Overview

URLwww.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=
IP 104.21.89.12 ()
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 08:26:31 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (28)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
whos.amung.us (1) 12687 2017-01-30 05:21:57 UTC 2022-11-25 05:55:19 UTC 104.22.75.171
r3.o.lencr.org (9) 344 No data No data 23.36.77.32
ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ipp.littlecdn.com (1) 109716 2020-10-14 06:47:10 UTC 2022-11-24 14:45:05 UTC 172.67.10.98
onvictinitor.com (2) 0 2019-12-09 10:51:51 UTC 2022-11-24 16:32:06 UTC 139.45.197.238 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
www.aflam4youtv.com (2) 0 2022-10-19 20:32:12 UTC 2022-11-22 07:08:09 UTC 172.67.155.129 Unknown ranking
tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-11-24 10:18:57 UTC 172.67.194.45 Unknown ranking
my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-11-25 07:48:21 UTC 139.45.195.8
awstats.cloud (1) 0 2022-07-07 07:16:14 UTC 2022-11-24 09:59:54 UTC 172.67.168.34 Unknown ranking
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-25 05:53:13 UTC 142.250.74.10
asacdn.com (1) 184839 2020-08-19 03:20:07 UTC 2022-11-22 19:04:35 UTC 104.21.93.4
datatechonert.com (1) 46154 2021-12-24 16:44:17 UTC 2022-11-25 06:19:41 UTC 37.48.68.71
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
swarm.video (1) 126884 2017-10-22 19:55:23 UTC 2022-11-23 19:11:37 UTC 104.21.17.85
ocsp.sectigo.com (3) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.167.231.108
widgets.amung.us (1) 12623 2012-05-21 19:25:54 UTC 2022-11-25 07:21:18 UTC 104.22.75.171
cdnquality.com (2) 0 2017-11-13 07:28:25 UTC 2022-11-23 06:17:14 UTC 104.17.72.30 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-25 06:26:28 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
youradexchange.com (3) 273384 2013-02-04 16:25:46 UTC 2022-11-25 08:19:14 UTC 35.190.41.116
utopianwilderness.com (3) 0 2022-10-03 13:44:00 UTC 2022-11-24 19:58:37 UTC 172.67.191.246 Unknown ranking
e1.o.lencr.org (4) 6159 No data No data 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.85.229
grunoaph.net (3) 0 2022-08-31 19:18:02 UTC 2022-11-25 03:24:27 UTC 139.45.197.238 Unknown ranking
ocsp.pki.goog (2) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-25 2 grunoaph.net Sinkholed
2022-11-25 2 datatechonert.com Sinkholed
2022-11-25 2 grunoaph.net Sinkholed
2022-11-25 2 grunoaph.net Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 104.21.89.12
Date UQ / IDS / BL URL IP
2022-11-25 08:26:31 +0000 0 - 0 - 4 www.aflam4youtv.com/zremb472.php?vid=180&afla (...) 104.21.89.12
2022-09-25 23:42:09 +0000 0 - 0 - 2 roids.top/ 104.21.89.12


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-01-30 11:19:37 +0000 0 - 0 - 1 pastebin.com/raw/CUaQz08B 104.20.68.143
2023-01-30 11:17:41 +0000 0 - 0 - 4 anydesk24.com/AnyDesk.zip 104.21.34.130
2023-01-30 11:17:35 +0000 0 - 0 - 2 stdater.ru/distr/v4/54e637fe-31ef-49e2-968e-a (...) 188.114.97.1
2023-01-30 11:17:33 +0000 0 - 0 - 2 stdater.ru/distr/v4/564e6e57-8adc-482c-8572-b (...) 188.114.97.1
2023-01-30 11:17:15 +0000 0 - 0 - 1 pastebin.com/raw/5Ki9Fxv6 104.20.67.143


Last 1 reports on domain: aflam4youtv.com
Date UQ / IDS / BL URL IP
2022-11-25 08:26:31 +0000 0 - 0 - 4 www.aflam4youtv.com/zremb472.php?vid=180&afla (...) 104.21.89.12


No other reports with similar screenshot

JavaScript

Executed Scripts (25)

Executed Evals (2)
#1 JavaScript::Eval (size: 1674) - SHA256: c36eaaf2741f1a3535f5ce448022c2bd05cc69e8b1774e034247f07ea0600d7a
var player;
var hlsjsConfig = {
    liveSyncDuration: 60,
    maxBufferLength: 60,
    liveMaxLatencyDuration: Infinity,
};
var p2p = false;
var src = "https://6q73crmk54a2uk74.cdnexpress37.net:8443/hls/jenkaxvf1aijf.m3u8?s=V7HaaKW11sLP7norEhEy4g&e=1669386381";
if (typeof engine != "undefined" && typeof p2pml != "undefined") {
    if (p2pml.hlsjs.Engine.isSupported()) {
        p2p = true;
        hlsjsConfig["loader"] = engine.createLoaderClass()
    } else {
        src = "https://lnuyz6u92h5v68.cdnexpress63.net:8443/hls/jenkaxvf1aijf.m3u8?s=V7HaaKW11sLP7norEhEy4g&e=1669386381"
    }
}
$(document).ready(function() {
    player = new Clappr.Player({
        source: src,
        parentId: "#player",
        width: "100%",
        height: "100%",
        playback: {
            hlsjsConfig: hlsjsConfig,
        },
        autoPlay: false,
        mute: startMuted,
        stretching: "bestfit",
        watermark: "",
        position: "1",
        watermarkLink: "",
        events: {
            onError: function(e) {
                errorPlaying()
            },
            onPlay: function(e) {
                setTimeout(function() {
                    $(".stream-logo").fadeOut()
                }, 1000);
                if (!videoStarted) {
                    videoStarted = true;
                    setTimeout(function() {
                        var h = document.getElementsByTagName("head")[0],
                            s = document.createElement("script");
                        s.type = "text/javascript";
                        s.async = true;
                        s.src = "//repentancematernity.com/82/05/4d/82054d468d1245b12f8e814444d99462.js";
                        h.appendChild(s)
                    }, 20000);
                    if (startMuted) $("#btn-unmute").fadeIn()
                }
            },
            onPause: function(e) {
                $(".stream-logo").fadeIn()
            },
            onVolumeUpdate: function(e) {
                $("#btn-unmute").fadeOut()
            },
            onReady: function() {}
        }
    });
    if (p2p) {
        p2pml.hlsjs.initClapprPlayer(player)
    }
    setTimeout(function() {
        player.play()
    }, 1)
});

function WSreloadStream() {
    $(".stream-offline").css("display", "none");
    var newplayer = player.configure(player);
    newplayer = new Clappr.Player(newplayer.options);
    player.destroy();
    player = newplayer;
    player.mute();
    player.play();
    player.unmute()
}

function WSUnmute() {
    player.unmute()
}
#2 JavaScript::Eval (size: 4266) - SHA256: f11182325c995da2e244250a3c1f8cab6a114a8afef084dc0d40a6b1acdfdbf7
setTimeout(function() {
    $("body").append("<iframe width=\"1366\" height=\"768\" src=\"https://spathefesting.com/iAZoqS9qIg28n/28749\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://moekyepkd.com/redirect?tid=756113&file=Watch_Live\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=uFkWgZKDzl\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=sGwNIyGLG5\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=s5e83yzhMM\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=CMAs8uhhKm\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=fXHggLmTuE\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=WYbHISCtLV\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=MrwGr89ffS\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=N2JBJxP2ji\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=CX0BW0NjsB\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=HsP3nKe6J5\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=PReDvl944m\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=PReDvl944m\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=XgOPsot9Xe\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=GQg8mmsLEC\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=tDdYeo7o7\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe>")
}, 50000);

Executed Writes (0)


HTTP Transactions (65)


Request Response
                                        
                                            GET /zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k= HTTP/1.1 
Host: www.aflam4youtv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.155.129
HTTP/1.1 301 Moved Permanently
                                        
Date: Fri, 25 Nov 2022 08:26:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 09:26:20 GMT
Location: https://www.aflam4youtv.com/zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k=
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoV%2Fzj7kRCv4%2FROYK8uD5P6Oh8MrPuHeFZ1p3fYmcvnPYYlnjcukwXwSFlsKUFh6sHCRaXYIsxGJTvF2Q%2FfW0ofEGocQIGGVd2zwsGnCtSXRXEZlm4CZ%2BZOIbQYGOc2dcnByHQq%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f8ffb76b2ab51b-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15062
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 08:26:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5236
Cache-Control: max-age=99127
Date: Fri, 25 Nov 2022 08:26:20 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:58:27 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 08:17:26 GMT
cache-control: public,max-age=3600
age: 534
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "782DC51E09680218633352499F295C39C1ACB188B97AEAC961F4EE9AF52C2264"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18683
Expires: Fri, 25 Nov 2022 13:37:43 GMT
Date: Fri, 25 Nov 2022 08:26:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6594
Expires: Fri, 25 Nov 2022 10:16:14 GMT
Date: Fri, 25 Nov 2022 08:26:20 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: p21q2HuiQJ91deZHILTJCXufDsXvCSwJWPqAKxgMlct5VFkjmWHttytUbT/UGYHB42e38uL01k0=
x-amz-request-id: C0CNDB5PXESXBRYM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 07:40:43 GMT
age: 2737
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 08:26:21 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "782DC51E09680218633352499F295C39C1ACB188B97AEAC961F4EE9AF52C2264"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18682
Expires: Fri, 25 Nov 2022 13:37:43 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6174
Cache-Control: max-age=160516
Date: Fri, 25 Nov 2022 08:26:21 GMT
Etag: "63803413-116"
Expires: Sun, 27 Nov 2022 05:01:37 GMT
Last-Modified: Fri, 25 Nov 2022 03:18:43 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /npm/console-ban@4.1.0/dist/console-ban.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.1.0
x-jsd-version-type: version
etag: W/"94a-x2FYTFEbUDUMlcmV/trIW701Sjg"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 08:26:21 GMT
age: 3031347
x-served-by: cache-fra-eddf8230097-FRA, cache-bma1629-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1082
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2290)
Size:   1082
Md5:    40b3ef2768d7935061842ffe0fa61e82
Sha1:   e9c69254feb8f40811ebb97120b454056264fa3b
Sha256: 7c586b754e539026c170338190bb64f68f78bc533102d5a1d818e687f21b1fb1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6174
Cache-Control: max-age=160516
Date: Fri, 25 Nov 2022 08:26:21 GMT
Etag: "63803413-116"
Expires: Sun, 27 Nov 2022 05:01:37 GMT
Last-Modified: Fri, 25 Nov 2022 03:18:43 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /script/suv4.js HTTP/1.1 
Host: asacdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.93.4
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 08:26:21 GMT
x-guploader-uploadid: ADPycdu8Qzh3Y4lzdEeiymgEIRXf2O9sKx54L9-s4gG9efKxUTMQum6Hu9EEMaOLQDhakSKid2ZAtcjqM8googE7L7ZBhnf6E9dh
x-goog-generation: 1669191527960820
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 25 Nov 2022 08:23:58 GMT
cache-control: public, max-age=14400
age: 2022
last-modified: Wed, 23 Nov 2022 08:18:48 GMT
etag: W/"58a3706369493493b3ca003a227b6fa6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXPw2OEsE5s5FzTdKQoMuL3QVsLBXXIpb0oexQR0FWAEnRZSuulqwtC1dTVcJerRCvHR4xxgFGGl%2Fe4G9%2BGxxQ%2B9Ke7S%2BvVhuBcegUhnQD9ufZXetsfX4cX6x1S4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffbbbbc4b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Size:   35893
Md5:    8ea55b4bcade4933dcd1f509f6752847
Sha1:   11e7f7396db82dbebd0139f3d26179ec3dc25f24
Sha256: b6eb4e1da9739e7ec98db2f45a7f150d3798b9c7bb87a964a52c80734ec40241
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 08:11:11 GMT
cache-control: public,max-age=3600
age: 910
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ADCDAB11320C06EFBD49B3E3914B848A05263AEF2AEE795BE6948E5A8E0DDAB2"
Last-Modified: Thu, 24 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9963
Expires: Fri, 25 Nov 2022 11:12:24 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ADCDAB11320C06EFBD49B3E3914B848A05263AEF2AEE795BE6948E5A8E0DDAB2"
Last-Modified: Thu, 24 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9963
Expires: Fri, 25 Nov 2022 11:12:24 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "00B52DF308107AEBBC5E3C01F1DC2EF4FEDEDAFD7D5B6160010025F11862DDBA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15198
Expires: Fri, 25 Nov 2022 12:39:39 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1293
Cache-Control: max-age=90121
Date: Fri, 25 Nov 2022 08:26:21 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:28:22 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tag.min.js HTTP/1.1 
Host: grunoaph.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.238
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 08:26:21 GMT
content-length: 23258
content-encoding: br
x-trace-id: 71d795d690e783e015f490e374334cdc
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 10:06:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   23258
Md5:    09c6bc35f4808f91eef702f269b590ea
Sha1:   e684a310ca3a4f2fdfb24c5a99a34dd96d634ec5
Sha256: f50dd06f8c62afb27e75aab75507ff7517b9f896a2f8dc489d458f4e45a14e02

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6144
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 08:26:21 GMT
Last-Modified: Fri, 25 Nov 2022 06:43:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.194.45
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 08:26:21 GMT
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 665
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sik0kbirQ3X3LuRB%2FrO4nlrESWF%2FiWsgnPT4tFUUBphtTemwv5iWNuuBALBdSaFGsDhJnoydJjtwHZvoIztSTF%2BQsrr95a%2BINcK%2FUXzn3N89xn176SSnoxP8pnunKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffbe7f2ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12966), with no line terminators
Size:   5512
Md5:    8149cebd1fc553f016a0ee52dd4c677f
Sha1:   e091240fd66b5de1799c5b55f66dbf0d1077b1ac
Sha256: a59c9aa3b3046baec8c322632aac7c5ef95bc0439c5953ecdcbc57690e03c9df
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2834
Expires: Fri, 25 Nov 2022 09:13:35 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B108430399664D81CE9CDE75B2CD2FA96DF821B2639DF68926122B10AC2E6B7F"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4749
Expires: Fri, 25 Nov 2022 09:45:30 GMT
Date: Fri, 25 Nov 2022 08:26:21 GMT
Connection: keep-alive

                                        
                                            GET /gid.js?userId=4ff4795aed6747ffa7e4cec8c01a8819 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 08:26:21 GMT
content-length: 65
access-control-allow-origin: https://www.aflam4youtv.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4ff4795aed6747ffa7e4cec8c01a8819; expires=Sat, 25 Nov 2023 08:26:21 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    44cf5455b6f5f14a235c675f6ddab9e5
Sha1:   888921d595cd82235f5ae624bfbb41591a4d0b03
Sha256: 8177fd47ed0336534f4b09d8afd8cfce7c3258f9edeea9a186e4c7d3174d8fe8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 08:26:21 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 05:22:25 GMT
Expires: Wed, 30 Nov 2022 05:22:24 GMT
Etag: "b284274f65c07ff39fb6c63027ba0d270cfee9a1"
Cache-Control: max-age=420362,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f8ffbdff600b3d-OSL

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IpLdafyWOThqcy3MpBIspQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.167.231.108
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Kk11awfIFp2+2yRrHZdUTRteM9c=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1283
Cache-Control: max-age=151290
Date: Fri, 25 Nov 2022 08:26:22 GMT
Etag: "63802325-117"
Expires: Sun, 27 Nov 2022 02:27:52 GMT
Last-Modified: Fri, 25 Nov 2022 02:06:29 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 08:26:22 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 01:33:16 GMT
Expires: Tue, 29 Nov 2022 01:33:15 GMT
Etag: "78e21c7a408c8ef34065defa22dbcb926f562d9b"
Cache-Control: max-age=320212,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f8ffbf78e50b3d-OSL

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "00B52DF308107AEBBC5E3C01F1DC2EF4FEDEDAFD7D5B6160010025F11862DDBA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15197
Expires: Fri, 25 Nov 2022 12:39:39 GMT
Date: Fri, 25 Nov 2022 08:26:22 GMT
Connection: keep-alive

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: datatechonert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 954
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.48.68.71
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 08:26:22 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.aflam4youtv.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /web/static/ball.png HTTP/1.1 
Host: ipp.littlecdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.10.98
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 08:26:22 GMT
content-length: 9637
last-modified: Fri, 16 Apr 2021 13:05:23 GMT
etag: "903ff2b408f3246176c88a3936d5fd22"
expires: Sat, 26 Nov 2022 07:54:45 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 1897
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc05e17b4ff-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   9637
Md5:    903ff2b408f3246176c88a3936d5fd22
Sha1:   158954159a9ee7549b03bd5b93faa739dbbae7c3
Sha256: 7d82e30c72c434e3660014ff97d2cceea967d2014ce801844d784095133896cc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2266
Cache-Control: max-age=91447
Date: Fri, 25 Nov 2022 08:26:22 GMT
Etag: "637f358b-117"
Expires: Sat, 26 Nov 2022 09:50:29 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:43 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /?rb=JJA2cEN7kQokSLhnwODQSgprWMQec1OsXx7S94aOEmwoHwKG6Z15sQgEVmyelKc4CoW5Azrnx-w_2MyqFXtosjVW7cFBhlJ27YeEtpzYIq_Rg0V8Ot9iyLU7NTfG_Kg97O0EazilufK8dVt4ywggc5lpCG6VRTHj7sik6t0j0YzL1iXirhYYGaIdJDEL1XSP7JZVCa51IvFSUlvxfqWW0TyYK0OznFD28lk7qGeqWDOKgxm0kvM3sA%3D%3D&request_ab2=96001&zoneid=5479001&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=c1a7294a-f54d-457f-bc19-c99757a48892&userId=4ff4795aed6747ffa7e4cec8c01a8819&m=link HTTP/1.1 
Host: grunoaph.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.aflam4youtv.com/
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Cookie: OAID=4ff4795aed6747ffa7e4cec8c01a8819; oaidts=1669364781
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.238
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 08:26:22 GMT
x-trace-id: efe91afd82dfd356ead5a7f68c5bab8b
access-control-allow-origin: https://www.aflam4youtv.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4ff4795aed6747ffa7e4cec8c01a8819; expires=Sat, 25 Nov 2023 08:26:22 GMT; path=/; secure; SameSite=None oaidts=1669364782; expires=Sat, 25 Nov 2023 08:26:22 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Fri, 02 Dec 2022 08:26:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2338
Md5:    a4dcc5403848c4f588e564e2c28afab4
Sha1:   7628efde506e254900c016edbb3064bd73b21ee4
Sha256: a2adfb287b8ededfbc16016f9620c1395b027f3cccc8e0bcf9cf161205995ddf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2609
Cache-Control: max-age=169562
Date: Fri, 25 Nov 2022 08:26:22 GMT
Etag: "63806557-116"
Expires: Sun, 27 Nov 2022 07:32:24 GMT
Last-Modified: Fri, 25 Nov 2022 06:48:55 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 08:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 08:26:22 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 05:22:25 GMT
Expires: Wed, 30 Nov 2022 05:22:24 GMT
Etag: "b284274f65c07ff39fb6c63027ba0d270cfee9a1"
Cache-Control: max-age=420361,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f8ffc0da560b3d-OSL

                                        
                                            GET /?rb=NyEWy_NDrfEbey5TzLhk-CzHkAIpjdQLf63lN_zYgTjFU6WCU6Vq9zymEnOabSkl7FzU5nzLRkLlnQ_am7VNJ6F0MIrgzWSyBmuE07xxazZYqrwx-XAEyiSu1o2wrGm8sqn5p0lcB96P8DPOq3N1rtdcr4VlCjeEzJb4gFa3IH1SlxymtafFdeX4P85vgXKjxG9y8PJrX6vartUTLJMQy_IDyl2O29YITKLOINys-Zc73wD9pz9Dmg%3D%3D&request_ab2=96001&zoneid=5548724&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=cee7ca84-b3fa-4073-ad28-8074a84ba677&userId=4ff4795aed6747ffa7e4cec8c01a8819&m=link HTTP/1.1 
Host: onvictinitor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.aflam4youtv.com/
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Cookie: OAID=427c8fac40de45dabdad1894158de0f7; oaidts=1669364781
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.238
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 08:26:22 GMT
x-trace-id: ccd501b7dc3eac0ca580aa3c71d6634e
access-control-allow-origin: https://www.aflam4youtv.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4ff4795aed6747ffa7e4cec8c01a8819; expires=Sat, 25 Nov 2023 08:26:22 GMT; path=/; secure; SameSite=None oaidts=1669364782; expires=Sat, 25 Nov 2023 08:26:22 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Fri, 02 Dec 2022 08:26:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2192
Md5:    a260cb7eb9a2495e3ca69b01952d92f6
Sha1:   f0890168eb5ac64ad221992c3ddaecab7fe99a63
Sha256: 9cdd9e0217b3e8261fd48cf151cfefd6d33d06a0d0dc29eee2fbaf078d116641
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2609
Cache-Control: max-age=169562
Date: Fri, 25 Nov 2022 08:26:22 GMT
Etag: "63806557-116"
Expires: Sun, 27 Nov 2022 07:32:24 GMT
Last-Modified: Fri, 25 Nov 2022 06:48:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 08:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://utopianwilderness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 227761
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /script/suurl4.php?r=6361410&sub1=tagg1111&cbur=0.8787498986504444&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20%D9%85%D8%A7%D9%83%D8%B3%202%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20-%20beIN%20sports%20Max%202%20live%20en%20direct%20aflam4you&cbpage=https%3A%2F%2Fwww.aflam4youtv.com%2Fzremb472.php%3Fvid%3D180%26aflam_s%3D2%26aflam_w%3D360%26aflam_h%3D280%26aflam_k%3D&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&aggr=0 HTTP/1.1 
Host: youradexchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.aflam4youtv.com/
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.190.41.116
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: openresty
date: Fri, 25 Nov 2022 08:26:22 GMT
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1270
Md5:    f71d8c1912de14fadeb29a035e98db09
Sha1:   12a7af48a43398cc5e9d43637691e90f8e709308
Sha256: 78472a5e302f87aaed409f2fafca82b233484a68e2a8bc71a6707b648565c412
                                        
                                            GET /embed/jenkaxvf1aijf HTTP/1.1 
Host: utopianwilderness.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.67.191.246
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 25 Nov 2022 08:26:22 GMT
set-cookie: hf1=1; expires=Fri, 25-Nov-2022 08:26:21 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=None hf2=1; expires=Fri, 25-Nov-2022 08:26:21 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=None hf3=1; expires=Fri, 25-Nov-2022 20:26:21 GMT; Max-Age=43200; path=/; secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsSjwf90zKX7%2FDC0U2H5iH3TjZRX%2B9%2Fe7Qy%2BP6abg9BYFy2Bwt%2F7gg4hBkli5%2BpIorj5ZJUynDt%2FUhEiR1qkvnl3Y7DYlyKVlVft4LJCg2TmAUi45bG5tx8kESGP4iqB4YMjsVjvqYQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f8ffbddf110b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (21362)
Size:   9670
Md5:    1ea88efcff759fe74625049daf0cf6d7
Sha1:   7f0bdb6410edd57bc52b95ab330eb7fed21f63d0
Sha256: 43f698c31f0451b60b178efd472686337d683092a31029564c3eccfdb9244109
                                        
                                            GET /apu.php?zoneid=5548724 HTTP/1.1 
Host: onvictinitor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.238
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 08:26:21 GMT
x-trace-id: 314f05ab3c57a8242eb889cf8f7b5f10
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=427c8fac40de45dabdad1894158de0f7; expires=Sat, 25 Nov 2023 08:26:21 GMT; path=/; secure; SameSite=None oaidts=1669364781; expires=Sat, 25 Nov 2023 08:26:21 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   54094
Md5:    c6e0674e7bcd3391b3e473d42d6a0c15
Sha1:   edde43ba6496c0839378f10c2edebad1100accd9
Sha256: 3d39fb25358d4b11a76bbb0983746a51d7f4e8a51b0aaf9c2e1388dd9ff14b34
                                        
                                            GET /script/ut.js?cb=1669364782003 HTTP/1.1 
Host: cdnquality.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.17.72.30
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 08:26:22 GMT
x-guploader-uploadid: ADPycduQc_-Q_yReIjFJgwVVT0zrYteLdYonr0bTqZ1yhOWtytGGRamRauYRrQSHeWt_hzZMc_u8V8APdTAv9p7CZxlNrfpK24t0
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 25 Nov 2022 12:26:22 GMT
cache-control: public, max-age=14400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
cf-cache-status: HIT
age: 1514
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc2d9e31c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   24883
Md5:    70712070c4b1ddbbfbecdaadb3bc0b87
Sha1:   6e8b5c8074e979eb93943ad713157e86dbb8eb81
Sha256: 2a18a99e6ebc31e2b287349d751a7333a1daf6ad2fc525cdbb082f6d320ebbf0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 08:26:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 08:26:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Fri, 25 Nov 2022 09:27:32 GMT
Date: Fri, 25 Nov 2022 08:26:23 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6891
x-amzn-requestid: 6da0ae90-c3cc-4e9c-9a0e-3c72b4eb7605
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7m2NGsvoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aeb5a-1ed2badf0e84d40e6a052f7a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daiU0caUPDqn0vVDY_eK8eaMxgIenjmw1vLyUOtVYOs-FmuSIgY3Nw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 11:37:02 GMT
age: 74961
etag: "377775b7c7b085efa6dd653d285ba3a52af6a549"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6891
Md5:    92171fa8fbc051aefeb8ceb6072848de
Sha1:   377775b7c7b085efa6dd653d285ba3a52af6a549
Sha256: 537c4d5cc3ef2e60c3d0171ac31c1dba4ab2ff340108015787a9dd20dc76b7ed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 48893
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2351
Md5:    66d06d3cac1784e4ce6c8c89c300f10a
Sha1:   41ef94d198bbf98185eb332a3b6934c3c26c3afc
Sha256: 55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 37855
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6130
Md5:    ba7b9c131ab7e5998f25b069ba3860a0
Sha1:   0214fc0deecb1115766802f42cfd256e3c479490
Sha256: 717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 37131
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 14603
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10356
x-amzn-requestid: 8450975f-bcb2-4b59-b0ef-42e43d1bb16a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM-cGKIIAMFo7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8ec2-7f95154e3177c6e30a925244;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NCCF79BaJkG2j75ihGL9jd3gEE4zajsC9vmEKMmk9u7-wm2s5u4mVQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:43:09 GMT
age: 13394
etag: "7f29e0e2de89f7a88ff0bf2a720365032ef11cc1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10356
Md5:    05a92b9f554600c920e8b772eb16ee75
Sha1:   7f29e0e2de89f7a88ff0bf2a720365032ef11cc1
Sha256: 4b51a70a0ee6fe0d723880ea70fee25c15bff671d8a484bbb2a3c9962303c735
                                        
                                            POST /ut/hb.php?cb=0.7939753560859947 HTTP/1.1 
Host: youradexchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1035
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.190.41.116
HTTP/2 204 No Content
                                        
server: openresty
date: Fri, 25 Nov 2022 08:26:29 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /script/bootstrap.js HTTP/1.1 
Host: cdnquality.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.72.30
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 08:26:22 GMT
x-guploader-uploadid: ADPycdu-YCEHWKziZoEHc2Nk7jksnwwHaVYvlUPxuRRn_OzCvJj0xreH184PpVKFmczdj0mw5jIWPxzpO6r_QEVUxs-QnQ
x-goog-generation: 1669191375948071
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 25 Nov 2022 12:26:22 GMT
cache-control: public, max-age=14400
last-modified: Wed, 23 Nov 2022 08:16:16 GMT
etag: W/"58a3706369493493b3ca003a227b6fa6"
cf-cache-status: HIT
age: 1419
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc269831c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/embed.min.css?v=0.4 HTTP/1.1 
Host: utopianwilderness.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/embed/jenkaxvf1aijf
Cookie: hf3=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.191.246
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 25 Nov 2022 08:26:22 GMT
last-modified: Thu, 09 Jun 2022 09:49:16 GMT
etag: W/"62a1c21c-4f0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3427
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BkkqITOA0GsCQxQ7fcmldlnqRfIhiIo%2B33AfngU9gx%2FlaRCWOIx3XImLRipjhpGQsOjD6npZSUmAF3%2FMQLXLD98b%2BCckniG8Jxy0%2BqmDl%2BixVFoiDlnPtT2Tgq437F1rNNRw%2Fav7ns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffbff9830b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /script/suurl4.php?r=5954546&cbur=0.6033532623087137&cbiframe=1&cbWidth=360&cbHeight=250&cbtitle=&cbpage=https%3A%2F%2Fwww.aflam4youtv.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnquality.com&aggr=0 HTTP/1.1 
Host: youradexchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utopianwilderness.com/
Origin: https://utopianwilderness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.190.41.116
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: openresty
date: Fri, 25 Nov 2022 08:26:22 GMT
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /draw/?w=colored&n=12700&c=000000ffffff&p=left HTTP/1.1 
Host: widgets.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utopianwilderness.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.75.171
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 08:26:23 GMT
content-disposition: filename=wau-widget.png
expires: Thu, 17 Nov 2022 17:12:01 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 746062
last-modified: Wed, 16 Nov 2022 17:12:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc60d760a1c-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/plausible.js HTTP/1.1 
Host: awstats.cloud
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.168.34
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 08:26:22 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRbiCkwdpjvutdCOLFmQbWVlaYp4kPZLhRNphoP2gorcvzGGUjEJ7qIWxf64%2FKEwhhnvil7p1hANA6IdNbPQis38BBXDTEsRCCtHCBiwjOZDKZRIyJ4IvDMT7x2YRR8g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc09e37b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /nsns.js HTTP/1.1 
Host: swarm.video
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.17.85
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Fri, 25 Nov 2022 08:26:22 GMT
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=519718
etag: W/"7ee26-183e189fff7"
last-modified: Sun, 16 Oct 2022 16:04:21 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 150574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0rCajy0TOUrcKLI0hhXL1qW6l4esnhUwNiCGSi7CPHqrBzDlB3ifX21F10R3%2Beb0tw1wqLBUZC76sCokpT0mECczLpIom9M3MiIokz%2FazlTtU8bfmak5nstmE%2BXJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffc0dbe7fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /zremb472.php?vid=180&aflam_s=2&aflam_w=360&aflam_h=280&aflam_k= HTTP/1.1 
Host: www.aflam4youtv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         172.67.155.129
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 25 Nov 2022 08:26:21 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfA2UZmMLC%2FNVB92oels1ARoaByINMw%2BCqr75F6Yr0yGSCaCgDCARyRLJn6%2FhbpWrsJ59grUqsSwjp9QW7o3JdNMf5ygf%2BTeLTWzezOhcalIUqQe3VkH8CgNcTnF40rxMneNUk02"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f8ffb91ae2b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /5/5479001/?oo=1&aab=1 HTTP/1.1 
Host: grunoaph.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.aflam4youtv.com
Connection: keep-alive
Referer: https://www.aflam4youtv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.238
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 08:26:21 GMT
x-trace-id: c99a4e52906bac31c4d7e71c394697b0
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www.aflam4youtv.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=4ff4795aed6747ffa7e4cec8c01a8819; expires=Sat, 25 Nov 2023 08:26:21 GMT; path=/; secure; SameSite=None oaidts=1669364781; expires=Sat, 25 Nov 2023 08:26:21 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cwidget/h6qfsjssi5/000000ffffff.png HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.75.171
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=UTF-8
                                        
date: Fri, 25 Nov 2022 08:26:22 GMT
location: https://widgets.amung.us/draw/?w=colored&n=12700&c=000000ffffff&p=left
cache-control: max-age=295
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f8ffc49b580a1c-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/jquery.min.js HTTP/1.1 
Host: utopianwilderness.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/embed/jenkaxvf1aijf
Cookie: hf3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.191.246
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 08:26:22 GMT
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
etag: W/"5fa984ce-15283"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GNx1xchFETKBNB6jf959OU0UvpirzXU9sQF9byvO6dNoKa7ZZdGuzrKrPt8q7xCn4K%2FKAgFVITEhybn6rwr2E3cwES5z31oa0YEeH9NVkE4SlOiSpmevloSTPh%2BPo0no0MHfegJkO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8ffbff9890b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Lato:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://utopianwilderness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 08:26:22 GMT
date: Fri, 25 Nov 2022 08:26:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---