Report - www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam

Report Overview

Submitted URL
www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=
IP
104.21.89.12
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-25 08:26:31
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.aflam4youtv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	926 B	1.3 kB	172.67.155.129
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	1.9 kB	151.101.85.229
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	6.3 kB	172.67.194.45
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	432 B	748 B	139.45.195.8
widgets.amung.us	12623	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	438 B	401 B	104.22.75.171
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	5.8 kB	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	24 kB	216.58.207.195
asacdn.com	184839	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	37 kB	104.21.93.4
datatechonert.com	46154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	500 B	487 B	37.48.68.71
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.3
onvictinitor.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	58 kB	139.45.197.238
youradexchange.com	273384	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.0 kB	35.190.41.116
cdnquality.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	774 B	26 kB	104.17.72.30
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	44 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.9 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.9 kB	172.64.155.188
ipp.littlecdn.com	109716	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	10 kB	172.67.10.98
grunoaph.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	28 kB	139.45.197.238
utopianwilderness.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	12 kB	172.67.191.246
swarm.video	126884	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	817 B	104.21.17.85
whos.amung.us	12687	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	314 B	104.22.75.171
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.167.231.108
awstats.cloud	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	760 B	172.67.168.34
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	746 B	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	grunoaph.net	Sinkholed
2022-11-25	medium	datatechonert.com	Sinkholed
2022-11-25	medium	grunoaph.net	Sinkholed
2022-11-25	medium	grunoaph.net	Sinkholed

JavaScript (27)

	URL	Size	First Seen	Last Seen
	asacdn.com/script/suv4.js	101 kB	2023-03-08	2023-03-11
Pretty URL asacdn.com/script/suv4.js IP 104.21.93.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:21 Last Seen2023-03-11 23:39:52 Times Seen1 Hash 58a3706369493493b3ca003a227b6fa6 1a715fa45634551d61637634328730eb6098cd1a ab1897b374e76000c289e1491e74d94e2a30584f4388b57b6b3ec8dab467ee2c Loading...

	grunoaph.net/tag.min.js	73 kB	2023-03-11	2023-03-11
Pretty URL grunoaph.net/tag.min.js IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:17:02 Last Seen2023-03-11 23:31:48 Times Seen1 Hash 63761b977d8cb9d017f60f63aaca634b 172ac1cac1983f0ce6dd437b7f3217d64ade8291 bd48c41ac9699227ddf2783338474f177b437c948c342227b13de973c386e8dd Loading...

	utopianwilderness.com/embed/jenkaxvf1aijf	1.7 kB	2023-03-11	2023-03-11
Pretty URL utopianwilderness.com/embed/jenkaxvf1aijf IP 172.67.191.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash 3650fca68bd73666d964244c16397578 cc0b8c9713ed135da8ee7b36f9a295edb87863cd 951db465d1ed6b0a6486d188ce3a2af8e6296ed9d2ba6f9f3d7e3a0927c30d1d Loading...

	swarm.video/nsns.js	518 kB	2023-03-08	2023-03-13
Pretty URL swarm.video/nsns.js IP 104.21.17.85 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:29:27 Last Seen2023-03-13 20:44:23 Times Seen1 Hash c95e5712a5d3b8dc8afc8748d0df8b7c fca006b6311071917e91abef2d8b5034c142024e 3dfed3a9800cc7221ac336a2da595938d815edcbd90cd0d08a09f7b296e14db2 Loading...

	awstats.cloud/js/plausible.js	1.3 kB	2023-03-07	2024-04-23
Pretty URL awstats.cloud/js/plausible.js IP 172.67.168.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-23 16:37:21 Times Seen1159 Hash 5fce354514318424fd93ceb724f574d0 4555a156f92cf24c5e68b965597019655b893ac2 7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9 Loading...

	onvictinitor.com/apu.php?zoneid=5548724	66 kB	2023-03-11	2023-03-11
Pretty URL onvictinitor.com/apu.php?zoneid=5548724 IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash 97faf9facfb25a1b22a32f9d69fda211 2dfcdce70a0e5393cd2cd87dca0cd18c6907c05e 1e1ddcf50245bdc72b95994fc2e1c4ee90d90987c2129a07d17aaf252f0d0a01 Loading...

	utopianwilderness.com/js/jquery.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL utopianwilderness.com/js/jquery.min.js IP 172.67.191.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 08:26:39 Times Seen62283 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	utopianwilderness.com/embed/jenkaxvf1aijf	1.9 kB	2023-03-11	2023-03-11
Pretty URL utopianwilderness.com/embed/jenkaxvf1aijf IP 172.67.191.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash 58c6592004f0a309d9e03bc82ab4e6d0 aba73b487ece5c6017b6257e4acd8ee41538bf4f 6d9a32c7f403a6df25bd034fcd9c5a8701aed3473c2eb309e1fea74063bcf506 Loading...

	utopianwilderness.com/embed/jenkaxvf1aijf	229 B	2023-03-07	2023-07-08
Pretty URL utopianwilderness.com/embed/jenkaxvf1aijf IP 172.67.191.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:45 Last Seen2023-07-08 16:38:38 Times Seen3 Hash d4f7b42ac8fe67548df294b2fb0df0f9 ff414606c874eda6ad38164cf1ae41945844769c e88c44949ad0cb2cfdb58dbbd546969c38eb4cb866cca7aa96b0d5685c0b4186 Loading...

	utopianwilderness.com/embed/jenkaxvf1aijf	160 B	2023-03-07	2023-03-11
Pretty URL utopianwilderness.com/embed/jenkaxvf1aijf IP 172.67.191.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:45 Last Seen2023-03-11 23:39:52 Times Seen1 Hash fd339c40040f786d9190deab061ea23c 67cd327549718048d417160088fe28a5588ed600 0b8af7d426487c81c43e48e2a4bb31d143a9a5414f35e274d83df908f5afa786 Loading...

	utopianwilderness.com/embed/jenkaxvf1aijf	292 B	2023-03-11	2023-03-11
Pretty URL utopianwilderness.com/embed/jenkaxvf1aijf IP 172.67.191.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash 5939ba7e7935b3a08e2fdbdf03579c5c d1c0bf4cafad6135ab1f61cc0c964aa7663226c4 affac48609c732852226332d26fddc33441baa3fa47b856e4c59806d5aa95e3b Loading...

	utopianwilderness.com/embed/jenkaxvf1aijf	2.6 kB	2023-03-08	2023-03-11
Pretty URL utopianwilderness.com/embed/jenkaxvf1aijf IP 172.67.191.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:31:05 Last Seen2023-03-11 21:58:08 Times Seen1 Hash d0d01a9c2909ef03a08ebc0dc78e89e0 e99fceac14037eb86786f21587b81504d9215290 03317f9d1d0510043f370e0d33ae903a0c6018011da547249f035a513dd166b6 Loading...

	www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=	445 B	2023-03-11	2023-03-11
Pretty URL www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k= IP 172.67.155.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash a24d2b0a5a97eb109eeae7d8cbf2a7ef 5668c1bde6b1b1510546c1d1ce7f76207c99bba8 b670038262d6b672179d959211a8dbef7aa7b32bfa4207fca3c4f8bfa6c9aed9 Loading...

	www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=	156 B	2023-03-11	2023-03-11
Pretty URL www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k= IP 172.67.155.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash 335c929bc1da92b4b80565088c62e75f d364e236bc23e0de7608bc7647e862d492a85b84 2c4dd6d458910afe0c05846e02c578cc0ab5599b1e997416b18a6a7fd2f9d90a Loading...

	tzegilo.com/stattag.js	13 kB	2023-03-08	2023-03-12
Pretty URL tzegilo.com/stattag.js IP 172.67.194.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:59 Last Seen2023-03-12 10:48:49 Times Seen1 Hash d0de06f954f7dedba242231b0ec4052d 188d75bb9077832384f889dd15584845790bc146 efae63871ebdeb69e7d64c6782924f72584f962d540b8c55237cba93c026af16 Loading...

	utopianwilderness.com/embed/jenkaxvf1aijf	44 B	2023-03-07	2024-04-07
Pretty URL utopianwilderness.com/embed/jenkaxvf1aijf IP 172.67.191.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:45 Last Seen2024-04-07 06:55:41 Times Seen71 Hash 8fb6e79a44a0c72402372ac295ca331a 3375b6cba22e95d2035a9eac246b4889b55a8ee9 e6dce9d47c5ff7badf344ff43d4394d35dc909cb3689651d044f388f28f7f96d Loading...

	ipp.littlecdn.com/web/static/sport.js	12 kB	2023-03-08	2024-04-25
Pretty URL ipp.littlecdn.com/web/static/sport.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:11:23 Last Seen2024-04-25 05:21:27 Times Seen449 Hash d9fd7638e4b5122530bbc3715cdba2ad d8b0877cb7a6096e1abb944cd6ccc5efa837cdde dd4392dd1d6854ed374273926c38160e4a931f52170d17cdfde4056da9d30127 Loading...

	cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js	525 kB	2023-03-07	2024-04-23
Pretty URL cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:45 Last Seen2024-04-23 22:26:53 Times Seen576 Hash f55c6c796275a41ce7d97bd160e648ff 936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89 db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c Loading...

	utopianwilderness.com/embed/jenkaxvf1aijf	26 kB	2023-03-07	2023-05-20
Pretty URL utopianwilderness.com/embed/jenkaxvf1aijf IP 172.67.191.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:45 Last Seen2023-05-20 23:07:18 Times Seen2 Hash cea1f7b07c1f8bd9165b8250875bed79 f45638b8c0402dd1a3b9c4536bbd5f1979636ecb e01816f30874f50017564f4297810a47d71ef967b3dc4ca24fad239709af7930 Loading...

	cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js	2.4 kB	2023-03-07	2024-03-06
Pretty URL cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2024-03-06 19:50:32 Times Seen78 Hash cf47acbe3349c00e89193b1ff852d043 c761584c511b50350c95c995fedac85bbd354a38 0a637e8d49894e4211bdf5d4f7326a3aaab7b8be4386575820159b8c67b8ffbf Loading...

	www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=	59 kB	2023-03-11	2023-03-11
Pretty URL www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k= IP 172.67.155.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash fa2baec6de4b0f1f5c8b3aad118801fb dfb775f2d0a88f549823855bab21c7ff2f14a45c dd90d4bee8c68fd2357952b255b74b72a76f8e0ea11677a7435dae5d1fc5e80b Loading...

	www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=	1.5 kB	2023-03-11	2023-03-11
Pretty URL www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k= IP 172.67.155.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash 2a061da0432ac299a8113fd78a5de588 4998b76f0b7a161b74101a7eaca2d8a53fd9b2f5 5ea95de184e63a32408984febc7447a52ac7f4a0384830f5abd6c4077c835193 Loading...

	http:blank	664 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash 733fedbcc9415fc74fb29f79253d7450 69e42d9ef41e85ef43d55bcc40c2f1b3bc7607b4 340a3e1dcb965330b6268c8c2cee1922c645f9f36fe7c83cf19d45b51f5c2f18 Loading...

	asacdn.com/script/ut.js?cb=1669364780970	71 kB	2023-03-07	2023-03-17
Pretty URL asacdn.com/script/ut.js?cb=1669364780970 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:45 Last Seen2023-03-17 12:47:54 Times Seen1 Hash c7304eebcb5069f68bd3fa9e74218a36 b7d3c152fabc148e7ccb23b62e771610315d13f1 6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31 Loading...

	utopianwilderness.com/embed/jenkaxvf1aijf	937 B	2023-03-11	2023-03-11
Pretty URL utopianwilderness.com/embed/jenkaxvf1aijf IP 172.67.191.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash 54787fde5151e8343f45f7f3767e5324 861dc73046f6616eb910d2f309c6d847604bb451 dffa5da21bf799e25e8a8be0d3aeb1a0e8f715aa88eb3cfcad4a6a74db22c1f2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6438c5f6539cf4655f78c39c567be456	1.7 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 19:42:21 Last Seen2023-03-11 19:42:21 Times Seen1 Hash 6438c5f6539cf4655f78c39c567be456 33ddd5fe689c02449f75c7c059806fb1b3a76dfe c36eaaf2741f1a3535f5ce448022c2bd05cc69e8b1774e034247f07ea0600d7a Loading...

	#2 Eval - 2fdbde97d788893db5a3692ce62dea2d	4.3 kB	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 15:31:05 Last Seen2023-03-11 21:58:08 Times Seen1 Hash 2fdbde97d788893db5a3692ce62dea2d e29f7d4e45cce9d432a35c2eb1eb0d6847183ea4 f11182325c995da2e244250a3c1f8cab6a114a8afef084dc0d40a6b1acdfdbf7 Loading...

HTTP Transactions (65)

URL IP Response Size

www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=

172.67.155.129

301 Moved Permanently

0 B

URL HTTP/1.1
www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=
IP
172.67.155.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k= HTTP/1.1
Host: www.aflam4youtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 08:26:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 09:26:20 GMT
Location: https://www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoV%2Fzj7kRCv4%2FROYK8uD5P6Oh8MrPuHeFZ1p3fYmcvnPYYlnjcukwXwSFlsKUFh6sHCRaXYIsxGJTvF2Q%2FfW0ofEGocQIGGVd2zwsGnCtSXRXEZlm4CZ%2BZOIbQYGOc2dcnByHQq%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f8ffb76b2ab51b-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15062
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 08:26:20 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5236
Cache-Control: max-age=99127
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:20 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:58:27 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 08:17:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 534
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
37222bd683db1e55afe96256a375604e
ddf3af133eb79e833723d49c2fa4f3d737c79718
782dc51e09680218633352499f295c39c1acb188b97aeac961f4ee9af52c2264

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "782DC51E09680218633352499F295C39C1ACB188B97AEAC961F4EE9AF52C2264"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18683
Expires: Fri, 25 Nov 2022 13:37:43 GMT
Date: Fri, 25 Nov 2022 08:26:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6594
Expires: Fri, 25 Nov 2022 10:16:14 GMT
Date: Fri, 25 Nov 2022 08:26:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: p21q2HuiQJ91deZHILTJCXufDsXvCSwJWPqAKxgMlct5VFkjmWHttytUbT/UGYHB42e38uL01k0=
x-amz-request-id: C0CNDB5PXESXBRYM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 07:40:43 GMT
age: 2737
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 08:26:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
37222bd683db1e55afe96256a375604e
ddf3af133eb79e833723d49c2fa4f3d737c79718
782dc51e09680218633352499f295c39c1acb188b97aeac961f4ee9af52c2264

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "782DC51E09680218633352499F295C39C1ACB188B97AEAC961F4EE9AF52C2264"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18682
Expires: Fri, 25 Nov 2022 13:37:43 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
a2443a2800e492d7e813a0ef0cb577f5
8674882a2d13fb4452ece2d71cce3bbba2f9e5a8
138c2cb34cd0e25df3eaf46e12d6049474b9c572eb0be3ffd27c3e773004a2bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6174
Cache-Control: max-age=160516
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:21 GMT
Etag: "63803413-116"
Expires: Sun, 27 Nov 2022 05:01:37 GMT
Last-Modified: Fri, 25 Nov 2022 03:18:43 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js

151.101.85.229

200 OK

1.1 kB

URL HTTP/2
cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2290)
Size
1.1 kB (1082 bytes)
Hash
40b3ef2768d7935061842ffe0fa61e82
e9c69254feb8f40811ebb97120b454056264fa3b
7c586b754e539026c170338190bb64f68f78bc533102d5a1d818e687f21b1fb1

HTTP Headers

GET /npm/console-ban@4.1.0/dist/console-ban.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.1.0
x-jsd-version-type: version
etag: W/"94a-x2FYTFEbUDUMlcmV/trIW701Sjg"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 08:26:21 GMT
age: 3031347
x-served-by: cache-fra-eddf8230097-FRA, cache-bma1629-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1082
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
a2443a2800e492d7e813a0ef0cb577f5
8674882a2d13fb4452ece2d71cce3bbba2f9e5a8
138c2cb34cd0e25df3eaf46e12d6049474b9c572eb0be3ffd27c3e773004a2bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6174
Cache-Control: max-age=160516
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:21 GMT
Etag: "63803413-116"
Expires: Sun, 27 Nov 2022 05:01:37 GMT
Last-Modified: Fri, 25 Nov 2022 03:18:43 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

asacdn.com/script/suv4.js

104.21.93.4

200 OK

36 kB

URL HTTP/2
asacdn.com/script/suv4.js
IP
104.21.93.4:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Size
36 kB (35893 bytes)
Hash
8ea55b4bcade4933dcd1f509f6752847
11e7f7396db82dbebd0139f3d26179ec3dc25f24
b6eb4e1da9739e7ec98db2f45a7f150d3798b9c7bb87a964a52c80734ec40241

HTTP Headers

GET /script/suv4.js HTTP/1.1
Host: asacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:21 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdu8Qzh3Y4lzdEeiymgEIRXf2O9sKx54L9-s4gG9efKxUTMQum6Hu9EEMaOLQDhakSKid2ZAtcjqM8googE7L7ZBhnf6E9dh
x-goog-generation: 1669191527960820
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 25 Nov 2022 08:23:58 GMT
cache-control: public, max-age=14400
age: 2022
last-modified: Wed, 23 Nov 2022 08:18:48 GMT
etag: W/"58a3706369493493b3ca003a227b6fa6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXPw2OEsE5s5FzTdKQoMuL3QVsLBXXIpb0oexQR0FWAEnRZSuulqwtC1dTVcJerRCvHR4xxgFGGl%2Fe4G9%2BGxxQ%2B9Ke7S%2BvVhuBcegUhnQD9ufZXetsfX4cX6x1S4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffbbbbc4b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 08:11:11 GMT
cache-control: public,max-age=3600
age: 910
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d23e2a2bbe01990c348ee125185a5c2
e9b607c13a5566a702a507e10057282fc93278a5
adcdab11320c06efbd49b3e3914b848a05263aef2aee795be6948e5a8e0ddab2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADCDAB11320C06EFBD49B3E3914B848A05263AEF2AEE795BE6948E5A8E0DDAB2"
Last-Modified: Thu, 24 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9963
Expires: Fri, 25 Nov 2022 11:12:24 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d23e2a2bbe01990c348ee125185a5c2
e9b607c13a5566a702a507e10057282fc93278a5
adcdab11320c06efbd49b3e3914b848a05263aef2aee795be6948e5a8e0ddab2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADCDAB11320C06EFBD49B3E3914B848A05263AEF2AEE795BE6948E5A8E0DDAB2"
Last-Modified: Thu, 24 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9963
Expires: Fri, 25 Nov 2022 11:12:24 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
0211444fce107b6bcead194dd7868f06
315531905c1efcadf15135f142e0a12785331125
00b52df308107aebbc5e3c01f1dc2ef4fededafd7d5b6160010025f11862ddba

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "00B52DF308107AEBBC5E3C01F1DC2EF4FEDEDAFD7D5B6160010025F11862DDBA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15198
Expires: Fri, 25 Nov 2022 12:39:39 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1293
Cache-Control: max-age=90121
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:21 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:28:22 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

grunoaph.net/tag.min.js

139.45.197.238

200 OK

23 kB

URL HTTP/2
grunoaph.net/tag.min.js
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (23258 bytes)
Hash
09c6bc35f4808f91eef702f269b590ea
e684a310ca3a4f2fdfb24c5a99a34dd96d634ec5
f50dd06f8c62afb27e75aab75507ff7517b9f896a2f8dc489d458f4e45a14e02

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 08:26:21 GMT
content-type: text/javascript; charset=utf-8
content-length: 23258
content-encoding: br
x-trace-id: 71d795d690e783e015f490e374334cdc
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 10:06:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
e38e74658bc09f31293e68f2fd628762
aadc5b43ce978177f8fb2d5ba7ab8417421c8f91
93c3977f649fea81454e1d7206240bed42a5091240a7c8e35917e12f91884243

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6144
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:21 GMT
Last-Modified: Fri, 25 Nov 2022 06:43:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280

tzegilo.com/stattag.js

172.67.194.45

200 OK

5.5 kB

URL HTTP/2
tzegilo.com/stattag.js
IP
172.67.194.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12966), with no line terminators
Size
5.5 kB (5512 bytes)
Hash
8149cebd1fc553f016a0ee52dd4c677f
e091240fd66b5de1799c5b55f66dbf0d1077b1ac
a59c9aa3b3046baec8c322632aac7c5ef95bc0439c5953ecdcbc57690e03c9df

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:21 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 665
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sik0kbirQ3X3LuRB%2FrO4nlrESWF%2FiWsgnPT4tFUUBphtTemwv5iWNuuBALBdSaFGsDhJnoydJjtwHZvoIztSTF%2BQsrr95a%2BINcK%2FUXzn3N89xn176SSnoxP8pnunKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffbe7f2ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
94d86bd8aa3fb64d5ef4ba39b2093f46
f6f8b969e6d14af88dcd584c72ad52d904d459e9
43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2834
Expires: Fri, 25 Nov 2022 09:13:35 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68220cac7d3a70bb3d5f6734a84302b3
bc6bb98e39bfc5353804a0388960ecf01a7ab5c5
b108430399664d81ce9cde75b2cd2fa96df821b2639df68926122b10ac2e6b7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B108430399664D81CE9CDE75B2CD2FA96DF821B2639DF68926122B10AC2E6B7F"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4749
Expires: Fri, 25 Nov 2022 09:45:30 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

my.rtmark.net/gid.js?userId=4ff4795aed6747ffa7e4cec8c01a8819

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=4ff4795aed6747ffa7e4cec8c01a8819
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
44cf5455b6f5f14a235c675f6ddab9e5
888921d595cd82235f5ae624bfbb41591a4d0b03
8177fd47ed0336534f4b09d8afd8cfce7c3258f9edeea9a186e4c7d3174d8fe8

HTTP Headers

GET /gid.js?userId=4ff4795aed6747ffa7e4cec8c01a8819 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 08:26:21 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.aflam4youtv.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4ff4795aed6747ffa7e4cec8c01a8819; expires=Sat, 25 Nov 2023 08:26:21 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
bb0752e5c582d262c6fb2ccbbc4934b2
b284274f65c07ff39fb6c63027ba0d270cfee9a1
e4898311cb2f15694ca5ecae012ab44195e08c1a1f4380958799df7799818dff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 08:26:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 05:22:25 GMT
Expires: Wed, 30 Nov 2022 05:22:24 GMT
Etag: "b284274f65c07ff39fb6c63027ba0d270cfee9a1"
Cache-Control: max-age=420362,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f8ffbdff600b3d-OSL

push.services.mozilla.com/

35.167.231.108

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.167.231.108:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IpLdafyWOThqcy3MpBIspQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Kk11awfIFp2+2yRrHZdUTRteM9c=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2f1d3a3fc637cbe655e1e782639f7572
16a6333493e424b5c43432225f48dff674c7d309
c219ad015e4731a2103f73f74c1137ebfdc85393c9d3dbbcfec8163dc85f3b22

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1283
Cache-Control: max-age=151290
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:22 GMT
Etag: "63802325-117"
Expires: Sun, 27 Nov 2022 02:27:52 GMT
Last-Modified: Fri, 25 Nov 2022 02:06:29 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 279

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ba98650cceb17a47ac0f34de3c3c2574
78e21c7a408c8ef34065defa22dbcb926f562d9b
8a311b1ba0b977b6b27fd02043471f29e6608bbe3c2cabe904b09f5f04510d98

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 08:26:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 01:33:16 GMT
Expires: Tue, 29 Nov 2022 01:33:15 GMT
Etag: "78e21c7a408c8ef34065defa22dbcb926f562d9b"
Cache-Control: max-age=320212,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f8ffbf78e50b3d-OSL

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
0211444fce107b6bcead194dd7868f06
315531905c1efcadf15135f142e0a12785331125
00b52df308107aebbc5e3c01f1dc2ef4fededafd7d5b6160010025f11862ddba

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "00B52DF308107AEBBC5E3C01F1DC2EF4FEDEDAFD7D5B6160010025F11862DDBA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15197
Expires: Fri, 25 Nov 2022 12:39:39 GMT
Date: Fri, 25 Nov 2022 08:26:22 GMT
Connection: keep-alive

datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

37.48.68.71

200 OK

12 B

URL HTTP/1.1
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
37.48.68.71:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 954
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 08:26:22 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.aflam4youtv.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

ipp.littlecdn.com/web/static/ball.png

172.67.10.98

200 OK

9.6 kB

URL HTTP/2
ipp.littlecdn.com/web/static/ball.png
IP
172.67.10.98:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
9.6 kB (9637 bytes)
Hash
903ff2b408f3246176c88a3936d5fd22
158954159a9ee7549b03bd5b93faa739dbbae7c3
7d82e30c72c434e3660014ff97d2cceea967d2014ce801844d784095133896cc

HTTP Headers

GET /web/static/ball.png HTTP/1.1
Host: ipp.littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: image/png
content-length: 9637
last-modified: Fri, 16 Apr 2021 13:05:23 GMT
etag: "903ff2b408f3246176c88a3936d5fd22"
expires: Sat, 26 Nov 2022 07:54:45 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 1897
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc05e17b4ff-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a54b6eeb692a8c7948b524852a70ecf2
d6a16bef153f58424ac3dd406610a4f6168a61ac
f14628b7ae4f8c889f6ed8e399ec8ea6ede46dd602c68f4a3e691cffeaaf8361

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2266
Cache-Control: max-age=91447
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:22 GMT
Etag: "637f358b-117"
Expires: Sat, 26 Nov 2022 09:50:29 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:43 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 279

grunoaph.net/?rb=JJA2cEN7kQokSLhnwODQSgprWMQec1OsXx7S94aOEmwoHwKG6Z15sQgEVmyelKc4CoW5Azrnx-w_2MyqFXtosjVW7cFBhlJ27YeEtpzYIq_Rg0V8Ot9iyLU7NTfG_Kg97O0EazilufK8dVt4ywggc5lpCG6VRTHj7sik6t0j0YzL1iXirhYYGaIdJDEL1XSP7JZVCa51IvFSUlvxfqWW0TyYK0OznFD28lk7qGeqWDOKgxm0kvM3sA%3D%3D&request_ab2=96001&zoneid=5479001&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=c1a7294a-f54d-457f-bc19-c99757a48892&userId=4ff4795aed6747ffa7e4cec8c01a8819&m=link

139.45.197.238

200 OK

2.3 kB

URL HTTP/2
grunoaph.net/?rb=JJA2cEN7kQokSLhnwODQSgprWMQec1OsXx7S94aOEmwoHwKG6Z15sQgEVmyelKc4CoW5Azrnx-w_2MyqFXtosjVW7cFBhlJ27YeEtpzYIq_Rg0V8Ot9iyLU7NTfG_Kg97O0EazilufK8dVt4ywggc5lpCG6VRTHj7sik6t0j0YzL1iXirhYYGaIdJDEL1XSP7JZVCa51IvFSUlvxfqWW0TyYK0OznFD28lk7qGeqWDOKgxm0kvM3sA%3D%3D&request_ab2=96001&zoneid=5479001&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=c1a7294a-f54d-457f-bc19-c99757a48892&userId=4ff4795aed6747ffa7e4cec8c01a8819&m=link
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
data
Size
2.3 kB (2338 bytes)
Hash
a4dcc5403848c4f588e564e2c28afab4
7628efde506e254900c016edbb3064bd73b21ee4
a2adfb287b8ededfbc16016f9620c1395b027f3cccc8e0bcf9cf161205995ddf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?rb=JJA2cEN7kQokSLhnwODQSgprWMQec1OsXx7S94aOEmwoHwKG6Z15sQgEVmyelKc4CoW5Azrnx-w_2MyqFXtosjVW7cFBhlJ27YeEtpzYIq_Rg0V8Ot9iyLU7NTfG_Kg97O0EazilufK8dVt4ywggc5lpCG6VRTHj7sik6t0j0YzL1iXirhYYGaIdJDEL1XSP7JZVCa51IvFSUlvxfqWW0TyYK0OznFD28lk7qGeqWDOKgxm0kvM3sA%3D%3D&request_ab2=96001&zoneid=5479001&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=c1a7294a-f54d-457f-bc19-c99757a48892&userId=4ff4795aed6747ffa7e4cec8c01a8819&m=link HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.aflam4youtv.com/
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Cookie: OAID=4ff4795aed6747ffa7e4cec8c01a8819; oaidts=1669364781
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: application/json
x-trace-id: efe91afd82dfd356ead5a7f68c5bab8b
access-control-allow-origin: https://www.aflam4youtv.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4ff4795aed6747ffa7e4cec8c01a8819; expires=Sat, 25 Nov 2023 08:26:22 GMT; path=/; secure; SameSite=None
oaidts=1669364782; expires=Sat, 25 Nov 2023 08:26:22 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 02 Dec 2022 08:26:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
5a6a1c1e18592debaddc73e0951f2648
68d90d9efa8f30dff411b914c3cafa812451e635
969560d2318b28070a7e130ce49a0867da590c7dc8bc833415a54691799c9c87

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2609
Cache-Control: max-age=169562
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:22 GMT
Etag: "63806557-116"
Expires: Sun, 27 Nov 2022 07:32:24 GMT
Last-Modified: Fri, 25 Nov 2022 06:48:55 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
bb0752e5c582d262c6fb2ccbbc4934b2
b284274f65c07ff39fb6c63027ba0d270cfee9a1
e4898311cb2f15694ca5ecae012ab44195e08c1a1f4380958799df7799818dff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 08:26:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 05:22:25 GMT
Expires: Wed, 30 Nov 2022 05:22:24 GMT
Etag: "b284274f65c07ff39fb6c63027ba0d270cfee9a1"
Cache-Control: max-age=420361,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f8ffc0da560b3d-OSL

onvictinitor.com/?rb=NyEWy_NDrfEbey5TzLhk-CzHkAIpjdQLf63lN_zYgTjFU6WCU6Vq9zymEnOabSkl7FzU5nzLRkLlnQ_am7VNJ6F0MIrgzWSyBmuE07xxazZYqrwx-XAEyiSu1o2wrGm8sqn5p0lcB96P8DPOq3N1rtdcr4VlCjeEzJb4gFa3IH1SlxymtafFdeX4P85vgXKjxG9y8PJrX6vartUTLJMQy_IDyl2O29YITKLOINys-Zc73wD9pz9Dmg%3D%3D&request_ab2=96001&zoneid=5548724&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=cee7ca84-b3fa-4073-ad28-8074a84ba677&userId=4ff4795aed6747ffa7e4cec8c01a8819&m=link

139.45.197.238

200 OK

2.2 kB

URL HTTP/2
onvictinitor.com/?rb=NyEWy_NDrfEbey5TzLhk-CzHkAIpjdQLf63lN_zYgTjFU6WCU6Vq9zymEnOabSkl7FzU5nzLRkLlnQ_am7VNJ6F0MIrgzWSyBmuE07xxazZYqrwx-XAEyiSu1o2wrGm8sqn5p0lcB96P8DPOq3N1rtdcr4VlCjeEzJb4gFa3IH1SlxymtafFdeX4P85vgXKjxG9y8PJrX6vartUTLJMQy_IDyl2O29YITKLOINys-Zc73wD9pz9Dmg%3D%3D&request_ab2=96001&zoneid=5548724&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=cee7ca84-b3fa-4073-ad28-8074a84ba677&userId=4ff4795aed6747ffa7e4cec8c01a8819&m=link
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
data
Size
2.2 kB (2192 bytes)
Hash
a260cb7eb9a2495e3ca69b01952d92f6
f0890168eb5ac64ad221992c3ddaecab7fe99a63
9cdd9e0217b3e8261fd48cf151cfefd6d33d06a0d0dc29eee2fbaf078d116641

HTTP Headers

GET /?rb=NyEWy_NDrfEbey5TzLhk-CzHkAIpjdQLf63lN_zYgTjFU6WCU6Vq9zymEnOabSkl7FzU5nzLRkLlnQ_am7VNJ6F0MIrgzWSyBmuE07xxazZYqrwx-XAEyiSu1o2wrGm8sqn5p0lcB96P8DPOq3N1rtdcr4VlCjeEzJb4gFa3IH1SlxymtafFdeX4P85vgXKjxG9y8PJrX6vartUTLJMQy_IDyl2O29YITKLOINys-Zc73wD9pz9Dmg%3D%3D&request_ab2=96001&zoneid=5548724&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=cee7ca84-b3fa-4073-ad28-8074a84ba677&userId=4ff4795aed6747ffa7e4cec8c01a8819&m=link HTTP/1.1
Host: onvictinitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.aflam4youtv.com/
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Cookie: OAID=427c8fac40de45dabdad1894158de0f7; oaidts=1669364781
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: application/json
x-trace-id: ccd501b7dc3eac0ca580aa3c71d6634e
access-control-allow-origin: https://www.aflam4youtv.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4ff4795aed6747ffa7e4cec8c01a8819; expires=Sat, 25 Nov 2023 08:26:22 GMT; path=/; secure; SameSite=None
oaidts=1669364782; expires=Sat, 25 Nov 2023 08:26:22 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 02 Dec 2022 08:26:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
5a6a1c1e18592debaddc73e0951f2648
68d90d9efa8f30dff411b914c3cafa812451e635
969560d2318b28070a7e130ce49a0867da590c7dc8bc833415a54691799c9c87

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2609
Cache-Control: max-age=169562
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:22 GMT
Etag: "63806557-116"
Expires: Sun, 27 Nov 2022 07:32:24 GMT
Last-Modified: Fri, 25 Nov 2022 06:48:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.195

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://utopianwilderness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 227761
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

youradexchange.com/script/suurl4.php?r=6361410&sub1=tagg1111&cbur=0.8787498986504444&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20%D9%85%D8%A7%D9%83%D8%B3%202%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20-%20beIN%20sports%20Max%202%20live%20en%20direct%20aflam4you&cbpage=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&aggr=0

35.190.41.116

200 OK

1.3 kB

URL HTTP/2
youradexchange.com/script/suurl4.php?r=6361410&sub1=tagg1111&cbur=0.8787498986504444&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20%D9%85%D8%A7%D9%83%D8%B3%202%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20-%20beIN%20sports%20Max%202%20live%20en%20direct%20aflam4you&cbpage=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&aggr=0
IP
35.190.41.116:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1270 bytes)
Hash
f71d8c1912de14fadeb29a035e98db09
12a7af48a43398cc5e9d43637691e90f8e709308
78472a5e302f87aaed409f2fafca82b233484a68e2a8bc71a6707b648565c412

HTTP Headers

GET /script/suurl4.php?r=6361410&sub1=tagg1111&cbur=0.8787498986504444&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20%D9%85%D8%A7%D9%83%D8%B3%202%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20-%20beIN%20sports%20Max%202%20live%20en%20direct%20aflam4you&cbpage=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.aflam4youtv.com/
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

utopianwilderness.com/embed/jenkaxvf1aijf

172.67.191.246

200 OK

9.7 kB

URL HTTP/2
utopianwilderness.com/embed/jenkaxvf1aijf
IP
172.67.191.246:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (21362)
Size
9.7 kB (9670 bytes)
Hash
1ea88efcff759fe74625049daf0cf6d7
7f0bdb6410edd57bc52b95ab330eb7fed21f63d0
43f698c31f0451b60b178efd472686337d683092a31029564c3eccfdb9244109

HTTP Headers

GET /embed/jenkaxvf1aijf HTTP/1.1
Host: utopianwilderness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: hf1=1; expires=Fri, 25-Nov-2022 08:26:21 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=None
hf2=1; expires=Fri, 25-Nov-2022 08:26:21 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=None
hf3=1; expires=Fri, 25-Nov-2022 20:26:21 GMT; Max-Age=43200; path=/; secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsSjwf90zKX7%2FDC0U2H5iH3TjZRX%2B9%2Fe7Qy%2BP6abg9BYFy2Bwt%2F7gg4hBkli5%2BpIorj5ZJUynDt%2FUhEiR1qkvnl3Y7DYlyKVlVft4LJCg2TmAUi45bG5tx8kESGP4iqB4YMjsVjvqYQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f8ffbddf110b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

onvictinitor.com/apu.php?zoneid=5548724

139.45.197.238

200 OK

54 kB

URL HTTP/2
onvictinitor.com/apu.php?zoneid=5548724
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
data
Size
54 kB (54094 bytes)
Hash
c6e0674e7bcd3391b3e473d42d6a0c15
edde43ba6496c0839378f10c2edebad1100accd9
3d39fb25358d4b11a76bbb0983746a51d7f4e8a51b0aaf9c2e1388dd9ff14b34

HTTP Headers

GET /apu.php?zoneid=5548724 HTTP/1.1
Host: onvictinitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 08:26:21 GMT
content-type: application/javascript
x-trace-id: 314f05ab3c57a8242eb889cf8f7b5f10
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=427c8fac40de45dabdad1894158de0f7; expires=Sat, 25 Nov 2023 08:26:21 GMT; path=/; secure; SameSite=None
oaidts=1669364781; expires=Sat, 25 Nov 2023 08:26:21 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cdnquality.com/script/ut.js?cb=1669364782003

104.17.72.30

200 OK

25 kB

URL HTTP/2
cdnquality.com/script/ut.js?cb=1669364782003
IP
104.17.72.30:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
25 kB (24883 bytes)
Hash
70712070c4b1ddbbfbecdaadb3bc0b87
6e8b5c8074e979eb93943ad713157e86dbb8eb81
2a18a99e6ebc31e2b287349d751a7333a1daf6ad2fc525cdbb082f6d320ebbf0

HTTP Headers

GET /script/ut.js?cb=1669364782003 HTTP/1.1
Host: cdnquality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduQc_-Q_yReIjFJgwVVT0zrYteLdYonr0bTqZ1yhOWtytGGRamRauYRrQSHeWt_hzZMc_u8V8APdTAv9p7CZxlNrfpK24t0
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 25 Nov 2022 12:26:22 GMT
cache-control: public, max-age=14400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
cf-cache-status: HIT
age: 1514
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc2d9e31c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 08:26:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 08:26:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 08:26:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6891 bytes)
Hash
92171fa8fbc051aefeb8ceb6072848de
377775b7c7b085efa6dd653d285ba3a52af6a549
537c4d5cc3ef2e60c3d0171ac31c1dba4ab2ff340108015787a9dd20dc76b7ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6891
x-amzn-requestid: 6da0ae90-c3cc-4e9c-9a0e-3c72b4eb7605
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7m2NGsvoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aeb5a-1ed2badf0e84d40e6a052f7a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daiU0caUPDqn0vVDY_eK8eaMxgIenjmw1vLyUOtVYOs-FmuSIgY3Nw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 11:37:02 GMT
age: 74961
etag: "377775b7c7b085efa6dd653d285ba3a52af6a549"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.4 kB (2351 bytes)
Hash
66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 48893
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6130 bytes)
Hash
ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 37855
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8089 bytes)
Hash
c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 37131
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3955 bytes)
Hash
4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 14603
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10356 bytes)
Hash
05a92b9f554600c920e8b772eb16ee75
7f29e0e2de89f7a88ff0bf2a720365032ef11cc1
4b51a70a0ee6fe0d723880ea70fee25c15bff671d8a484bbb2a3c9962303c735

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10356
x-amzn-requestid: 8450975f-bcb2-4b59-b0ef-42e43d1bb16a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM-cGKIIAMFo7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8ec2-7f95154e3177c6e30a925244;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NCCF79BaJkG2j75ihGL9jd3gEE4zajsC9vmEKMmk9u7-wm2s5u4mVQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:43:09 GMT
age: 13394
etag: "7f29e0e2de89f7a88ff0bf2a720365032ef11cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

youradexchange.com/ut/hb.php?cb=0.7939753560859947

35.190.41.116

204 No Content

0 B

URL HTTP/2
youradexchange.com/ut/hb.php?cb=0.7939753560859947
IP
35.190.41.116:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.7939753560859947 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1035
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: openresty
date: Fri, 25 Nov 2022 08:26:29 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnquality.com/script/bootstrap.js

104.17.72.30

200 OK

0 B

URL HTTP/2
cdnquality.com/script/bootstrap.js
IP
104.17.72.30:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /script/bootstrap.js HTTP/1.1
Host: cdnquality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdu-YCEHWKziZoEHc2Nk7jksnwwHaVYvlUPxuRRn_OzCvJj0xreH184PpVKFmczdj0mw5jIWPxzpO6r_QEVUxs-QnQ
x-goog-generation: 1669191375948071
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 25 Nov 2022 12:26:22 GMT
cache-control: public, max-age=14400
last-modified: Wed, 23 Nov 2022 08:16:16 GMT
etag: W/"58a3706369493493b3ca003a227b6fa6"
cf-cache-status: HIT
age: 1419
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc269831c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

utopianwilderness.com/css/embed.min.css?v=0.4

172.67.191.246

200 OK

0 B

URL HTTP/2
utopianwilderness.com/css/embed.min.css?v=0.4
IP
172.67.191.246:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/embed.min.css?v=0.4 HTTP/1.1
Host: utopianwilderness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/embed/jenkaxvf1aijf
Cookie: hf3=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: text/css
last-modified: Thu, 09 Jun 2022 09:49:16 GMT
etag: W/"62a1c21c-4f0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3427
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BkkqITOA0GsCQxQ7fcmldlnqRfIhiIo%2B33AfngU9gx%2FlaRCWOIx3XImLRipjhpGQsOjD6npZSUmAF3%2FMQLXLD98b%2BCckniG8Jxy0%2BqmDl%2BixVFoiDlnPtT2Tgq437F1rNNRw%2Fav7ns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffbff9830b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

youradexchange.com/script/suurl4.php?r=5954546&cbur=0.6033532623087137&cbiframe=1&cbWidth=360&cbHeight=250&cbtitle=&cbpage=https%3A%2F%2Fwww.aflam4youtv.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnquality.com&aggr=0

35.190.41.116

200 OK

0 B

URL HTTP/2
youradexchange.com/script/suurl4.php?r=5954546&cbur=0.6033532623087137&cbiframe=1&cbWidth=360&cbHeight=250&cbtitle=&cbpage=https%3A%2F%2Fwww.aflam4youtv.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnquality.com&aggr=0
IP
35.190.41.116:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /script/suurl4.php?r=5954546&cbur=0.6033532623087137&cbiframe=1&cbWidth=360&cbHeight=250&cbtitle=&cbpage=https%3A%2F%2Fwww.aflam4youtv.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnquality.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utopianwilderness.com/
Origin: https://utopianwilderness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

widgets.amung.us/draw/?w=colored&n=12700&c=000000ffffff&p=left

104.22.75.171

200 OK

0 B

URL HTTP/2
widgets.amung.us/draw/?w=colored&n=12700&c=000000ffffff&p=left
IP
104.22.75.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /draw/?w=colored&n=12700&c=000000ffffff&p=left HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utopianwilderness.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:23 GMT
content-type: image/png
content-disposition: filename=wau-widget.png
expires: Thu, 17 Nov 2022 17:12:01 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 746062
last-modified: Wed, 16 Nov 2022 17:12:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc60d760a1c-ARN
X-Firefox-Spdy: h2

awstats.cloud/js/plausible.js

172.67.168.34

200 OK

0 B

URL HTTP/2
awstats.cloud/js/plausible.js
IP
172.67.168.34:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/plausible.js HTTP/1.1
Host: awstats.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRbiCkwdpjvutdCOLFmQbWVlaYp4kPZLhRNphoP2gorcvzGGUjEJ7qIWxf64%2FKEwhhnvil7p1hANA6IdNbPQis38BBXDTEsRCCtHCBiwjOZDKZRIyJ4IvDMT7x2YRR8g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc09e37b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

swarm.video/nsns.js

104.21.17.85

200 OK

0 B

URL HTTP/2
swarm.video/nsns.js
IP
104.21.17.85:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nsns.js HTTP/1.1
Host: swarm.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=519718
etag: W/"7ee26-183e189fff7"
last-modified: Sun, 16 Oct 2022 16:04:21 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 150574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0rCajy0TOUrcKLI0hhXL1qW6l4esnhUwNiCGSi7CPHqrBzDlB3ifX21F10R3%2Beb0tw1wqLBUZC76sCokpT0mECczLpIom9M3MiIokz%2FazlTtU8bfmak5nstmE%2BXJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc0dbe7fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=

172.67.155.129

200 OK

0 B

URL HTTP/2
www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=
IP
172.67.155.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k= HTTP/1.1
Host: www.aflam4youtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:21 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfA2UZmMLC%2FNVB92oels1ARoaByINMw%2BCqr75F6Yr0yGSCaCgDCARyRLJn6%2FhbpWrsJ59grUqsSwjp9QW7o3JdNMf5ygf%2BTeLTWzezOhcalIUqQe3VkH8CgNcTnF40rxMneNUk02"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f8ffb91ae2b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

grunoaph.net/5/5479001/?oo=1&aab=1

139.45.197.238

200 OK

0 B

URL HTTP/2
grunoaph.net/5/5479001/?oo=1&aab=1
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5/5479001/?oo=1&aab=1 HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 08:26:21 GMT
content-type: application/json
x-trace-id: c99a4e52906bac31c4d7e71c394697b0
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www.aflam4youtv.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=4ff4795aed6747ffa7e4cec8c01a8819; expires=Sat, 25 Nov 2023 08:26:21 GMT; path=/; secure; SameSite=None
oaidts=1669364781; expires=Sat, 25 Nov 2023 08:26:21 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png

104.22.75.171

307 Temporary Redirect

0 B

URL HTTP/2
whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png
IP
104.22.75.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cwidget/h6qfsjssi5/000000ffffff.png HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/draw/?w=colored&n=12700&c=000000ffffff&p=left
cache-control: max-age=295
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f8ffc49b580a1c-ARN
X-Firefox-Spdy: h2

utopianwilderness.com/js/jquery.min.js

172.67.191.246

200 OK

0 B

URL HTTP/2
utopianwilderness.com/js/jquery.min.js
IP
172.67.191.246:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: utopianwilderness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/embed/jenkaxvf1aijf
Cookie: hf3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:26:22 GMT
content-type: application/javascript
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
etag: W/"5fa984ce-15283"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GNx1xchFETKBNB6jf959OU0UvpirzXU9sQF9byvO6dNoKa7ZZdGuzrKrPt8q7xCn4K%2FKAgFVITEhybn6rwr2E3cwES5z31oa0YEeH9NVkE4SlOiSpmevloSTPh%2BPo0no0MHfegJkO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffbff9890b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 08:26:22 GMT
date: Fri, 25 Nov 2022 08:26:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations