e72c343a8473c2c0efc c3186547f7843f2665b258efe1e1fab4e9b138ec 93fd4c84aca3be0126d580715b8c3114825b8870772d8e8ab0fa8676eb680ea7
GET /gtag/js?id=G-4SD8J57M3L&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:25:24 GMT
expires: Tue, 07 May 2024 21:25:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUGcOj3f6be2Mx3LxW6tKvBzLqU8dwPjNm97DjXWFnYLh3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqN1EjvIiIwGWIoYBIfoSjJ0Q4JKYCM4IFAWtph4Fllcxh_p_G7sIIS8L_s_2_s_ESVb5BdwYEn_s_nBIMTZvQUwPhXHYJnGCrwESeRx5RZywFuWeFE56AlCcTrsayV35RA01hJJZn7zTa7Xw1ydjI.webp | 104.21.68.249 | 200 OK | 13 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUGcOj3f6be2Mx3LxW6tKvBzLqU8dwPjNm97DjXWFnYLh3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqN1EjvIiIwGWIoYBIfoSjJ0Q4JKYCM4IFAWtph4Fllcxh_p_G7sIIS8L_s_2_s_ESVb5BdwYEn_s_nBIMTZvQUwPhXHYJnGCrwESeRx5RZywFuWeFE56AlCcTrsayV35RA01hJJZn7zTa7Xw1ydjI.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hash3c63ff2f922193c0b60c5164d6539414 f22d79cd8d31aa1eb09fb9661dea3336f1c5ff20 f7570f43e5f52a9a306b73ace0f343707331a4b3d395b66a1f58db1f4bf0c0e4
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUGcOj3f6be2Mx3LxW6tKvBzLqU8dwPjNm97DjXWFnYLh3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqN1EjvIiIwGWIoYBIfoSjJ0Q4JKYCM4IFAWtph4Fllcxh_p_G7sIIS8L_s_2_s_ESVb5BdwYEn_s_nBIMTZvQUwPhXHYJnGCrwESeRx5RZywFuWeFE56AlCcTrsayV35RA01hJJZn7zTa7Xw1ydjI.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 13:31:36 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 13:31:36 GMT
cf-cache-status: HIT
age: 181051
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJ1O93RqjvpWgCGC%2B%2FLpX5GCsO8Xc6y%2FgGZrUqZbjCV4pFMRLjEnxLmyCv6Z7iMGwaq2O5qsJMQQhyvqS3aIDFLqrHiLj9bQZuzH8%2BsaAtLEOCcraETupiuZte98dF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448444a6756ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| greenfox.ink/d/asyncspc.php?zones=6%7C7%7C10&prefix=revive-0-&cphost=43519b58b68d940f8734726dfed6c5c9%7C1%7Caino.sbs&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F | 5.45.74.150 | 200 OK | 1.3 kB |
URL GET HTTP/1.1greenfox.ink/d/asyncspc.php?zones=6%7C7%7C10&prefix=revive-0-&cphost=43519b58b68d940f8734726dfed6c5c9%7C1%7Caino.sbs&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F IP5.45.74.150:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
Hash3cda0065abda75967f91920f0f9e15df b56d3d466fbd2eac0d1b15a96816f60e23c3671c 1042aef52f34e0d46149d88f0039822a7c8d78a575ead96d828197b98c448967
GET /d/asyncspc.php?zones=6%7C7%7C10&prefix=revive-0-&cphost=43519b58b68d940f8734726dfed6c5c9%7C1%7Caino.sbs&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.btc747.xyz
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=93862e07ee27c23ca95bb64883cdf425
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 21:25:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=93862e07ee27c23ca95bb64883cdf425; expires=Wed, 07-May-2025 21:25:25 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Access-Control-Allow-Origin: https://www1.btc747.xyz
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| tdmrfw.com/wnrw?aid=15889785148768601265&a=1 | 185.162.85.19 | 200 OK | 0 B |
URL GET HTTP/2tdmrfw.com/wnrw?aid=15889785148768601265&a=1 IP185.162.85.19:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjecttdmrfw.com Fingerprint47:11:59:74:0A:C9:88:1D:B0:E6:50:77:B3:70:F8:AC:DD:70:24:A4 ValiditySat, 16 Mar 2024 19:21:21 GMT - Fri, 14 Jun 2024 19:21:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /wnrw?aid=15889785148768601265&a=1 HTTP/1.1
Host: tdmrfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.btc747.xyz/
Origin: https://www1.btc747.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 07 May 2024 21:25:25 GMT
content-length: 0
access-control-allow-origin: https://www1.btc747.xyz
X-Firefox-Spdy: h2
|
|
| greenfox.ink/d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=c034a3f019 | 5.45.74.150 | 200 OK | 43 B |
URL GET HTTP/1.1greenfox.ink/d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=c034a3f019 IP5.45.74.150:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=c034a3f019 HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=93862e07ee27c23ca95bb64883cdf425
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 21:25:25 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=93862e07ee27c23ca95bb64883cdf425; expires=Wed, 07-May-2025 21:25:25 GMT; Max-Age=31536000; path=/; secure; SameSite=none
|
|
| greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=dc826e96d3 | 5.45.74.150 | 200 OK | 43 B |
URL GET HTTP/1.1greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=dc826e96d3 IP5.45.74.150:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=dc826e96d3 HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=93862e07ee27c23ca95bb64883cdf425
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 21:25:25 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=93862e07ee27c23ca95bb64883cdf425; expires=Wed, 07-May-2025 21:25:25 GMT; Max-Age=31536000; path=/; secure; SameSite=none
|
|
| px.greenfox.ink/pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&event_type=1&rand=c034a3f019 | 172.67.190.65 | 200 OK | 42 B |
URL GET HTTP/3px.greenfox.ink/pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&event_type=1&rand=c034a3f019 IP172.67.190.65:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint1D:F2:D9:89:40:57:47:72:7F:1E:43:37:04:C4:B0:47:A8:C7:BF:34 ValiditySun, 21 Apr 2024 15:02:16 GMT - Sat, 20 Jul 2024 15:02:15 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&event_type=1&rand=c034a3f019 HTTP/1.1
Host: px.greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Cookie: unq-user-id=aaaaaaaaaa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:25 GMT
content-type: image/gif
content-length: 42
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfBHclUoZQk126NXmdVI81JjXvjvKGPhFaunNPrKxcGLftuAz4AzQV3nMO%2BUqVJo5%2B5DLJKFo%2ByNwHZVGdz2%2F%2FRLaCzsk6onRLE%2FwzzhwlsQ02Uy8XEaNCl6Ffgibea7pY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88044850bb44b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=10&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=c3dc00cf8a | 5.45.74.150 | 200 OK | 43 B |
URL GET HTTP/1.1greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=10&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=c3dc00cf8a IP5.45.74.150:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /d/lg.php?bannerid=0&campaignid=0&zoneid=10&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F04%2Fancelotti-lauds-real-madrid-goalscorer.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=c3dc00cf8a HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=93862e07ee27c23ca95bb64883cdf425
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 21:25:25 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=93862e07ee27c23ca95bb64883cdf425; expires=Wed, 07-May-2025 21:25:25 GMT; Max-Age=31536000; path=/; secure; SameSite=none
|
|
| www.googletagmanager.com/gtag/js?id=UA-46789381-49 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-46789381-49 IP142.250.74.168:443
Requested byhttps://1337x1.wb4.xyz/2019/04/chicken-makhni-karahi.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash1c7f280f5fa7051f294179883ec7a0e2 601730d6ed9f4a63ed69cee12c10031bfbb08946 d8f6b3a09da68ee0d1b5a2c016210f317e3502be69fd34c426fcc8b6e7459458
GET /gtag/js?id=UA-46789381-49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:25:25 GMT
expires: Tue, 07 May 2024 21:25:25 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 1337x1.wb4.xyz/submit.php | 104.21.26.18 | 200 OK | 48 kB |
URL GET HTTP/21337x1.wb4.xyz/submit.php IP104.21.26.18:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
File typeHTML document, ASCII text Hash7def7808ecb19dfe4a69747f7efd4d83 7157a9989515621d241ad3b194f8d5c8cc0fd7e0 99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56
GET /submit.php HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6tLiOUAbrF5bfDE1RtwVs2pF3dUQLEGDs1A9tGgbMKxj9MCYH5E9grQ0FlvF%2FqkN1s2N%2BPpBcYC5fHk2f%2FJ2462lukk7ysmWk4G3ewV32vbYOMBctBNk0VmSokdRe8e5hA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804484d7def56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsImQiOiJ3d3cxLmJ0Yzc0Ny54eXoiLCJsaSI6Mn0=&tz=0&if=1&u=aHR0cHM6Ly93d3cxLmJ0Yzc0Ny54eXovMjAyNC8wNC9hbmNlbG90dGktbGF1ZHMtcmVhbC1tYWRyaWQtZ29hbHNjb3Jlci5odG1s&inc=1 | 185.162.85.19 | 200 OK | 105 kB |
URL GET HTTP/2tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsImQiOiJ3d3cxLmJ0Yzc0Ny54eXoiLCJsaSI6Mn0=&tz=0&if=1&u=aHR0cHM6Ly93d3cxLmJ0Yzc0Ny54eXovMjAyNC8wNC9hbmNlbG90dGktbGF1ZHMtcmVhbC1tYWRyaWQtZ29hbHNjb3Jlci5odG1s&inc=1 IP185.162.85.19:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjecttdmrfw.com Fingerprint47:11:59:74:0A:C9:88:1D:B0:E6:50:77:B3:70:F8:AC:DD:70:24:A4 ValiditySat, 16 Mar 2024 19:21:21 GMT - Fri, 14 Jun 2024 19:21:20 GMT
File typegzip compressed data, from Unix Size105 kB (105156 bytes) Hashcb3b01e025c3cabf74e2a1bbfaa45073 082f4237fe664b9d5b6002b1dfa2412e3001bd8f c37f7152ceb7101bab94b98706f284fced5ef2c914641e39edd7c59e5f4df234
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsImQiOiJ3d3cxLmJ0Yzc0Ny54eXoiLCJsaSI6Mn0=&tz=0&if=1&u=aHR0cHM6Ly93d3cxLmJ0Yzc0Ny54eXovMjAyNC8wNC9hbmNlbG90dGktbGF1ZHMtcmVhbC1tYWRyaWQtZ29hbHNjb3Jlci5odG1s&inc=1 HTTP/1.1
Host: tdmrfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.btc747.xyz/
Origin: https://www1.btc747.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 07 May 2024 21:25:24 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=680873&t=2056&sid=1337x1.wb4.xyz&r=0.4521665286934414 | 109.206.168.17 | 200 OK | 606 B |
URL GET HTTP/1.1jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=680873&t=2056&sid=1337x1.wb4.xyz&r=0.4521665286934414 IP109.206.168.17:443
Requested byhttps://1337x1.wb4.xyz/2019/04/chicken-makhni-karahi.html CertificateIssuerLet's Encrypt Subjectjswww.net Fingerprint42:54:41:F6:2F:23:F0:E2:D5:43:1D:8F:24:61:C0:F7:46:C9:40:00 ValiditySat, 06 Apr 2024 21:36:13 GMT - Fri, 05 Jul 2024 21:36:12 GMT
File typeASCII text, with very long lines (606), with no line terminators Hash9774712576c2414ce700f53bcd903dc3 ed76a110fe627eac8fec5f76f7dac690bad4a33d cef9ab3b9fda4574df3dd35dfff78866cffff1ad9dfa798990eeb1723e02a0fa
GET /w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=680873&t=2056&sid=1337x1.wb4.xyz&r=0.4521665286934414 HTTP/1.1
Host: jswww.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: binder-v5.11.8.1
date: Tue, 07 May 2024 21:25:25 GMT
content-type: text/javascript
content-length: 606
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: *
access-control-expose-headers: *
x-response-code: 20204
|
|
| www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 254 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1337x1.wb4.xyz/2019/04/chicken-makhni-karahi.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size254 kB (254191 bytes) Hash4e8707662519e585b5a64841874a91a6 2f075b1e89111598eadad86ba45a87730931cfe2 ee09bc79e23f7e23d46ff365297278b0be8bfcd70bd868064ec8629a950d25e8
GET /gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:25:25 GMT
expires: Tue, 07 May 2024 21:25:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| imgcdn1.jdi5.com/img/EF0808.png | 104.21.11.61 | 200 OK | 133 B |
URL GET HTTP/3imgcdn1.jdi5.com/img/EF0808.png IP104.21.11.61:443
CertificateIssuerGoogle Trust Services LLC Subjectjdi5.com Fingerprint0A:37:16:13:78:6E:DA:39:59:5C:BF:40:B2:52:20:5D:E0:13:DB:60 ValidityWed, 13 Mar 2024 22:43:31 GMT - Tue, 11 Jun 2024 22:43:30 GMT
File typePNG image data, 82 x 25, 8-bit/color RGB, non-interlaced Hash82f8570390291b9ec337d00a4a0ed711 2b26d35f57fcaa1bd95755179a7d1c40acbce903 94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1
GET /img/EF0808.png HTTP/1.1
Host: imgcdn1.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/png
content-length: 133
x-powered-by: PHP/5.6.40
cache-control: max-age=31536000
expires: Wed, 30 Apr 2025 20:12:38 GMT
cf-cache-status: HIT
age: 609165
last-modified: Tue, 30 Apr 2024 20:12:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZC0P%2BiLsKr7PzFe810mWNxeaLl%2F6c4j8tO8TTzVpDb4lvZd9oEYSNdqMQmXNf7j2O%2Bu548q0jKnHVy31XWhaOl5ctwBJnH27FrBQRnu9PF0eJG3YueVEsiXOlihk5DrR2wQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448467c1d569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUAcb3_s_cPPb2MhzJEO_p_4ajBmr_p_S_p_tVa2dq67zjeCwzRfB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqGz13pKGFxBAd1KzUD4AbfwhgBOMy27cIWA8UWuHF8Pzk8LKcJZQhimkP5WF35aNMZF3r5FcYgcbYVgtgRRYFyUg.webp | 104.21.68.249 | 200 OK | 12 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUAcb3_s_cPPb2MhzJEO_p_4ajBmr_p_S_p_tVa2dq67zjeCwzRfB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqGz13pKGFxBAd1KzUD4AbfwhgBOMy27cIWA8UWuHF8Pzk8LKcJZQhimkP5WF35aNMZF3r5FcYgcbYVgtgRRYFyUg.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hash608fa5b8025e70dafe4909c20cf14870 1d404586e217c7b5182ae4c816a439fa718b8e1d aa6c16ffe3b53e5a0345697d79cb1a28cdab885da2909928b6ac72f355d48655
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUAcb3_s_cPPb2MhzJEO_p_4ajBmr_p_S_p_tVa2dq67zjeCwzRfB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqGz13pKGFxBAd1KzUD4AbfwhgBOMy27cIWA8UWuHF8Pzk8LKcJZQhimkP5WF35aNMZF3r5FcYgcbYVgtgRRYFyUg.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 13:28:57 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 13:28:58 GMT
cf-cache-status: HIT
age: 181056
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlOYjkHV4Ych7yr9a3U7AXPfkwEnU91%2BbPH%2F9XRW%2ByszsfEBQRPbSmIM0rMAf1eZyO7D9Gt5yMLAI3sNwirh8%2FIfHJoPcoWhuM0PJWuXrYeb1cJT7XlBP%2FYfhACJgfk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448448afd56ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html | 188.114.97.1 | 200 OK | 4.3 kB |
URL POST HTTP/3www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectbtc747.xyz FingerprintFD:B3:38:1F:1C:E9:EB:8E:2D:97:07:0F:E0:C8:59:E1:D4:BE:85:D6 ValidityTue, 26 Mar 2024 01:58:23 GMT - Mon, 24 Jun 2024 01:58:22 GMT
File typeHTML document, ASCII text, with very long lines (4569), with no line terminators Hashad8c8f77368b286e6c88816ae0f81d6b 24db15c4d31e7d3d21ac2b538ace839123afa0a2 9ec36584c277b463ec8bd032857f908f9e0a15440d0a0a9e1f0fe18004fe3db9
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Anti-debugging code |
POST /2024/04/ancelotti-lauds-real-madrid-goalscorer.html HTTP/1.1
Host: www1.btc747.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 30
Origin: https://www1.btc747.xyz
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VC3mM54XOGYBzyJd8CL1RJ4J1SKSfQBvDgA%2FgDIFKYOdaKqhHORN2dYaMZE%2BH%2FQrI2VBzo8Io%2Btz%2B7enPK14oYXzKQhC1lF8JcOosLLVYAWbR6%2BtHd%2Fnzk99NYrHguIrbQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804484c5c5856c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 28 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css IP104.18.10.207:443
CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (27303) Hash4fbd15cb6047af93373f4f895639c8bf 12d6861075de8e293265ff6ff03b1f3adcb44c76 ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:22 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:58:32
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9bd489b3b47817325036093612d128df
cdn-cache: HIT
cf-cache-status: HIT
age: 609212
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8804484098f95690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js | 172.67.194.212 | 200 OK | 68 kB |
URL GET HTTP/2nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js IP172.67.194.212:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerGoogle Trust Services LLC Subjectnwwais.com FingerprintA4:2B:4E:37:B5:82:ED:92:74:C3:53:4E:4B:D5:2A:6F:73:6E:D8:B8 ValidityWed, 20 Mar 2024 11:40:35 GMT - Tue, 18 Jun 2024 11:40:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js HTTP/1.1
Host: nwwais.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www1.btc747.xyz
e-tag: d52f59a7db87abd19a873a74591150b6
cache-control: max-age=14400
cf-cache-status: HIT
age: 3738
last-modified: Tue, 07 May 2024 20:23:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNUbQ6aDsOZCRdp%2F0WpMiQLBUFV4uPqPXFtkuBQeI%2FnfUHDhPxfXm9cnivAI7cmBYZwY6QogW80hip3pVdLkh4IVAUQx6%2B6BRi%2F49yK0sUaodyEmW8DDtBPXETdy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804484d2cb80b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| udzpel.com/template/livechat1.html | 104.21.43.91 | 200 OK | 6.0 kB |
URL GET HTTP/2udzpel.com/template/livechat1.html IP104.21.43.91:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerGoogle Trust Services LLC Subjectudzpel.com Fingerprint69:01:92:02:08:1A:70:E2:88:A5:EA:85:BD:FA:BA:A6:FB:3B:02:40 ValidityTue, 23 Apr 2024 12:02:06 GMT - Mon, 22 Jul 2024 12:02:05 GMT
File typeHTML document, ASCII text, with very long lines (6115), with no line terminators Hash5aa6524904359ebe9bcea3b4053a8f54 1b95a0a1dfd0d8bce945ad2a88da4f5d8e5d0c68 b792e7b6c4b4438c9c9b2f9dfad293dde528da2fc617e3bd527221c74a8596b2
GET /template/livechat1.html HTTP/1.1
Host: udzpel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.btc747.xyz/
Origin: https://www1.btc747.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www1.btc747.xyz
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 07 May 2024 18:50:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPIEsa5HXJHtM%2BmANk1l8xLeNHVwxj%2FMXM3WFXxGFvplVe64RzNLcail8RSKiRpn2S%2BENBi4EAo4bByuQCtimqd2OM8FMlFJ%2BBuJ6Z5bixgKNiAXBzo6kyplbS7i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804484f68c3b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUJJ7mlcfaJgMUjKBTot_s_uTmOnF_p_N9VioC86GzSC1_s_ceB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqc0ljqImFxBAd1KzUD4AbfwhgBOMy27cIWA8UWuHF8Pzk8LKcJZQhimkP5WF35aNMZF3r5FcYgcbYVgtgRRYFyUg.webp | 104.21.68.249 | 200 OK | 8.8 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUJJ7mlcfaJgMUjKBTot_s_uTmOnF_p_N9VioC86GzSC1_s_ceB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqc0ljqImFxBAd1KzUD4AbfwhgBOMy27cIWA8UWuHF8Pzk8LKcJZQhimkP5WF35aNMZF3r5FcYgcbYVgtgRRYFyUg.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hashaf282982f998bdd733ae428ffc66bff4 80e9de1d0f3ad87bda333f94dba499fd220ece98 1f57d527ec0a40329df41fed8166038b2d129a6d95f21241dad5d1da988837e3
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUJJ7mlcfaJgMUjKBTot_s_uTmOnF_p_N9VioC86GzSC1_s_ceB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqc0ljqImFxBAd1KzUD4AbfwhgBOMy27cIWA8UWuHF8Pzk8LKcJZQhimkP5WF35aNMZF3r5FcYgcbYVgtgRRYFyUg.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 13:28:57 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 13:28:58 GMT
cf-cache-status: HIT
age: 181056
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03lQEWcerB9%2BUqZqFP6VEIh3nVSUYrfxDlnoaxUyz9hBkxHATzgyju72VRyQx3ZLGxhBgrVeQM1paZdGRpQAwiwnGJcrv8kXj27HHzJAgEh2QSXD7oQPV8RUHO3LUXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448447ad956ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUAfbP2dvKLj590L0O4s_s_mQyOyT8d0Ojo_p_7u23QAgqPIh3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqC1VPxNy42R0EkdARByhjJzxIAcaST9MUAD8Vi_s_S8kPzAmO6JBCTVC3mmHZVa6JNtSO3jzAMcme7U_p_mNlURqZtQwbtSAq7jrRukyEvBNJD9_p_ENI9n8_s_qqZ1pAFkEZINg.webp | 104.21.68.249 | 200 OK | 17 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUAfbP2dvKLj590L0O4s_s_mQyOyT8d0Ojo_p_7u23QAgqPIh3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqC1VPxNy42R0EkdARByhjJzxIAcaST9MUAD8Vi_s_S8kPzAmO6JBCTVC3mmHZVa6JNtSO3jzAMcme7U_p_mNlURqZtQwbtSAq7jrRukyEvBNJD9_p_ENI9n8_s_qqZ1pAFkEZINg.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hashf74a3d394b2e7843f78852d09483faa4 a6218b4e5ce4a8459caad679e2d5c2bd4b483d65 8f03609022815d93ed2dd51559b0ce6850085d0d496c6220996096626a4473ac
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUAfbP2dvKLj590L0O4s_s_mQyOyT8d0Ojo_p_7u23QAgqPIh3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqC1VPxNy42R0EkdARByhjJzxIAcaST9MUAD8Vi_s_S8kPzAmO6JBCTVC3mmHZVa6JNtSO3jzAMcme7U_p_mNlURqZtQwbtSAq7jrRukyEvBNJD9_p_ENI9n8_s_qqZ1pAFkEZINg.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
cache-control: max-age=31536000
expires: Sat, 06 Jul 2024 06:35:59 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Tue, 07 May 2024 06:36:00 GMT
cf-cache-status: HIT
age: 43579
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BP2fxzW%2FG3MPus6XsRAIk4TMJD6FYifFfyi6ybf8ymOUq7ojQGbMHrC4sVOLCiwNm%2Fdy6mCI6DeE%2Byrmy6UFXO4lBUJTJrJ%2B3XfSZiTy22GS6GXPyxIHi6gq2abWJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448446ab956ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-46789381-60&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 195 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-46789381-60&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Size195 kB (194818 bytes) Hash8d2c2483344135fa3c05feb954a71ed7 7f953bfaf74cc417e2eac26b75be72ab3d59be40 af2e05cab5200a87b440b81e0f7939b87b20f51fba123f98fdaf4af07cbb0235
GET /gtag/js?id=UA-46789381-60&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:25:23 GMT
expires: Tue, 07 May 2024 21:25:23 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70771
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www1.btc747.xyz/submit.php | 188.114.97.1 | 200 OK | 350 B |
URL GET HTTP/2www1.btc747.xyz/submit.php IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectbtc747.xyz FingerprintFD:B3:38:1F:1C:E9:EB:8E:2D:97:07:0F:E0:C8:59:E1:D4:BE:85:D6 ValidityTue, 26 Mar 2024 01:58:23 GMT - Mon, 24 Jun 2024 01:58:22 GMT
File typeHTML document, ASCII text, with very long lines (391), with no line terminators Hash2afd75a737fda8190e6f9d577408a460 9d554791c200036dfa20b8409931573a28e121f3 b27bb831bca6cee9bf49ce66369c867b58f22c9c36b12f58752a397d48da2709
GET /submit.php HTTP/1.1
Host: www1.btc747.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afilmyhub.mom/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:24 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rrkavirvq%2BR1%2F01M5HowGXxl1Bf6q7sGcjjQZYfleNg%2B0eZqqBD9L%2BeJN1DBZhzY2LUWcg58Q7CnYeIvWGbLZ30w30DgOxbQdahDGvKc26RK5Xn5XKw%2BhLEGGzBnibDqTgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880448473d5e0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/ | 104.21.26.18 | 200 OK | 1.4 kB |
IP104.21.26.18:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
File typeHTML document, ASCII text, with very long lines (1491), with no line terminators Hash5b390feecf66c5143ca01378c685f441 4e161fc5457faabf9c053f2a63f675d4ed321820 e72332ba569861ddf6fd0a399d5279ce0b0c88a827fe338d3606e4c1e43f9205
POST / HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 24
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=sam; expires=Thu, 06-Jun-2024 21:25:25 GMT; Max-Age=2592000; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IylpT0oW%2FGtKCd%2FzsKwCJPmuWtGwALMdQO7XCjuSQuFlvFKeoBfw9JLBPVoH2OLOzOeQiK%2F00LfTxHSm2IJSv3bGVov9tocXhj0C5K2maZfz2em3P9ZLV9HjlO%2B9eQ%2FYbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804484f4bf056aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.96.1 | 301 Moved Permanently | 80 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectafilmyhub.online FingerprintC0:0E:6E:9F:10:06:E2:A7:35:C8:B9:CA:E1:38:54:57:9D:AE:6C:6E ValiditySat, 16 Mar 2024 04:10:44 GMT - Fri, 14 Jun 2024 04:10:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: afilmyhub.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 07 May 2024 21:25:22 GMT
content-type: text/html; charset=UTF-8
location: https://afilmyhub.mom/
set-cookie: afilmyhub_online=oaruv3f90rqg7dgdpttua5bq88; path=/; domain=afilmyhub.online
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KkQXXtdTPEIjZpjt0mIB45GnYTbEbcrPn1FPdJ64DknNlEyMb1qL%2By64XIHXpWiKheRdLAgWUkehNUNiYB4YzMNIG2aFvEWsuweqxFMGu2trZXWDNVySJ7sMshOxcXuzo1XE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804483cd82c569a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUFJr_s_0dvDai8VwKUfot_s_ybm7_s_Fqt5U2I_s_p6j2FCw_s_deR3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqR1VmvEC8rW1otKxED_s_kfh2hgKcYCQ4IE3HIE84C8gIEZ_p_HrsNJG1nwmLDQhKcKdwbFzvRAsk5eusQwPNNB4cveAD_p_DCfS67UQoxB3Tp4N_s__p_sJNtzw9PGWl5BD0wgPOouy.webp | 104.21.68.249 | 200 OK | 15 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUFJr_s_0dvDai8VwKUfot_s_ybm7_s_Fqt5U2I_s_p6j2FCw_s_deR3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqR1VmvEC8rW1otKxED_s_kfh2hgKcYCQ4IE3HIE84C8gIEZ_p_HrsNJG1nwmLDQhKcKdwbFzvRAsk5eusQwPNNB4cveAD_p_DCfS67UQoxB3Tp4N_s__p_sJNtzw9PGWl5BD0wgPOouy.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hash8a07df1baaca0a89840d390dc91fe559 cdacfc7cb6417aeb6b0fd8844c6c0f6335fa6d7a 9d4dae8b26e4103e68e8cd775f1f9b8aaeed34b13c58171325b58b6c32efd342
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUFJr_s_0dvDai8VwKUfot_s_ybm7_s_Fqt5U2I_s_p6j2FCw_s_deR3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqR1VmvEC8rW1otKxED_s_kfh2hgKcYCQ4IE3HIE84C8gIEZ_p_HrsNJG1nwmLDQhKcKdwbFzvRAsk5eusQwPNNB4cveAD_p_DCfS67UQoxB3Tp4N_s__p_sJNtzw9PGWl5BD0wgPOouy.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 13:31:31 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 13:31:32 GMT
cf-cache-status: HIT
age: 181051
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5RE07dUSNWxC%2FlWG52iLAxzNTZh63lIlvPq2euqWast562UErLADfNHpk%2BXlEtTuWnq5ROa3tOvFpM20mgz1EXc7hjRG7po97wYFVXR27hWjwfuQTGrmEkoeYCQr%2BWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448444a6556ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUIJuvxdPXa35h2JUa_p_tKzGn_p_rD_p_d4Pi4q96DzRCFrfKB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHr0hRHKKisrGWEkdQNBywPU2VpcbNPKqfk8OKkEiFk9Wh09PqdBGyhJwE7DWRKbMtsYF3j1AN14QPAXn8EVLYJuWEK_s_V3KPjsAN3nNyAeRg3KAkFpyh_s_eKd1ZBV1lRDfpa6zXD4HFN_s_.webp | 104.21.68.249 | 200 OK | 35 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUIJuvxdPXa35h2JUa_p_tKzGn_p_rD_p_d4Pi4q96DzRCFrfKB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHr0hRHKKisrGWEkdQNBywPU2VpcbNPKqfk8OKkEiFk9Wh09PqdBGyhJwE7DWRKbMtsYF3j1AN14QPAXn8EVLYJuWEK_s_V3KPjsAN3nNyAeRg3KAkFpyh_s_eKd1ZBV1lRDfpa6zXD4HFN_s_.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image Hash9b04161cd0ca35a68be2d15c27e673b4 ecf978aea44662a82eb2e9313ca5ebfcf098bfb0 cb3d52500f4d58713a14f8fcdb299d3491432a82664e933954527d0f1c01d28c
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUIJuvxdPXa35h2JUa_p_tKzGn_p_rD_p_d4Pi4q96DzRCFrfKB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHr0hRHKKisrGWEkdQNBywPU2VpcbNPKqfk8OKkEiFk9Wh09PqdBGyhJwE7DWRKbMtsYF3j1AN14QPAXn8EVLYJuWEK_s_V3KPjsAN3nNyAeRg3KAkFpyh_s_eKd1ZBV1lRDfpa6zXD4HFN_s_.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 13:35:24 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 13:35:24 GMT
cf-cache-status: HIT
age: 181050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkReKU5UlGM61HBmE4PPFAY01JvRh8gyc4rAtJ0dAe8VZ8KXihK8Dfn8AixmR%2F14ipzO7pHu6zXN1gQc6frCwQpsCwxidCZkMmx3z4mWqQxVWKG5J2%2FVUNgWWOqjGrg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448444a7156ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/script.js?t=20244721 | 104.21.26.18 | 200 OK | 92 kB |
URL GET HTTP/31337x1.wb4.xyz/script.js?t=20244721 IP104.21.26.18:443
Requested byhttps://1337x1.wb4.xyz/2019/04/chicken-makhni-karahi.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script.js?t=20244721 HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/2019/04/chicken-makhni-karahi.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:25 GMT
content-type: application/javascript
cf-bgj: minify
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cache-control: max-age=14400
cf-cache-status: HIT
age: 684
last-modified: Tue, 07 May 2024 21:14:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m8T%2BH1lcU6aE0elvA9LB9P41c7RiZyL6MayoSNHivlm85IthVPyLglLiptOVGBtEMXIuBRDlnupJs2WEgP4cwCX9%2Bufkcu1beljKoAa6tZrXaEgzq2gzuRTHIGgNXHXYVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880448518e6e56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tinyfast.xyz/red2.php?rand=bW945d71f0495bde376a7801b0fbd38ab3&id=27 | 172.67.203.105 | 302 Found | 350 B |
URL GET HTTP/2tinyfast.xyz/red2.php?rand=bW945d71f0495bde376a7801b0fbd38ab3&id=27 IP172.67.203.105:443
CertificateIssuerLet's Encrypt Subjecttinyfast.xyz Fingerprint37:56:44:A9:31:BA:4A:7D:0A:CF:C4:1F:EB:63:7E:C9:3C:03:4D:17 ValidityTue, 07 May 2024 13:16:19 GMT - Mon, 05 Aug 2024 13:16:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /red2.php?rand=bW945d71f0495bde376a7801b0fbd38ab3&id=27 HTTP/1.1
Host: tinyfast.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 07 May 2024 21:25:23 GMT
content-type: text/html; charset=UTF-8
location: https://www1.btc747.xyz/submit.php
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2s7eZLhp1ahhVd8JbNo4QU%2FNYCfaQwhe0JD4veTqW2SdIuXKyr01OkqbckUjTrBrPy1IePp1dmkO8XFIBZGEIQvPbxvm8wghAH0uVT6%2BdLOHJv3FZaFKFFjPW%2FhiIt4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88044843fea55695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zokaukree.net/5/7435774/?oo=1&js_build=iclick-v1.788.9-auto | 139.45.197.245 | 200 OK | 2.9 kB |
URL GET HTTP/2zokaukree.net/5/7435774/?oo=1&js_build=iclick-v1.788.9-auto IP139.45.197.245:443
CertificateIssuerLet's Encrypt Subjectzokaukree.net FingerprintC0:B6:2C:1B:C6:37:68:38:7C:A4:E0:F4:BF:B4:8E:D4:CA:7E:2A:F1 ValiditySun, 05 May 2024 11:48:42 GMT - Sat, 03 Aug 2024 11:48:41 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3098), with no line terminators Hash2d71aae1f6c5a9da63921232fe9b45e1 080d86397e4d6c8f674f4b1e35dbf1e7c3ce8e92 cc89c1c2f23160400fb41832dcb48d5114b38b66fffdb45b4c195edffc8758e4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /5/7435774/?oo=1&js_build=iclick-v1.788.9-auto HTTP/1.1
Host: zokaukree.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afilmyhub.mom
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:25:23 GMT
content-type: application/json
x-trace-id: 6779b6432646b1ea1403b4a232e28922
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://afilmyhub.mom
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080555756f94478f3be5a4b414bab47; expires=Wed, 07 May 2025 21:25:23 GMT; path=/; secure; SameSite=None
oaidts=1715117123; expires=Wed, 07 May 2025 21:25:23 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| i.wmgtr.com/cic/uwe0gwF2RXoswvsh6KyW-iimZos3_6ts.png | 45.133.44.32 | 200 OK | 13 kB |
URL GET HTTP/2i.wmgtr.com/cic/uwe0gwF2RXoswvsh6KyW-iimZos3_6ts.png IP45.133.44.32:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjecti.wmgtr.com FingerprintC3:69:C8:AD:52:95:77:79:3A:41:14:93:DE:ED:EA:B0:DA:18:DE:0E ValiditySat, 20 Apr 2024 03:01:12 GMT - Fri, 19 Jul 2024 03:01:11 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2022:08:30 20:15:26], baseline, precision 8, 192x192, components 3 Hash47a01952086fc563140600937f1cfe58 6ce721ef10c9299d95613a32b1d1f201e20d6b3c 4db017b689878a5b038bf012414b30d924ed1c78475ade9f44d9737195df62ba
GET /cic/uwe0gwF2RXoswvsh6KyW-iimZos3_6ts.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:25 GMT
content-type: image/jpeg
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
cache-control: max-age=82800
expires: Wed, 08 May 2024 20:25:25 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap | 142.250.74.170 | 200 OK | 4.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap IP142.250.74.170:443
Requested byhttps://ad.a-ads.com/2322036?size=320x100 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (4954), with no line terminators Hashe2b76956a2f401d42266e922a300fae3 5cb0f3ee8ad65388ed9575419d24c08e9a890b15 1081acb8e37966be8d88856aac1ec4aa5051600dfa001e82765114a15b397f6e
GET /css2?family=Inter:wght@400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:25:23 GMT
date: Tue, 07 May 2024 21:25:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.a-ads.com/a-ads-banners/505000/320x100?region=eu-central-1 | 78.46.33.196 | 200 OK | 350 kB |
URL GET HTTP/2static.a-ads.com/a-ads-banners/505000/320x100?region=eu-central-1 IP78.46.33.196:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ad.a-ads.com/2322036?size=320x100 CertificateIssuerSectigo Limited Subject*.a-ads.com FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6 ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typeGIF image data, version 89a, 320 x 100 Size350 kB (349814 bytes) Hashca6212d45b0a1c21524d9ff29f022f2a a7626343fa4baa9f90b020e388fc554921393481 b2d0a6773e4d25a6e26d549eabcbe93a9d587c0806ee0008569a0a91136b92a9
GET /a-ads-banners/505000/320x100?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/gif
content-length: 349814
x-amz-id-2: HZpBlmx76KFf7fbwOYmEEsZ01Nctxil78qhR23bE1UkZFcNgSs/3+n1HmkB/7nDIAgOlNBOlg0A=
x-amz-request-id: HR60WRF42K9DKZQ5
x-amz-replication-status: COMPLETED
last-modified: Fri, 08 Mar 2024 13:16:03 GMT
etag: "ca6212d45b0a1c21524d9ff29f022f2a"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: Exf0H4tcy6dljflchcay_fAHVzOsqhUo
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.wmgtr.com/cic/XVpG30UFPZPfZ6vh7IayjvObPWQIYsXd.png | 45.133.44.32 | 200 OK | 13 kB |
URL GET HTTP/2i.wmgtr.com/cic/XVpG30UFPZPfZ6vh7IayjvObPWQIYsXd.png IP45.133.44.32:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjecti.wmgtr.com FingerprintC3:69:C8:AD:52:95:77:79:3A:41:14:93:DE:ED:EA:B0:DA:18:DE:0E ValiditySat, 20 Apr 2024 03:01:12 GMT - Fri, 19 Jul 2024 03:01:11 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2022:08:30 20:15:26], baseline, precision 8, 192x192, components 3 Hash47a01952086fc563140600937f1cfe58 6ce721ef10c9299d95613a32b1d1f201e20d6b3c 4db017b689878a5b038bf012414b30d924ed1c78475ade9f44d9737195df62ba
GET /cic/XVpG30UFPZPfZ6vh7IayjvObPWQIYsXd.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:25 GMT
content-type: image/jpeg
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
cache-control: max-age=82800
expires: Wed, 08 May 2024 20:25:25 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fastcdn.jdi5.com/css/newmoviesupdate.wapqiz.com/style.css | 172.67.165.78 | 200 OK | 12 kB |
URL GET HTTP/2fastcdn.jdi5.com/css/newmoviesupdate.wapqiz.com/style.css IP172.67.165.78:443
CertificateIssuerGoogle Trust Services LLC Subjectjdi5.com Fingerprint0A:37:16:13:78:6E:DA:39:59:5C:BF:40:B2:52:20:5D:E0:13:DB:60 ValidityWed, 13 Mar 2024 22:43:31 GMT - Tue, 11 Jun 2024 22:43:30 GMT
File typeASCII text, with very long lines (12383), with no line terminators Hashc7c3fe78d7f66825576c2bfb9b0adcca eb9447ec7a172f8e4e533cd8a83e4743e37260d1 3c3d89e6b505dcfb73fb1c5ab2eddabcfa737fd3cc64350b1346b6fac7d23404
GET /css/newmoviesupdate.wapqiz.com/style.css HTTP/1.1
Host: fastcdn.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:22 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 21:25:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vnOZ2wXr4vsVmaa%2Baom0zgoOLRscPOXmS9epSC1r5SzbZHelUFYnbNdqo%2Fq4lQ%2Fnofo3Bt7UPGDelv0DHgfKWPOSGfuEE4dJolQnYhrMPGIw4W4q06bwzoLIVHuYVa49Rd2K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88044840ed10b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| px.greenfox.ink/pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43509b58b68d940f8734726dfed6c5c8|1|afilmyhub.online&event_type=1&rand=c580b7ae8c | 172.67.190.65 | 200 OK | 42 B |
URL GET HTTP/2px.greenfox.ink/pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43509b58b68d940f8734726dfed6c5c8|1|afilmyhub.online&event_type=1&rand=c580b7ae8c IP172.67.190.65:443
CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint1D:F2:D9:89:40:57:47:72:7F:1E:43:37:04:C4:B0:47:A8:C7:BF:34 ValiditySun, 21 Apr 2024 15:02:16 GMT - Sat, 20 Jul 2024 15:02:15 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43509b58b68d940f8734726dfed6c5c8|1|afilmyhub.online&event_type=1&rand=c580b7ae8c HTTP/1.1
Host: px.greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:24 GMT
content-type: image/gif
content-length: 42
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: unq-user-id=aaaaaaaaaa; Path=/; Domain=px.greenfox.ink; Max-Age=31536000; HttpOnly; Secure; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wd31wA32ngdRu3T7P%2BIhHxjV1QQPc5FokUNIHXWbw1GMBQDC8lVpJ3ABnllhMIxFq19yvC6K9rzxaG9G0jFQlJcxrinbdPCuoFNFP7RDaFYJDTj74dNBHSrdLJXwR2xkKjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804484c4cb7b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| udzpel.com/template/livechat1.html | 104.21.43.91 | 200 OK | 6.0 kB |
URL GET HTTP/2udzpel.com/template/livechat1.html IP104.21.43.91:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerGoogle Trust Services LLC Subjectudzpel.com Fingerprint69:01:92:02:08:1A:70:E2:88:A5:EA:85:BD:FA:BA:A6:FB:3B:02:40 ValidityTue, 23 Apr 2024 12:02:06 GMT - Mon, 22 Jul 2024 12:02:05 GMT
File typeHTML document, ASCII text, with very long lines (6115), with no line terminators Hash5aa6524904359ebe9bcea3b4053a8f54 1b95a0a1dfd0d8bce945ad2a88da4f5d8e5d0c68 b792e7b6c4b4438c9c9b2f9dfad293dde528da2fc617e3bd527221c74a8596b2
GET /template/livechat1.html HTTP/1.1
Host: udzpel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.btc747.xyz/
Origin: https://www1.btc747.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www1.btc747.xyz
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 07 May 2024 18:50:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDf54rdrRQzr7%2BfEGWaH5wGeJ8vMXAw%2BXJl%2FpOHARNGhLcDN6GjO2JQMHcMAojX9YOWUsvs3ntm67nWdqcDPtdh0kC%2F1n2eGFx5DnxKMnzBdWHEB6GD%2BmWMYwtcl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804484f589eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 188.114.96.1 | 200 OK | 80 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectafilmyhub.mom Fingerprint38:4D:27:DD:A1:A6:85:7B:0C:7E:CF:65:8A:DF:73:B4:8B:6C:1C:38 ValiditySat, 27 Apr 2024 09:44:46 GMT - Fri, 26 Jul 2024 09:44:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: afilmyhub.mom
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: afilmyhub_mom=6pur6uk1rg0ligcpa8idot7vsu; path=/; domain=afilmyhub.mom
expires: Tue, 07 May 2024 21:29:46 GMT
cache-control: public
pragma: no-cache
last-modified: Tue, 07 May 2024 21:19:46 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TWT3J0MROII1bXI2SpA3pJRbNJ9QFbyU64Uvmk6XTX5CxHA550LhmxvXwWSe0huBB5bBTLVnpGZFrNKbeDhYsKhI32bWshieeJHSmQLkgcCd53EGodJFvSIeBDVMtUvy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804483e397e56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUGJ77wIPTZ2MggJBG85vaSyumTrd5d343ouD3RWFfcKx3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqE3ErnMCQiWRhzNkVYoS7T1BtDHZSa7cNfIoE_p_qXQ9WiV_p_HrsOZQ1H22fTTFO1LZ85C3r4QeM6ZfEdwP18P7gvcDz9B2_s_XwpdUii57RMZHsOAPN5in9vST.webp | 104.21.68.249 | 200 OK | 9.0 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUGJ77wIPTZ2MggJBG85vaSyumTrd5d343ouD3RWFfcKx3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqE3ErnMCQiWRhzNkVYoS7T1BtDHZSa7cNfIoE_p_qXQ9WiV_p_HrsOZQ1H22fTTFO1LZ85C3r4QeM6ZfEdwP18P7gvcDz9B2_s_XwpdUii57RMZHsOAPN5in9vST.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hash102aeb13d39b278efb0e2dbfc3688ef5 c959bd8aaf4ae1385a34d4eb5da8948ae2aa58ff e96e2bc6e578eb1075c8bda36250d3507ec2f9b31a5bd3da228c742670d84eb4
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUUGJ77wIPTZ2MggJBG85vaSyumTrd5d343ouD3RWFfcKx3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqE3ErnMCQiWRhzNkVYoS7T1BtDHZSa7cNfIoE_p_qXQ9WiV_p_HrsOZQ1H22fTTFO1LZ85C3r4QeM6ZfEdwP18P7gvcDz9B2_s_XwpdUii57RMZHsOAPN5in9vST.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 13:37:49 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 13:37:49 GMT
cf-cache-status: HIT
age: 43579
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4hV1Z8f7fKAOge%2B2PDMxsQivKD3CyzN02ROb4sSugNqquvx8VJF7Fjh81f1ik2kcf4%2B5KDwP4awnaG4xTmSID4LczV%2B2ZLJAxSfzSGF0hnDqaUxxjXHDQBkI2dRN7lY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448444a5f56ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUVUcr_s_1c6SKichxexe_p_tvmRmeiR_p_txe3Im7uD7TC1nRfB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqR1VmvBD4mVUFsTxkI5QvImDwPLIiSqf8aBZ99_s_y0iJlkAP68fJy4LhivvXVanL9YaUyaiQeY8ffwRwPZXBptuUBvtAW_p_oxpMQtSZwRdZWs8Ukd_s_Ta6ebZkZxK101MKZOgwne7GU4xKD9w1A.webp | 104.21.68.249 | 200 OK | 9.2 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUVUcr_s_1c6SKichxexe_p_tvmRmeiR_p_txe3Im7uD7TC1nRfB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqR1VmvBD4mVUFsTxkI5QvImDwPLIiSqf8aBZ99_s_y0iJlkAP68fJy4LhivvXVanL9YaUyaiQeY8ffwRwPZXBptuUBvtAW_p_oxpMQtSZwRdZWs8Ukd_s_Ta6ebZkZxK101MKZOgwne7GU4xKD9w1A.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hashb760556e614771c489cd1475a501e49e b53d0cf2188b04fa31b8e262930797fc34cb0e04 db04d5b24e3b13e12d3705c08ecaabce65b665f17440727e824db453628fdaf9
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUVUcr_s_1c6SKichxexe_p_tvmRmeiR_p_txe3Im7uD7TC1nRfB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqR1VmvBD4mVUFsTxkI5QvImDwPLIiSqf8aBZ99_s_y0iJlkAP68fJy4LhivvXVanL9YaUyaiQeY8ffwRwPZXBptuUBvtAW_p_oxpMQtSZwRdZWs8Ukd_s_Ta6ebZkZxK101MKZOgwne7GU4xKD9w1A.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 13:38:53 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 13:38:54 GMT
cf-cache-status: HIT
age: 181043
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4A5ocxQaptDmVxU7kkjd%2Bpb0IJ2p0XDeh7n6jCYUzw0oqb11NHN1N3twPiLBIiDVMLdSUXSKhcM0qhgHP3br%2BPHc4BmBKQlzVlvqa%2BDuNvJgz%2BGVV7V3a1DyNUiOq9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448445a8956ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|afilmyhub.online&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg | 104.21.94.75 | 302 Found | 47 kB |
URL GET HTTP/2revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|afilmyhub.online&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg IP104.21.94.75:443
CertificateIssuerGoogle Trust Services LLC Subjectstats.rip Fingerprint01:FE:22:14:7E:44:24:CD:0B:5D:67:ED:83:98:B3:65:F8:35:32:A4 ValidityFri, 05 Apr 2024 02:49:12 GMT - Thu, 04 Jul 2024 02:49:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|afilmyhub.online&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg HTTP/1.1
Host: revive.stats.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 07 May 2024 21:25:24 GMT
content-type: text/html; charset=UTF-8
location: https://amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg
set-cookie: user_uniq_id=23719F612B53086108CCB1E79A49A2D4; expires=Wed, 07-May-2025 21:25:24 GMT; Max-Age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rYmofLj9LZfXQZ%2BgDLRPbFIj7yFb2sm%2Faq%2FoT6qpDeo6CWK7zok9tJ7MoH%2F566%2Bk7Q6aRErDCOBN8RNMz6rqUj6Q%2B3zBGqLrwKV3Hnk2%2FxmVliMUQKOrmyM%2BS399w3uadSCM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804484c29027129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zokaukree.net/?rb=Y-xauJiir1_KPza8GNYPJDC4WokXWToRDvsS6JGJWZoAZ_IVdnxbwDRoTyfZwivNONZ70LQzYc2f_VkpqjH55ADgG8rFY-JHejGikrrG60ZjIl12HGXqyJ2hJfGGvsf6Yqwj_TbGm8g8sJI9S8rt68BjTgayGH2Gy0e0jfJFoJFnSGHtMCaFZjYrn_wVyyg0nMByIfzKLrt-42ncYwjhqS-14aGuueE3keVeYY5baOjQKR2P7JQCGDz0uBncJAYAx3ehtxiCzIQ%3D&request_ab2=0&zoneid=7435774&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fafilmyhub.mom%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=a8ed5380-2d35-46a4-bfa4-abe7e45a6d82&wasm=1&userId=0080555756f94478f3be5a4b414bab47&m=link | 139.45.197.245 | 200 OK | 2.9 kB |
URL GET HTTP/2zokaukree.net/?rb=Y-xauJiir1_KPza8GNYPJDC4WokXWToRDvsS6JGJWZoAZ_IVdnxbwDRoTyfZwivNONZ70LQzYc2f_VkpqjH55ADgG8rFY-JHejGikrrG60ZjIl12HGXqyJ2hJfGGvsf6Yqwj_TbGm8g8sJI9S8rt68BjTgayGH2Gy0e0jfJFoJFnSGHtMCaFZjYrn_wVyyg0nMByIfzKLrt-42ncYwjhqS-14aGuueE3keVeYY5baOjQKR2P7JQCGDz0uBncJAYAx3ehtxiCzIQ%3D&request_ab2=0&zoneid=7435774&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fafilmyhub.mom%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=a8ed5380-2d35-46a4-bfa4-abe7e45a6d82&wasm=1&userId=0080555756f94478f3be5a4b414bab47&m=link IP139.45.197.245:443
CertificateIssuerLet's Encrypt Subjectzokaukree.net FingerprintC0:B6:2C:1B:C6:37:68:38:7C:A4:E0:F4:BF:B4:8E:D4:CA:7E:2A:F1 ValiditySun, 05 May 2024 11:48:42 GMT - Sat, 03 Aug 2024 11:48:41 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2926), with no line terminators Hash74ce00b6145ab4e5218936485c324ee2 ad8eba340eaacb70adc2b7a88417308225d0849f f81cec49fa7e6b8705a4d10833f15adae10e9fa904bc623a2b0be2d711b08d8f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /?rb=Y-xauJiir1_KPza8GNYPJDC4WokXWToRDvsS6JGJWZoAZ_IVdnxbwDRoTyfZwivNONZ70LQzYc2f_VkpqjH55ADgG8rFY-JHejGikrrG60ZjIl12HGXqyJ2hJfGGvsf6Yqwj_TbGm8g8sJI9S8rt68BjTgayGH2Gy0e0jfJFoJFnSGHtMCaFZjYrn_wVyyg0nMByIfzKLrt-42ncYwjhqS-14aGuueE3keVeYY5baOjQKR2P7JQCGDz0uBncJAYAx3ehtxiCzIQ%3D&request_ab2=0&zoneid=7435774&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fafilmyhub.mom%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=a8ed5380-2d35-46a4-bfa4-abe7e45a6d82&wasm=1&userId=0080555756f94478f3be5a4b414bab47&m=link HTTP/1.1
Host: zokaukree.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afilmyhub.mom/
Origin: https://afilmyhub.mom
DNT: 1
Connection: keep-alive
Cookie: OAID=0080555756f94478f3be5a4b414bab47; oaidts=1715117123
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:25:24 GMT
content-type: application/json
x-trace-id: f5e10bd39a6254b678dde4df1e6b44b1
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://afilmyhub.mom
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080555756f94478f3be5a4b414bab47; expires=Wed, 07 May 2025 21:25:23 GMT; path=/; secure; SameSite=None
oaidts=1715117123; expires=Wed, 07 May 2025 21:25:23 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 14 May 2024 21:25:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| smkezc.com/admc?a=2&pid=1051205&sid=1224016&wid=465053&fp=0bda360793d6d5f0c72079fa6104b64d&f=8&tz=0 | 185.162.85.3 | 200 OK | 0 B |
URL GET HTTP/2smkezc.com/admc?a=2&pid=1051205&sid=1224016&wid=465053&fp=0bda360793d6d5f0c72079fa6104b64d&f=8&tz=0 IP185.162.85.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerLet's Encrypt Subjectsmkezc.com FingerprintED:5C:CE:7B:FA:D1:40:BB:05:58:E6:76:E7:E3:DB:87:BC:48:AF:73 ValidityFri, 05 Apr 2024 09:34:38 GMT - Thu, 04 Jul 2024 09:34:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /admc?a=2&pid=1051205&sid=1224016&wid=465053&fp=0bda360793d6d5f0c72079fa6104b64d&f=8&tz=0 HTTP/1.1
Host: smkezc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.btc747.xyz/
Origin: https://www1.btc747.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 07 May 2024 21:25:25 GMT
content-length: 0
access-control-allow-origin: https://www1.btc747.xyz
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/2019/04/chicken-makhni-karahi.html | 104.21.26.18 | 200 OK | 2.7 kB |
URL POST HTTP/31337x1.wb4.xyz/2019/04/chicken-makhni-karahi.html IP104.21.26.18:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2869), with no line terminators Hashb592be48f38721fd690f340edb620136 40d743c8e73051210b8654c7671eaffeeb52218a d586f0df76000646f2742f61f0de7793565a0e457b953a9513988c9c0fcf290a
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Anti-debugging code |
POST /2019/04/chicken-makhni-karahi.html HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 28
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EeZRp123Od4Fpf5ye2o5VKeONbEoXqXEDe2GCymyWJGMT0DfVqKEoZxgSaN1XFRWmRHBaYBW8%2F5nip0ek%2BwoXwcR0B2a%2Feyknrr6GuC2QeGZMg9%2FkGWyf2u4d2ApeVaRKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880448509d5756aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg | 104.21.94.75 | 302 Found | 47 kB |
URL GET HTTP/3revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg IP104.21.94.75:443
Requested byhttps://www1.btc747.xyz/2024/04/ancelotti-lauds-real-madrid-goalscorer.html CertificateIssuerGoogle Trust Services LLC Subjectstats.rip Fingerprint01:FE:22:14:7E:44:24:CD:0B:5D:67:ED:83:98:B3:65:F8:35:32:A4 ValidityFri, 05 Apr 2024 02:49:12 GMT - Thu, 04 Jul 2024 02:49:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=2&service=test&advertiser=BATERY_PageBanners&custom=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg HTTP/1.1
Host: revive.stats.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Tue, 07 May 2024 21:25:25 GMT
content-type: text/html; charset=UTF-8
location: https://amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg
set-cookie: user_uniq_id=23719F612B53086108CCB1E79A49A2D4; expires=Wed, 07-May-2025 21:25:25 GMT; Max-Age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qMGGGxN0RMdzKlGihXWRKUp5qOqNWPFYkce2XSz4kkOTeavJaszQuD2IdnTtRzaiZoIg0ukEFG3kDkQagPy08c4ll5l1NZdXhn87PcZDNivpJrmhzOqA2FVBpj1Xnw9Ed15c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88044850ae8f56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zovidree.com/tag.min.js | 104.21.16.31 | 200 OK | 90 kB |
IP104.21.16.31:443
CertificateIssuerLet's Encrypt Subjectzovidree.com FingerprintE7:A2:02:40:34:64:74:90:8F:C4:F5:DA:6D:7F:08:2D:33:29:9A:FD ValidityMon, 22 Apr 2024 15:25:10 GMT - Sun, 21 Jul 2024 15:25:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash7573260aff69fe8406b0115ab4bcefaa f7f5c31f2481bd176a9b79deff1b7c0d4878f87c 280186476a1f8103793e2139d4654b16f61a2a1d393966388f55b8ed795ebba3
GET /tag.min.js HTTP/1.1
Host: zovidree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 1a13b2616487079790d1ad15928b1eb9
cache-control: max-age=86400
last-modified: Sun, 05 May 2024 17:51:41 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 08 May 2024 03:11:59 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 65601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BL7XKiO7utZgrRi%2FI9Q7BDNd0H91JF9L8AvdRXKk6aEW8elwW2OW1dGCAHfADBOPX6Hztu9TSJ%2FPuxl2c97RAovGGxSIyrFIFVFgwCfP9kr66AJKBjLG2tj8a7HCVPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804484439ab1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www1.btc747.xyz/ | 188.114.97.1 | 200 OK | 390 B |
IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectbtc747.xyz FingerprintFD:B3:38:1F:1C:E9:EB:8E:2D:97:07:0F:E0:C8:59:E1:D4:BE:85:D6 ValidityTue, 26 Mar 2024 01:58:23 GMT - Mon, 24 Jun 2024 01:58:22 GMT
File typeHTML document, ASCII text, with very long lines (432), with no line terminators Hash59488f1160527c8b71acae951db7ae2c 8c787fdd341ded02ca4b4159ed1b070932903bdf 61aa6cc92f74c34d903731603fac5e7cd883b41527d38707252262f25136f0db
POST / HTTP/1.1
Host: www1.btc747.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 24
Origin: https://www1.btc747.xyz
DNT: 1
Connection: keep-alive
Referer: https://www1.btc747.xyz/submit.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:25:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=sam; expires=Thu, 06-Jun-2024 21:25:24 GMT; Max-Age=2592000; path=/; domain=www1.btc747.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2F5LLsd78FqesIO5IYBbpt%2Bh%2BY7ZYno5pTCAy9X5tuZeUE5Xfke6iABw6P2ZrjufyOh%2F1Qji32KKjH3b26EOCBzRFZ5rx%2Be3t%2F2RFr1%2FfXfhvYew9XaisTLkE3hdA%2BN9rH0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804484bbb8e56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUVSIe_p_jJaGKjsstJUGy5frClrqXqt8Li4HuvmvWDl_p_LKB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqI3FLoNiEuUVlsRBgV_s_0eUhUVacaWL5cBfK500pHI9Wh09PqdBBSFK1n_s_LQV65bfQKEnq5IcEjev1VpfEVLrh3V0KgBCSWz5xEjjZgAt5K86ROMMHu.webp | 104.21.68.249 | 200 OK | 13 kB |
URL GET HTTP/2i1.iwebp.xyz/webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUVSIe_p_jJaGKjsstJUGy5frClrqXqt8Li4HuvmvWDl_p_LKB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqI3FLoNiEuUVlsRBgV_s_0eUhUVacaWL5cBfK500pHI9Wh09PqdBBSFK1n_s_LQV65bfQKEnq5IcEjev1VpfEVLrh3V0KgBCSWz5xEjjZgAt5K86ROMMHu.webp IP104.21.68.249:443
CertificateIssuerLet's Encrypt Subjectiwebp.xyz FingerprintE3:88:38:FC:88:89:3B:EE:CB:7F:DA:68:F8:27:8B:C6:DF:DF:EC:08 ValidityWed, 01 May 2024 22:12:41 GMT - Tue, 30 Jul 2024 22:12:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 210x225, Scaling: [none]x[none], YUV color, decoders should clamp Hash7c1ffa2c63cba69481676e3c9ad252e2 e9d6e8b19de4cd0eb78df9865cd92be67aafdd20 3abee22f462cb46d0f1e457f11e073e6261369532073ef875bbe0a9781afb912
GET /webp/210x225/80/CJEW4LsOK5M6HL9PrIokXnSk9LXFKi1itoX_p_lNgJuVaB9ZUaWUVSIe_p_jJaGKjsstJUGy5frClrqXqt8Li4HuvmvWDl_p_LKB3nnNSCbwIgIefXYRWBeROdRuHP_s_yEmJHdQlHqI3FLoNiEuUVlsRBgV_s_0eUhUVacaWL5cBfK500pHI9Wh09PqdBBSFK1n_s_LQV65bfQKEnq5IcEjev1VpfEVLrh3V0KgBCSWz5xEjjZgAt5K86ROMMHu.webp HTTP/1.1
Host: i1.iwebp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afilmyhub.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:25:23 GMT
content-type: image/webp
cache-control: max-age=31536000
expires: Thu, 04 Jul 2024 13:39:31 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
last-modified: Sun, 05 May 2024 13:39:32 GMT
cf-cache-status: HIT
age: 181051
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDgXNgAXXMBZsOGV0s4QMu8a8unpfQqQslMZ9jI9fA3teJdPH1Vdk2Rocrq750wDFbhs%2Fr%2BPTluuA7nJdMGVSuaN5CprZW9qPQ7%2BgyQFnPKvBfLSBfNSB0Ps7Mwd%2F98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880448444a6a56ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
0.0.0.0