| streamtape.to/e/0lY7kGAJYwhDpy |  172.67.188.136 | 302 Found | 0 B |
URL HTTP/1.1streamtape.to/e/0lY7kGAJYwhDpy IP172.67.188.136:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/0lY7kGAJYwhDpy HTTP/1.1
Host: streamtape.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 05 Oct 2022 23:49:39 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache
Location: https://streamtape.to/e/0lY7kGAJYwhDpy
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5rAE0txx4yRZD0e7fMee%2FgaX7cRMLh4vnInEDXeKjjOdQzUH59aL%2BG2jHnzBpYEX1SPhSPlmCpoIjDI6jy9MLzMJXrtgCX4BxEWdPo6QYjDCa9suVsS6UnZ4vvjNxJy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a0e17eebfb51d-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/ | 54.230.111.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP54.230.111.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dlunwybyF9TR42Gxu2xZgoP8bzMhP4M3ebDZk7Yx1ColyJ2HZwu_ug==
Age: 28941
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasheabb7d9ffae717f7305d63c057755470 3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8748
Expires: Thu, 06 Oct 2022 02:15:27 GMT
Date: Wed, 05 Oct 2022 23:49:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha1073a68ed38c8e3575e889224db944c ee2a7a3e2da77a8540131f9ffaa0a20d4dd486bd a9fb1f7ade7c8a79d2ee83e9b7215e66dc89ac733b11079297a8f4b9aceae1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9586
Expires: Thu, 06 Oct 2022 02:29:25 GMT
Date: Wed, 05 Oct 2022 23:49:39 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: x3PB1XTkEepIcaLjoyuYU7Y/h6SJ50ADT5kyleKK+Xljt+SDDJur4f5XmHCJIYtD+McAODadFic=
x-amz-request-id: J3TQYZCF6Y27ZHYH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 05 Oct 2022 22:58:29 GMT
age: 3070
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashc8e4abf3345abfa85b553b290ca8d773 584f42804746a84623179d276e5413cba7cc35bd c6239d1d1ed18922972a96c249b08e2d48f4a5742305fff365c756c2fb089e25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1679
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:49:39 GMT
Last-Modified: Wed, 05 Oct 2022 23:21:40 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 280
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashc8e4abf3345abfa85b553b290ca8d773 584f42804746a84623179d276e5413cba7cc35bd c6239d1d1ed18922972a96c249b08e2d48f4a5742305fff365c756c2fb089e25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1679
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:49:39 GMT
Last-Modified: Wed, 05 Oct 2022 23:21:40 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash40a4de06678d96242b71d5318f2fd4ef 546a7d1d92df81916f14155943427b5453ae3924 aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:49:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs | 142.250.74.164 | 200 OK | 586 B |
URL HTTP/2www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs IP142.250.74.164:0
File typeASCII text, with very long lines (884), with no line terminators Hash950345085316fe3b2e93e4da57318192 e11232abd7fb2b842377e26762ed98259115e3c7 a4a9f675b96534c4e9db2da85154e68ee8edc7ca8ee8fcfce1b375c93456e178
GET /recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 05 Oct 2022 23:49:39 GMT
date: Wed, 05 Oct 2022 23:49:39 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 54.230.111.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP54.230.111.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 05 Oct 2022 23:29:33 GMT
Expires: Wed, 05 Oct 2022 23:55:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Sd-yOH_agn-_Ov2pn0CpjNlQ314ONdtG5Om1oUlidjYGWp4x5PyvxA==
Age: 1206
|
|
| thumb.tapecontent.net/thumb/0lY7kGAJYwhDpy/QkZdeKKX9Du0ODa.jpg |  104.21.235.148 | 200 OK | 278 kB |
URL HTTP/2thumb.tapecontent.net/thumb/0lY7kGAJYwhDpy/QkZdeKKX9Du0ODa.jpg IP104.21.235.148:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data Size278 kB (278366 bytes) Hasha8158c575a10dd14450b46e578af619d 39dea22bf8a4a70db8b671bc843525eece30ac95 dbe1a058fb3dc93836ddbca5daf945233d88abde51fc2fcc19be815e5d2b954e
GET /thumb/0lY7kGAJYwhDpy/QkZdeKKX9Du0ODa.jpg HTTP/1.1
Host: thumb.tapecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:49:39 GMT
content-type: image/jpeg
content-length: 278366
last-modified: Sun, 25 Sep 2022 23:45:28 GMT
etag: e1521ee571d4
access-control-allow-origin: *
allow: OPTIONS, GET, HEAD, POST
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
content-disposition: inline; filename="QkZdeKKX9Du0ODa.jpg"
cache-control: public, max-age=259200
expires: Fri, 07 Oct 2022 17:20:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33wrsOFbQkTBz6BYsQXGtDef3y4iND4IyXIi9qGbk6K1ZekRsxKWaVTIZIj3g9ddHpVDMxbMD%2F%2BBcK%2FblVYihB5T4G9lSESP%2F0NJeUMdf82MZSt3z%2B4KRA3qiBsBcRhUyUHxOI6PYgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755a0e1c8b7872f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashf9371f81e2eeeead7fe351a49f3b1c40 ae23d6c6c57dd7cf568c3a74594c377b7bb7df43 03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:49:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash1561c6be7c89d1357a80d12de47b6e74 9a705277922ecca583c867af58b3efce099f83bd e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4825
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:49:40 GMT
Last-Modified: Wed, 05 Oct 2022 22:29:16 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashff5f22aafa6751c60631736c305a4c7c 278b89e5c1a978e070be4b66bb780862894b8504 b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:49:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| hppvkbfcuq.com/get/1940642?zoneid=1940642&jp=_cl4qftjn029j00nc6lqtmj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7427467737628192 |  62.122.171.6 | 200 OK | 7.8 kB |
URL HTTP/2hppvkbfcuq.com/get/1940642?zoneid=1940642&jp=_cl4qftjn029j00nc6lqtmj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7427467737628192 IP62.122.171.6:0
Hashe262b274421fca78f89884dfb6d4e5a6 6bfcff00f4afcca633d051ad1294c591854591cc abf24ffa915c85346f25e8595cd87c75149d642adabfd0235e696fe8b35408f4
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /get/1940642?zoneid=1940642&jp=_cl4qftjn029j00nc6lqtmj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7427467737628192 HTTP/1.1
Host: hppvkbfcuq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:40 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2210051849ecce1ccb4acc4ad786fc7e93f7; Path=/; Expires=Thu, 05 Oct 2023 23:49:40 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js | 142.250.74.163 | 200 OK | 159 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js IP142.250.74.163:0
File typeASCII text, with very long lines (711) Size159 kB (158844 bytes) Hashb4ed95d4318e3b78b936c9c0f1ffa96e b53c9376b1459afb07fb4b5c2e8d8dad776d3a02 3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.to
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:02:07 GMT
expires: Thu, 05 Oct 2023 21:02:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 10053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashff5f22aafa6751c60631736c305a4c7c 278b89e5c1a978e070be4b66bb780862894b8504 b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:49:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mc.yandex.ru/metrika/tag.js |  93.158.134.119 | 200 OK | 72 kB |
URL HTTP/2mc.yandex.ru/metrika/tag.js IP93.158.134.119:0
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (593) Hash7a68c8644032413981e4ba5bc0d66c4a 2d46ca8055e8577ae7138140e34a6e633434973c e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Wed, 05 Oct 2022 23:49:40 GMT
access-control-allow-origin: *
etag: "633be002-11a95"
expires: Thu, 06 Oct 2022 00:49:40 GMT
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/087/982/9a0/0879829a09c40b64dbdc0f242a35b72ffac08aa6.png | 104.22.58.221 | 200 OK | 48 kB |
URL HTTP/2cdn.pncloudfl.com/pn/087/982/9a0/0879829a09c40b64dbdc0f242a35b72ffac08aa6.png IP104.22.58.221:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash42bb8b4570405a983f11eff4dcd64805 56c53e3cd3ce629d4abc85fdc51eb0f24707490b 0acafaf87c21729534ca344a86bf598dc835166b211241b8f221d28fa90f0851
GET /pn/087/982/9a0/0879829a09c40b64dbdc0f242a35b72ffac08aa6.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:49:40 GMT
content-type: image/webp
content-length: 47686
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=78045
content-disposition: inline; filename="0879829a09c40b64dbdc0f242a35b72ffac08aa6.webp"
etag: 0713b5bb31c6e4567cfad608b49c7b62
expires: Fri, 07 Oct 2022 19:01:09 GMT
last-modified: Sat, 25 Jun 2022 11:34:30 GMT
vary: Accept
x-openstack-request-id: tx91ee5175127347938240f-0062b6fb07
x-proxy-cache: HIT
x-timestamp: 1656156869.15703
x-trans-id: tx91ee5175127347938240f-0062b6fb07
cf-cache-status: HIT
age: 17311
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 755a0e1edfefb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/597/84e/2a6/59784e2a61ac3aa5638fa67202b8a4f6230736b3.jpg | 104.22.58.221 | 200 OK | 42 kB |
URL HTTP/2cdn.pncloudfl.com/pn/597/84e/2a6/59784e2a61ac3aa5638fa67202b8a4f6230736b3.jpg IP104.22.58.221:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashb2ac395fa2c95bbd2ac7f937211be4e7 99504a9db48306c2aa86d2d29bfda5332b6255e4 88ea6bdf10b50b53cc79a4686a58fa6e3c4e960d996e657b0caecced92a6cd37
GET /pn/597/84e/2a6/59784e2a61ac3aa5638fa67202b8a4f6230736b3.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:49:40 GMT
content-type: image/webp
content-length: 41918
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=75213
content-disposition: inline; filename="59784e2a61ac3aa5638fa67202b8a4f6230736b3.webp"
etag: de579877c115109ec9ca833aab057d1a
expires: Fri, 07 Oct 2022 20:38:35 GMT
last-modified: Sun, 19 Jun 2022 15:39:25 GMT
vary: Accept
x-openstack-request-id: tx107f7e6e2a7f43d895cc2-0062af4764
x-proxy-cache: HIT
x-timestamp: 1655653164.18243
x-trans-id: tx107f7e6e2a7f43d895cc2-0062af4764
cf-cache-status: HIT
age: 11465
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 755a0e1edff2b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/d1d/5b1/0e9/d1d5b10e96667ea474ba01aad28a028b482d9728.jpg | 104.22.58.221 | 200 OK | 46 kB |
URL HTTP/2cdn.pncloudfl.com/pn/d1d/5b1/0e9/d1d5b10e96667ea474ba01aad28a028b482d9728.jpg IP104.22.58.221:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashcb401e4c33d49fa9d4188923cf08d544 57b14ff029de6b8666b8c664d162ee0fdc4b7a6f 983e3b4fda9e9f8e8b0d946d445b0ab6012da61dc792e3e0c290d3797d45c1b6
GET /pn/d1d/5b1/0e9/d1d5b10e96667ea474ba01aad28a028b482d9728.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:49:40 GMT
content-type: image/webp
content-length: 46146
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=86488
content-disposition: inline; filename="d1d5b10e96667ea474ba01aad28a028b482d9728.webp"
etag: c01da817c5a876888f54f0a7e75d5206
expires: Fri, 07 Oct 2022 18:58:28 GMT
last-modified: Sat, 25 Jun 2022 06:05:59 GMT
vary: Accept
x-openstack-request-id: tx0d886941daf84458a6cc7-0062b6a5e4
x-proxy-cache: HIT
x-timestamp: 1656137158.01526
x-trans-id: tx0d886941daf84458a6cc7-0062b6a5e4
cf-cache-status: HIT
age: 17472
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 755a0e1eeff8b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/be2/4f4/e0c/be24f4e0cc57a6bd44c315d808592a3ac45a7d74.jpg | 104.22.58.221 | 200 OK | 35 kB |
URL HTTP/2cdn.pncloudfl.com/pn/be2/4f4/e0c/be24f4e0cc57a6bd44c315d808592a3ac45a7d74.jpg IP104.22.58.221:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash44b034dc0c54104c9605315dd8e04d0e 018a773154ce0d5250ba70522db8568f40ae14ed bb0c5ebb30e8bcd06807050e97649125fab1af37e62756f7218d20d163d196de
GET /pn/be2/4f4/e0c/be24f4e0cc57a6bd44c315d808592a3ac45a7d74.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:49:40 GMT
content-type: image/webp
content-length: 35140
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=73149
content-disposition: inline; filename="be24f4e0cc57a6bd44c315d808592a3ac45a7d74.webp"
etag: 7aa3d66e0eb3e5ae46780f37d76c0d3b
expires: Fri, 07 Oct 2022 18:48:29 GMT
last-modified: Sat, 27 Aug 2022 15:19:36 GMT
vary: Accept
x-openstack-request-id: txf17ea8af647c475db8cf7-00630a369f
x-proxy-cache: HIT
x-timestamp: 1661613575.75142
x-trans-id: txf17ea8af647c475db8cf7-00630a369f
cf-cache-status: HIT
age: 18071
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 755a0e1f1819b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.162.217.251 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.162.217.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yLvzMS9fYabO3ghv1XGOxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: M3Nnul6uTmBcVoZUpLVaKHl004A=
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash7e5272e48f101bbd6e6761bc2cf93af1 94a5bf3ab80ebb0c7803855098f257bd6d83c771 96eff1bebdfbca239ac918290229f0f93b72aa3d6b8ac03dd63500a384206896
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 23:49:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 23:22:15 GMT
Expires: Sun, 09 Oct 2022 23:22:14 GMT
Etag: "94a5bf3ab80ebb0c7803855098f257bd6d83c771"
Cache-Control: max-age=343353,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755a0e1f8ef51c0e-OSL
|
|
| lame7bsqu8barters.com/solid.gif?z=1876944&abvar=0 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2lame7bsqu8barters.com/solid.gif?z=1876944&abvar=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
POST /solid.gif?z=1876944&abvar=0 HTTP/1.1
Host: lame7bsqu8barters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.to
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:40 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fe%2F0lY7kGAJYwhDpy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A756504768394%3Ahid%3A857115359%3Az%3A0%3Ai%3A20221005234940%3Aet%3A1665013780%3Ac%3A1%3Arn%3A427504971%3Arqn%3A1%3Au%3A1665013780370981947%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C73%2C146%2C17%2C386%2C0%2C%2C351%2C2%2C%2C%2C%2C996%3Ans%3A1665013779082%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665013780%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 | 93.158.134.119 | 200 OK | 419 B |
URL HTTP/2mc.yandex.ru/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fe%2F0lY7kGAJYwhDpy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A756504768394%3Ahid%3A857115359%3Az%3A0%3Ai%3A20221005234940%3Aet%3A1665013780%3Ac%3A1%3Arn%3A427504971%3Arqn%3A1%3Au%3A1665013780370981947%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C73%2C146%2C17%2C386%2C0%2C%2C351%2C2%2C%2C%2C%2C996%3Ans%3A1665013779082%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665013780%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 IP93.158.134.119:0
File typeJSON data\012- , ASCII text, with very long lines (419), with no line terminators Hash60d051e9c2a9ad7cd2f7cb359a5b360b 01f08c457657cc1332776443fda43ec7f4e9543a 278f5a2ab03e2aff622c33b2cb1cc3e6d843f1a26278dcad047b554f63d5e393
GET /watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fe%2F0lY7kGAJYwhDpy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A756504768394%3Ahid%3A857115359%3Az%3A0%3Ai%3A20221005234940%3Aet%3A1665013780%3Ac%3A1%3Arn%3A427504971%3Arqn%3A1%3Au%3A1665013780370981947%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C73%2C146%2C17%2C386%2C0%2C%2C351%2C2%2C%2C%2C%2C996%3Ans%3A1665013779082%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665013780%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.to
Referer: https://streamtape.to/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Wed, 05 Oct 2022 23:49:40 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://streamtape.to
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 05-Oct-2022 23:49:40 GMT
last-modified: Wed, 05-Oct-2022 23:49:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/metrika/advert.gif | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/metrika/advert.gif IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 05 Oct 2022 23:49:40 GMT
access-control-allow-origin: *
etag: "633be002-2b"
expires: Thu, 06 Oct 2022 00:49:40 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| lame7bsqu8barters.com/aas/r45d/vki/1876944/105dadc5.js | 62.122.171.6 | 200 OK | 27 kB |
URL HTTP/2lame7bsqu8barters.com/aas/r45d/vki/1876944/105dadc5.js IP62.122.171.6:0
Hash22320188b1bd3cf4e1b0abab906e3cc3 84100e77da726fcc0e33c2c73b22ccee30558a06 9c9370b2caf6f0ca0d4332bfa8734a5b8758183b99ad1062095121d6182e81ff
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /aas/r45d/vki/1876944/105dadc5.js HTTP/1.1
Host: lame7bsqu8barters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:40 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 14:13:52 GMT
vary: Accept-Encoding
etag: W/"633d9120-10b22"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.195 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 386262
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 00:48:31 GMT
expires: Sat, 30 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 514869
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183 | 174.137.133.18 | 200 OK | 3.4 kB |
URL HTTP/1.1xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183 IP174.137.133.18:0 ASN#27257 WEBAIR-INTERNET
Hashaa80421698a977e45b263bf02155c65f 484a38dcd9c8d82a7db7c24021087a148575cc37 8cd2609711e0e6f43e10002a3e1f9291dba4ada916002114b65850b1bd2238c8
GET /redirect?feed=457655&auth=BcObps&pubid=155183 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Oct 2022 23:49:40 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache
|
|
| limurol.com/ssp/req/1876944/?pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=zMnxnHo0EZFjD7KYMUGPd6b3jHjfPZy0Ahiw5-Asb1BGdnjvmWUKl_gcHxaWgSEckKCj4C9hw3WxYdIGgqkc4JbLUny1JHmt2c9XNTvJIQqn9g5ag3xsgfOeQ7piMpypwQtbp2kP9Zw9zGPgwZm0s5FRi3onE2mOF23zrB-T2qq9edlTu7wUfi4A86cHIKuI9tM8NbHtLcah_-ABLeWCWPyeX6OX1p31zKa4NyXGjZHj0ZDBceS29yty5pmrAGTQ4Q_4xRPuvbzJUp5N3hrOeJ07F-aDccyWxopL_vI240jJ9QjdvfOZba35Iyb6Okc3dFyHM9iVfnglrQ1Ps93ZFtSnjYFcZEmIqNJdwxCrJSeVU0oL-JuGBtw2GtSVk1BGwIIfb5DYOyP0__1TZlaNqZy7_97wewGuqkRIITh5A9eMHf213VLDmPI9nzp3E3YAqBTozunibpLDkh8yHSTKKhQl&cb=_claakpn0gp1c4bdt9qv5xw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 | 62.122.171.6 | 200 OK | 7 B |
URL HTTP/2limurol.com/ssp/req/1876944/?pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=zMnxnHo0EZFjD7KYMUGPd6b3jHjfPZy0Ahiw5-Asb1BGdnjvmWUKl_gcHxaWgSEckKCj4C9hw3WxYdIGgqkc4JbLUny1JHmt2c9XNTvJIQqn9g5ag3xsgfOeQ7piMpypwQtbp2kP9Zw9zGPgwZm0s5FRi3onE2mOF23zrB-T2qq9edlTu7wUfi4A86cHIKuI9tM8NbHtLcah_-ABLeWCWPyeX6OX1p31zKa4NyXGjZHj0ZDBceS29yty5pmrAGTQ4Q_4xRPuvbzJUp5N3hrOeJ07F-aDccyWxopL_vI240jJ9QjdvfOZba35Iyb6Okc3dFyHM9iVfnglrQ1Ps93ZFtSnjYFcZEmIqNJdwxCrJSeVU0oL-JuGBtw2GtSVk1BGwIIfb5DYOyP0__1TZlaNqZy7_97wewGuqkRIITh5A9eMHf213VLDmPI9nzp3E3YAqBTozunibpLDkh8yHSTKKhQl&cb=_claakpn0gp1c4bdt9qv5xw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP62.122.171.6:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ssp/req/1876944/?pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=zMnxnHo0EZFjD7KYMUGPd6b3jHjfPZy0Ahiw5-Asb1BGdnjvmWUKl_gcHxaWgSEckKCj4C9hw3WxYdIGgqkc4JbLUny1JHmt2c9XNTvJIQqn9g5ag3xsgfOeQ7piMpypwQtbp2kP9Zw9zGPgwZm0s5FRi3onE2mOF23zrB-T2qq9edlTu7wUfi4A86cHIKuI9tM8NbHtLcah_-ABLeWCWPyeX6OX1p31zKa4NyXGjZHj0ZDBceS29yty5pmrAGTQ4Q_4xRPuvbzJUp5N3hrOeJ07F-aDccyWxopL_vI240jJ9QjdvfOZba35Iyb6Okc3dFyHM9iVfnglrQ1Ps93ZFtSnjYFcZEmIqNJdwxCrJSeVU0oL-JuGBtw2GtSVk1BGwIIfb5DYOyP0__1TZlaNqZy7_97wewGuqkRIITh5A9eMHf213VLDmPI9nzp3E3YAqBTozunibpLDkh8yHSTKKhQl&cb=_claakpn0gp1c4bdt9qv5xw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:40 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=221005184951767fc94cb74a1e96ae539c37; Path=/; Expires=Thu, 05 Oct 2023 23:49:40 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| limurol.com/ssp/req/1876944/?pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=zMnxnHo0EZFjD7KYMUGPd6b3jHjfPZy0Ahiw5-Asb1BGdnjvmWUKl_gcHxaWgSEckKCj4C9hw3WxYdIGgqkc4JbLUny1JHmt2c9XNTvJIQqn9g5ag3xsgfOeQ7piMpypwQtbp2kP9Zw9zGPgwZm0s5FRi3onE2mOF23zrB-T2qq9edlTu7wUfi4A86cHIKuI9tM8NbHtLcah_-ABLeWCWPyeX6OX1p31zKa4NyXGjZHj0ZDBceS29yty5pmrAGTQ4Q_4xRPuvbzJUp5N3hrOeJ07F-aDccyWxopL_vI240jJ9QjdvfOZba35Iyb6Okc3dFyHM9iVfnglrQ1Ps93ZFtSnjYFcZEmIqNJdwxCrJSeVU0oL-JuGBtw2GtSVk1BGwIIfb5DYOyP0__1TZlaNqZy7_97wewGuqkRIITh5A9eMHf213VLDmPI9nzp3E3YAqBTozunibpLDkh8yHSTKKhQl&cb=_claakpn0gp1c4bdt9qv5xw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 | 62.122.171.6 | 200 OK | 7 B |
URL HTTP/2limurol.com/ssp/req/1876944/?pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=zMnxnHo0EZFjD7KYMUGPd6b3jHjfPZy0Ahiw5-Asb1BGdnjvmWUKl_gcHxaWgSEckKCj4C9hw3WxYdIGgqkc4JbLUny1JHmt2c9XNTvJIQqn9g5ag3xsgfOeQ7piMpypwQtbp2kP9Zw9zGPgwZm0s5FRi3onE2mOF23zrB-T2qq9edlTu7wUfi4A86cHIKuI9tM8NbHtLcah_-ABLeWCWPyeX6OX1p31zKa4NyXGjZHj0ZDBceS29yty5pmrAGTQ4Q_4xRPuvbzJUp5N3hrOeJ07F-aDccyWxopL_vI240jJ9QjdvfOZba35Iyb6Okc3dFyHM9iVfnglrQ1Ps93ZFtSnjYFcZEmIqNJdwxCrJSeVU0oL-JuGBtw2GtSVk1BGwIIfb5DYOyP0__1TZlaNqZy7_97wewGuqkRIITh5A9eMHf213VLDmPI9nzp3E3YAqBTozunibpLDkh8yHSTKKhQl&cb=_claakpn0gp1c4bdt9qv5xw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP62.122.171.6:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ssp/req/1876944/?pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=zMnxnHo0EZFjD7KYMUGPd6b3jHjfPZy0Ahiw5-Asb1BGdnjvmWUKl_gcHxaWgSEckKCj4C9hw3WxYdIGgqkc4JbLUny1JHmt2c9XNTvJIQqn9g5ag3xsgfOeQ7piMpypwQtbp2kP9Zw9zGPgwZm0s5FRi3onE2mOF23zrB-T2qq9edlTu7wUfi4A86cHIKuI9tM8NbHtLcah_-ABLeWCWPyeX6OX1p31zKa4NyXGjZHj0ZDBceS29yty5pmrAGTQ4Q_4xRPuvbzJUp5N3hrOeJ07F-aDccyWxopL_vI240jJ9QjdvfOZba35Iyb6Okc3dFyHM9iVfnglrQ1Ps93ZFtSnjYFcZEmIqNJdwxCrJSeVU0oL-JuGBtw2GtSVk1BGwIIfb5DYOyP0__1TZlaNqZy7_97wewGuqkRIITh5A9eMHf213VLDmPI9nzp3E3YAqBTozunibpLDkh8yHSTKKhQl&cb=_claakpn0gp1c4bdt9qv5xw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:41 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2210051849da12200ba7d846fa92e8585095; Path=/; Expires=Thu, 05 Oct 2023 23:49:40 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| limurol.com/ssp/req/1876944/?pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=zMnxnHo0EZFjD7KYMUGPd6b3jHjfPZy0Ahiw5-Asb1BGdnjvmWUKl_gcHxaWgSEckKCj4C9hw3WxYdIGgqkc4JbLUny1JHmt2c9XNTvJIQqn9g5ag3xsgfOeQ7piMpypwQtbp2kP9Zw9zGPgwZm0s5FRi3onE2mOF23zrB-T2qq9edlTu7wUfi4A86cHIKuI9tM8NbHtLcah_-ABLeWCWPyeX6OX1p31zKa4NyXGjZHj0ZDBceS29yty5pmrAGTQ4Q_4xRPuvbzJUp5N3hrOeJ07F-aDccyWxopL_vI240jJ9QjdvfOZba35Iyb6Okc3dFyHM9iVfnglrQ1Ps93ZFtSnjYFcZEmIqNJdwxCrJSeVU0oL-JuGBtw2GtSVk1BGwIIfb5DYOyP0__1TZlaNqZy7_97wewGuqkRIITh5A9eMHf213VLDmPI9nzp3E3YAqBTozunibpLDkh8yHSTKKhQl&cb=_claakpn0gp1c4bdt9qv5xw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 | 62.122.171.6 | 200 OK | 7 B |
URL HTTP/2limurol.com/ssp/req/1876944/?pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=zMnxnHo0EZFjD7KYMUGPd6b3jHjfPZy0Ahiw5-Asb1BGdnjvmWUKl_gcHxaWgSEckKCj4C9hw3WxYdIGgqkc4JbLUny1JHmt2c9XNTvJIQqn9g5ag3xsgfOeQ7piMpypwQtbp2kP9Zw9zGPgwZm0s5FRi3onE2mOF23zrB-T2qq9edlTu7wUfi4A86cHIKuI9tM8NbHtLcah_-ABLeWCWPyeX6OX1p31zKa4NyXGjZHj0ZDBceS29yty5pmrAGTQ4Q_4xRPuvbzJUp5N3hrOeJ07F-aDccyWxopL_vI240jJ9QjdvfOZba35Iyb6Okc3dFyHM9iVfnglrQ1Ps93ZFtSnjYFcZEmIqNJdwxCrJSeVU0oL-JuGBtw2GtSVk1BGwIIfb5DYOyP0__1TZlaNqZy7_97wewGuqkRIITh5A9eMHf213VLDmPI9nzp3E3YAqBTozunibpLDkh8yHSTKKhQl&cb=_claakpn0gp1c4bdt9qv5xw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP62.122.171.6:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ssp/req/1876944/?pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=zMnxnHo0EZFjD7KYMUGPd6b3jHjfPZy0Ahiw5-Asb1BGdnjvmWUKl_gcHxaWgSEckKCj4C9hw3WxYdIGgqkc4JbLUny1JHmt2c9XNTvJIQqn9g5ag3xsgfOeQ7piMpypwQtbp2kP9Zw9zGPgwZm0s5FRi3onE2mOF23zrB-T2qq9edlTu7wUfi4A86cHIKuI9tM8NbHtLcah_-ABLeWCWPyeX6OX1p31zKa4NyXGjZHj0ZDBceS29yty5pmrAGTQ4Q_4xRPuvbzJUp5N3hrOeJ07F-aDccyWxopL_vI240jJ9QjdvfOZba35Iyb6Okc3dFyHM9iVfnglrQ1Ps93ZFtSnjYFcZEmIqNJdwxCrJSeVU0oL-JuGBtw2GtSVk1BGwIIfb5DYOyP0__1TZlaNqZy7_97wewGuqkRIITh5A9eMHf213VLDmPI9nzp3E3YAqBTozunibpLDkh8yHSTKKhQl&cb=_claakpn0gp1c4bdt9qv5xw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Cookie: UID=221005184951767fc94cb74a1e96ae539c37
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:41 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183 | 174.137.133.18 | 302 Found | 0 B |
URL HTTP/1.1xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183 IP174.137.133.18:0 ASN#27257 WEBAIR-INTERNET
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457655&auth=BcObps&pubid=155183 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 05 Oct 2022 23:49:41 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: http://c.srvpcn.com/click?id=ccv1g5056phq4jnd3p40&e=369222da-3163-4884-a252-ea2cd59b9061&px=34
Pragma: no-cache
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55331c1dc7e7ebbf456220986278469d d69a62ee47b03fde68db666512417dda2ae5ad13 a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14679
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Wed, 05 Oct 2022 23:49:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55331c1dc7e7ebbf456220986278469d d69a62ee47b03fde68db666512417dda2ae5ad13 a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14679
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Wed, 05 Oct 2022 23:49:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55331c1dc7e7ebbf456220986278469d d69a62ee47b03fde68db666512417dda2ae5ad13 a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14679
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Wed, 05 Oct 2022 23:49:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55331c1dc7e7ebbf456220986278469d d69a62ee47b03fde68db666512417dda2ae5ad13 a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14679
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Wed, 05 Oct 2022 23:49:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55331c1dc7e7ebbf456220986278469d d69a62ee47b03fde68db666512417dda2ae5ad13 a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14679
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Wed, 05 Oct 2022 23:49:41 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F585959dc-efc9-453b-bdef-59b834c43800.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F585959dc-efc9-453b-bdef-59b834c43800.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfa6c2f48dc4f2d67c8918e35396e901f 4897d9af4414d827043507c90b992d5c8d8344f1 0b287a86cf539a00b0b0c839c07f0453796ed71b571664bb2ea64363198bd633
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F585959dc-efc9-453b-bdef-59b834c43800.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6363
x-amzn-requestid: d0de2bff-da5b-487b-9058-6f33b35b594d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO8FHWAIAMFbUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84d-736ce6cb2fc072a22e65a803;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Rlg9tzQaVbL_qon437VaTKEpDWQdmrMPkXXSUu8xZRMeRBmnmx9n6w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:47:36 GMT
etag: "4897d9af4414d827043507c90b992d5c8d8344f1"
content-type: image/jpeg
age: 7325
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb5958f828ccc16a41b22d9ae812bccfc f350f295dd70152712162d4be5b3b5f0d12cde57 230d7d8e570e433d18ec53b6ca114e2a206e8c265c0c66d73388c49db5c91c64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9338
x-amzn-requestid: 4ca2eb3c-eba4-43a4-b79a-89546da3d660
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQBfG7soAMF9cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa09-1b5bd53052718f620b920a00;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6pHftE0vUMqrH2NR_7DzrWlnD0yal7BkAfee7UeVG7DKZNEAYRa9HQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:45:26 GMT
age: 7455
etag: "f350f295dd70152712162d4be5b3b5f0d12cde57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha508ac9cd743bec987b2a24454418265 8c7ecefe6908387e2128dc849a6ba857991ba0ab afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
age: 6962
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4fc2ddd86450d64d3fb659ab4e78be58 bbe71936b78a8c34d03ab87948dc840b35c6948f 84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 58809
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg | 34.120.237.76 | 200 OK | 3.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1a1a279f8386262762dcf70621e06ed5 0e1d6cefe5ffe1994f26322962df8b0a13743339 a4146e8a0561009b63c55d0c13673958546b96f684a9c5a43a1f3200782798e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3777
x-amzn-requestid: 093c576f-e1f7-4d45-9f8c-7ca3e7539313
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtDEpSIAMF_Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df986-3cbcc83c1db24bbf193c3047;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GXneoYCI_hqJxLyI-RAxkJJf08pBsc6usoQlztb3HHPQSd1PDh7kgQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:47 GMT
age: 7014
etag: "0e1d6cefe5ffe1994f26322962df8b0a13743339"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg | 34.120.237.76 | 200 OK | 7.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash72ad6f9b79e7a3d11e3ace6b0e969614 a9cd62230d4aabfcc2e8b2494e687d854254113e 1d59cd22b3316da6f1d44076089ba983faed5327d174ddb3cb3d58f487ccae51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 01497827-07e5-4129-abf2-120b00eed8c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPs5F1LoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df985-4b0c175142a6ace915d5e5d2;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QElSCxuAj2dM9Psp2_fPTSi1goaNKkylf7D9ITOplorOFLIGIV332g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:46 GMT
age: 7015
etag: "a9cd62230d4aabfcc2e8b2494e687d854254113e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| hppvkbfcuq.com/chicken.gif?z=1940642&pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=gR_zuXq5EcVS_kQskFW915Tow69hdIgYbBl6UZIJPwioueK7Sd3NeIUS-6uux3fot198Nz42R2BtUrabCf4NS_LKtWfxbyXK4whX6HElDC-7JBnoN5ErB98o6XNr3bS_vujCOumjIkqfy4jeMlSBex7KXyN0jf5Mx5Guq-8V1oOIE4D3cEg6mQn9pRtXOd9oUZP6nwzGQKrv_7DBUGLCauo2ZMH7Ac7Kv1PMwr0cTNvp5_WXKUnW7FhnEa4kH9MDKRPizvO4xX7aDWM1Fugvltgz0X6-5lRNhTIIoyOhjVTOyGNC6i_X5BjBYwN4sOSqvVclbPJb8jFoTNyxuapoyvMXSmYVnZ5B7vWOHkP01UkdY9zSYKiPQDOCDspVXPMMBUQTEzt5Qwb0OrC5VwEJgV3kR8Nkaykfzl_ZITXR_p_ChCNI1k1r4sZ8YEYycY4cYg40327aoqY2YF3UAM0jZ3PJoI2cyfEgokTSk23MBbs6sP4xwcPeyk-keNbTql8Bk-VcNS3jcFRsGNgiCFR_E6i-hlW2PxAZxx9zmLRKI_hEgr5iE658smnGSEICaFVZkcocZ0j-fHba4-gDqcY8DBOuitB-biCO8XaY9leUudc9oTROIK10AnZQZBKiuVxRjhDqzryceT5mn3olzUtLNuo01WVnCrpCszH9c9P-T5spNSsnlyTYwJRZL3l8KZ3094MofRxmm7m-Ytil19UQ6ti_qCK5M30ILr_2EMaoDMxU4uvWdD10SjhUhhi8TQksKcZ_jrxfT21kiQyb8w6Wplsx4-EPDCayCTpRTC9WEPolnuVetK5gFPxidf8-ibhvypb4GCQZDygbNZqFZC7U0tKkK4kvuaXpZnWdaeLuJ5Uy907WIORpeqaTmbK5HsysNVAe5FrHWU4EdrNfF7gqr1iPiiqjSakJhAh-rY6OIRVbQhpnrq7kz51Alk3NABgRFFCXlq4JsVBff0Qd00D8-ByGvNzs9vjOr_zqUZ00CquQtL3oIjLYg-DbIIXBeCa_Wy6OASvcSbaVpQxhiKMuiZcLdNWIbexJd4MELQnjI56iaiGt4dwvMQoPkcVFraBDN4Y4WD6F8Udu6cN7EGVuyRTgujHeC4la5ZLPYRTWYfTX5kH1QV7Tr7ZFNbcmV9cLohdK5aVAAhlWBsHpBIuHEoyTYiUw5cOlqw4fvaXyXoMnhXeSgtJNiY9D5zV3faTgYMWnL3yCqgjy-BFDNGICgUoZF3nD6SEJy3-qsTmPc40jh1EZ8vozSCO5RoJt4w75&abvar=0&os=0 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2hppvkbfcuq.com/chicken.gif?z=1940642&pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=gR_zuXq5EcVS_kQskFW915Tow69hdIgYbBl6UZIJPwioueK7Sd3NeIUS-6uux3fot198Nz42R2BtUrabCf4NS_LKtWfxbyXK4whX6HElDC-7JBnoN5ErB98o6XNr3bS_vujCOumjIkqfy4jeMlSBex7KXyN0jf5Mx5Guq-8V1oOIE4D3cEg6mQn9pRtXOd9oUZP6nwzGQKrv_7DBUGLCauo2ZMH7Ac7Kv1PMwr0cTNvp5_WXKUnW7FhnEa4kH9MDKRPizvO4xX7aDWM1Fugvltgz0X6-5lRNhTIIoyOhjVTOyGNC6i_X5BjBYwN4sOSqvVclbPJb8jFoTNyxuapoyvMXSmYVnZ5B7vWOHkP01UkdY9zSYKiPQDOCDspVXPMMBUQTEzt5Qwb0OrC5VwEJgV3kR8Nkaykfzl_ZITXR_p_ChCNI1k1r4sZ8YEYycY4cYg40327aoqY2YF3UAM0jZ3PJoI2cyfEgokTSk23MBbs6sP4xwcPeyk-keNbTql8Bk-VcNS3jcFRsGNgiCFR_E6i-hlW2PxAZxx9zmLRKI_hEgr5iE658smnGSEICaFVZkcocZ0j-fHba4-gDqcY8DBOuitB-biCO8XaY9leUudc9oTROIK10AnZQZBKiuVxRjhDqzryceT5mn3olzUtLNuo01WVnCrpCszH9c9P-T5spNSsnlyTYwJRZL3l8KZ3094MofRxmm7m-Ytil19UQ6ti_qCK5M30ILr_2EMaoDMxU4uvWdD10SjhUhhi8TQksKcZ_jrxfT21kiQyb8w6Wplsx4-EPDCayCTpRTC9WEPolnuVetK5gFPxidf8-ibhvypb4GCQZDygbNZqFZC7U0tKkK4kvuaXpZnWdaeLuJ5Uy907WIORpeqaTmbK5HsysNVAe5FrHWU4EdrNfF7gqr1iPiiqjSakJhAh-rY6OIRVbQhpnrq7kz51Alk3NABgRFFCXlq4JsVBff0Qd00D8-ByGvNzs9vjOr_zqUZ00CquQtL3oIjLYg-DbIIXBeCa_Wy6OASvcSbaVpQxhiKMuiZcLdNWIbexJd4MELQnjI56iaiGt4dwvMQoPkcVFraBDN4Y4WD6F8Udu6cN7EGVuyRTgujHeC4la5ZLPYRTWYfTX5kH1QV7Tr7ZFNbcmV9cLohdK5aVAAhlWBsHpBIuHEoyTYiUw5cOlqw4fvaXyXoMnhXeSgtJNiY9D5zV3faTgYMWnL3yCqgjy-BFDNGICgUoZF3nD6SEJy3-qsTmPc40jh1EZ8vozSCO5RoJt4w75&abvar=0&os=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /chicken.gif?z=1940642&pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=gR_zuXq5EcVS_kQskFW915Tow69hdIgYbBl6UZIJPwioueK7Sd3NeIUS-6uux3fot198Nz42R2BtUrabCf4NS_LKtWfxbyXK4whX6HElDC-7JBnoN5ErB98o6XNr3bS_vujCOumjIkqfy4jeMlSBex7KXyN0jf5Mx5Guq-8V1oOIE4D3cEg6mQn9pRtXOd9oUZP6nwzGQKrv_7DBUGLCauo2ZMH7Ac7Kv1PMwr0cTNvp5_WXKUnW7FhnEa4kH9MDKRPizvO4xX7aDWM1Fugvltgz0X6-5lRNhTIIoyOhjVTOyGNC6i_X5BjBYwN4sOSqvVclbPJb8jFoTNyxuapoyvMXSmYVnZ5B7vWOHkP01UkdY9zSYKiPQDOCDspVXPMMBUQTEzt5Qwb0OrC5VwEJgV3kR8Nkaykfzl_ZITXR_p_ChCNI1k1r4sZ8YEYycY4cYg40327aoqY2YF3UAM0jZ3PJoI2cyfEgokTSk23MBbs6sP4xwcPeyk-keNbTql8Bk-VcNS3jcFRsGNgiCFR_E6i-hlW2PxAZxx9zmLRKI_hEgr5iE658smnGSEICaFVZkcocZ0j-fHba4-gDqcY8DBOuitB-biCO8XaY9leUudc9oTROIK10AnZQZBKiuVxRjhDqzryceT5mn3olzUtLNuo01WVnCrpCszH9c9P-T5spNSsnlyTYwJRZL3l8KZ3094MofRxmm7m-Ytil19UQ6ti_qCK5M30ILr_2EMaoDMxU4uvWdD10SjhUhhi8TQksKcZ_jrxfT21kiQyb8w6Wplsx4-EPDCayCTpRTC9WEPolnuVetK5gFPxidf8-ibhvypb4GCQZDygbNZqFZC7U0tKkK4kvuaXpZnWdaeLuJ5Uy907WIORpeqaTmbK5HsysNVAe5FrHWU4EdrNfF7gqr1iPiiqjSakJhAh-rY6OIRVbQhpnrq7kz51Alk3NABgRFFCXlq4JsVBff0Qd00D8-ByGvNzs9vjOr_zqUZ00CquQtL3oIjLYg-DbIIXBeCa_Wy6OASvcSbaVpQxhiKMuiZcLdNWIbexJd4MELQnjI56iaiGt4dwvMQoPkcVFraBDN4Y4WD6F8Udu6cN7EGVuyRTgujHeC4la5ZLPYRTWYfTX5kH1QV7Tr7ZFNbcmV9cLohdK5aVAAhlWBsHpBIuHEoyTYiUw5cOlqw4fvaXyXoMnhXeSgtJNiY9D5zV3faTgYMWnL3yCqgjy-BFDNGICgUoZF3nD6SEJy3-qsTmPc40jh1EZ8vozSCO5RoJt4w75&abvar=0&os=0 HTTP/1.1
Host: hppvkbfcuq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2210051849ecce1ccb4acc4ad786fc7e93f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:42 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACDyowAAAAAAAAAB; Path=/; Expires=Fri, 04 Nov 2022 23:49:42 GMT; Secure; SameSite=None
OACIBLOCK=ACDyowAAAABjPQ9Q; Path=/; Expires=Fri, 04 Nov 2022 23:49:42 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 06 Oct 2022 23:49:42 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| hppvkbfcuq.com/chicken.gif?z=1940642&pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=fyagV7ls7UJXc53vF8kl8q3S2lpCOOnELGH5JfaLJOgV28pqC5ec2gelH7sjYd6mSj1jpEOJNMTKFMblU78xhYhhjbc6pLb1l9M6Rxe7oSLn19HHjk3E2dmISR5F0AHgcdEfIUTyWjUInGAFzbRpQAIpoMQtL2aZJz9cjcCjhKnPTce8TQ7NNpWdM46POwenanmeI9b7B0xFJrjXuJ969VujbENmOJyESD1VgTGP0a5dR2lj-Se7VwvtXFdYoaZGVN4p9dzCpfCdDmNttuGk4AyzVamBO4hEtuP-_87A1ceHqlmQxG2VethWBJc88zl5GsErpZ3qfCNWjMZs6qynjimr4svLiuTnLRFKq4QaLVleMYwl8u2-ys3N427YvGkCNx5Ak05L4lxxEbOR5CNuDrkD-B8AF6t-luAvNUnN0Erew3WQKgogMHt4tjBYFEwgiicHd_WTnCk0gpfYm8ojWC5vzS5KLIfVVnbS5Fjhqs8rZEIHzbSDOmmNb0ym9jZTetAh19KMHa70Q8UvZ_dmSiBu_-LiYb3QU_tqUVAwovxQUqziaHYM1dSTr3SY4Vp24JQeEAS8UAHsjKQulTCWk0J2Oz6aYNL7o3geaw6Oh16hAVkZeHImtZP6C8JE16BnwoiC6UIEe7TiyVEuU8z7DnkgJFimI0y0TWEq4BgFxEp1qIRkvfUZvVzY8BXKEfMio0RCua6PwKJKO6N-b7mN7Hv3W3hNucDKBYYuCA6QWl5Huzb2U6lCBJYAp7edXe3rMLLC9nDo_qKUD_Q0haHpAIOJWxe5SLjtCfDNhhoxvKD1UEvtxL9deLjs0eSRYqxmL9hJ4noiQHHCqjmu6cdGSNPP8MWCGR11EhwdXBBTIQFXVb8fE_SbjIY_q8WAFmfM99lHmu4JeihJJUtmPOw2qj8x0prOgShKdVfEkS_yrzYFZaHU88jkpIolYAbJaoRR5jLBYi6m7F0kkq2i4Lk6xKQdI4lIC6Afrko23jpUvHW0iz82uDEWpFTHk2bqVW_kJdBthCjxqPwDOAAqY-jCG_y2-8AAllr0twL_nb-3oTk8uC4YkLf2Aw2nNn6AWn0fajwuVneqssVkEwJ3AcO8NFRO0UJgKgvipT3D1_nZqfz8U1lNciBWMJPCTYEbQv6Rpsh9XjwuY-2TIoQcGGJ0NOcHGajZWVqJ4wQ0z4d12r1ifUqAVwIzEzRa8GGD6qW5JkYRjvju3sE2J9Ho9xxvx6s_mY2s5PaG5j0BN46peEOoS4Ure7YsZlymt8tX2KWoY9G76OzEib7v-8uo3827s9phAg2t&abvar=0&os=0 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2hppvkbfcuq.com/chicken.gif?z=1940642&pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=fyagV7ls7UJXc53vF8kl8q3S2lpCOOnELGH5JfaLJOgV28pqC5ec2gelH7sjYd6mSj1jpEOJNMTKFMblU78xhYhhjbc6pLb1l9M6Rxe7oSLn19HHjk3E2dmISR5F0AHgcdEfIUTyWjUInGAFzbRpQAIpoMQtL2aZJz9cjcCjhKnPTce8TQ7NNpWdM46POwenanmeI9b7B0xFJrjXuJ969VujbENmOJyESD1VgTGP0a5dR2lj-Se7VwvtXFdYoaZGVN4p9dzCpfCdDmNttuGk4AyzVamBO4hEtuP-_87A1ceHqlmQxG2VethWBJc88zl5GsErpZ3qfCNWjMZs6qynjimr4svLiuTnLRFKq4QaLVleMYwl8u2-ys3N427YvGkCNx5Ak05L4lxxEbOR5CNuDrkD-B8AF6t-luAvNUnN0Erew3WQKgogMHt4tjBYFEwgiicHd_WTnCk0gpfYm8ojWC5vzS5KLIfVVnbS5Fjhqs8rZEIHzbSDOmmNb0ym9jZTetAh19KMHa70Q8UvZ_dmSiBu_-LiYb3QU_tqUVAwovxQUqziaHYM1dSTr3SY4Vp24JQeEAS8UAHsjKQulTCWk0J2Oz6aYNL7o3geaw6Oh16hAVkZeHImtZP6C8JE16BnwoiC6UIEe7TiyVEuU8z7DnkgJFimI0y0TWEq4BgFxEp1qIRkvfUZvVzY8BXKEfMio0RCua6PwKJKO6N-b7mN7Hv3W3hNucDKBYYuCA6QWl5Huzb2U6lCBJYAp7edXe3rMLLC9nDo_qKUD_Q0haHpAIOJWxe5SLjtCfDNhhoxvKD1UEvtxL9deLjs0eSRYqxmL9hJ4noiQHHCqjmu6cdGSNPP8MWCGR11EhwdXBBTIQFXVb8fE_SbjIY_q8WAFmfM99lHmu4JeihJJUtmPOw2qj8x0prOgShKdVfEkS_yrzYFZaHU88jkpIolYAbJaoRR5jLBYi6m7F0kkq2i4Lk6xKQdI4lIC6Afrko23jpUvHW0iz82uDEWpFTHk2bqVW_kJdBthCjxqPwDOAAqY-jCG_y2-8AAllr0twL_nb-3oTk8uC4YkLf2Aw2nNn6AWn0fajwuVneqssVkEwJ3AcO8NFRO0UJgKgvipT3D1_nZqfz8U1lNciBWMJPCTYEbQv6Rpsh9XjwuY-2TIoQcGGJ0NOcHGajZWVqJ4wQ0z4d12r1ifUqAVwIzEzRa8GGD6qW5JkYRjvju3sE2J9Ho9xxvx6s_mY2s5PaG5j0BN46peEOoS4Ure7YsZlymt8tX2KWoY9G76OzEib7v-8uo3827s9phAg2t&abvar=0&os=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /chicken.gif?z=1940642&pb=f3ac2beb32ac0a8e18a99f803c1c32361665020980&psp=fyagV7ls7UJXc53vF8kl8q3S2lpCOOnELGH5JfaLJOgV28pqC5ec2gelH7sjYd6mSj1jpEOJNMTKFMblU78xhYhhjbc6pLb1l9M6Rxe7oSLn19HHjk3E2dmISR5F0AHgcdEfIUTyWjUInGAFzbRpQAIpoMQtL2aZJz9cjcCjhKnPTce8TQ7NNpWdM46POwenanmeI9b7B0xFJrjXuJ969VujbENmOJyESD1VgTGP0a5dR2lj-Se7VwvtXFdYoaZGVN4p9dzCpfCdDmNttuGk4AyzVamBO4hEtuP-_87A1ceHqlmQxG2VethWBJc88zl5GsErpZ3qfCNWjMZs6qynjimr4svLiuTnLRFKq4QaLVleMYwl8u2-ys3N427YvGkCNx5Ak05L4lxxEbOR5CNuDrkD-B8AF6t-luAvNUnN0Erew3WQKgogMHt4tjBYFEwgiicHd_WTnCk0gpfYm8ojWC5vzS5KLIfVVnbS5Fjhqs8rZEIHzbSDOmmNb0ym9jZTetAh19KMHa70Q8UvZ_dmSiBu_-LiYb3QU_tqUVAwovxQUqziaHYM1dSTr3SY4Vp24JQeEAS8UAHsjKQulTCWk0J2Oz6aYNL7o3geaw6Oh16hAVkZeHImtZP6C8JE16BnwoiC6UIEe7TiyVEuU8z7DnkgJFimI0y0TWEq4BgFxEp1qIRkvfUZvVzY8BXKEfMio0RCua6PwKJKO6N-b7mN7Hv3W3hNucDKBYYuCA6QWl5Huzb2U6lCBJYAp7edXe3rMLLC9nDo_qKUD_Q0haHpAIOJWxe5SLjtCfDNhhoxvKD1UEvtxL9deLjs0eSRYqxmL9hJ4noiQHHCqjmu6cdGSNPP8MWCGR11EhwdXBBTIQFXVb8fE_SbjIY_q8WAFmfM99lHmu4JeihJJUtmPOw2qj8x0prOgShKdVfEkS_yrzYFZaHU88jkpIolYAbJaoRR5jLBYi6m7F0kkq2i4Lk6xKQdI4lIC6Afrko23jpUvHW0iz82uDEWpFTHk2bqVW_kJdBthCjxqPwDOAAqY-jCG_y2-8AAllr0twL_nb-3oTk8uC4YkLf2Aw2nNn6AWn0fajwuVneqssVkEwJ3AcO8NFRO0UJgKgvipT3D1_nZqfz8U1lNciBWMJPCTYEbQv6Rpsh9XjwuY-2TIoQcGGJ0NOcHGajZWVqJ4wQ0z4d12r1ifUqAVwIzEzRa8GGD6qW5JkYRjvju3sE2J9Ho9xxvx6s_mY2s5PaG5j0BN46peEOoS4Ure7YsZlymt8tX2KWoY9G76OzEib7v-8uo3827s9phAg2t&abvar=0&os=0 HTTP/1.1
Host: hppvkbfcuq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2210051849ecce1ccb4acc4ad786fc7e93f7; OACICAP=ACDyowAAAAAAAAAB; OACIBLOCK=ACDyowAAAABjPQ9Q; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:43 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACDyowAAAAAAAAABACH1gAAAAAAAAAAB; Path=/; Expires=Fri, 04 Nov 2022 23:49:43 GMT; Secure; SameSite=None
OACIBLOCK=ACDyowAAAABjPQ9QACH1gAAAAABjPQ9Q; Path=/; Expires=Fri, 04 Nov 2022 23:49:43 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 06 Oct 2022 23:49:43 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| streamtape.to/e/0lY7kGAJYwhDpy | 172.67.188.136 | 200 OK | 0 B |
URL HTTP/2streamtape.to/e/0lY7kGAJYwhDpy IP172.67.188.136:0
GET /e/0lY7kGAJYwhDpy HTTP/1.1
Host: streamtape.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:49:39 GMT
content-type: text/html; charset=UTF-8
cache-control: private
set-cookie: _b=kube19; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIYLrUd%2B%2FxFuPLXcDCRkz6WbGLA%2BWOnvQfmrTIDdBJ09EuBZRpilekI7spHDhkvMCYFJT0U%2Bf5Sap8MSJCByiKY3WinuQfKt84rZhlJm86nnuggKxp7Y12lSTkzmiehm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755a0e1a4fa8b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hppvkbfcuq.com/i/npage/1940642/code.js | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2hppvkbfcuq.com/i/npage/1940642/code.js IP62.122.171.6:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /i/npage/1940642/code.js HTTP/1.1
Host: hppvkbfcuq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:39 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 14:13:52 GMT
vary: Accept-Encoding
etag: W/"633d9120-3425c"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| zap.buzz/8YbYQea | 104.21.53.136 | 302 Found | 0 B |
IP104.21.53.136:0
GET /8YbYQea HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 05 Oct 2022 23:49:40 GMT
content-type: text/html; charset=utf-8
location: https://xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Yz4YFA.RAn1bgmnpbyRW3ZNUMuAOBWhnt4; Expires=Thu, 06 Oct 2022 00:19:40 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1bnGUL%2BTxLFowUJCwMiez79rj9A7ZTIz%2FLvVx1hFnok60FnWE1Wi9c0Tnml0IcyzQWOdkgYwqESVhxjqWVYT%2FzV2iMnpxk0E9ydqyyDFtj3pqtLv4QD4UE7DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755a0e1dc96db509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/61426822?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fe%2F0lY7kGAJYwhDpy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A756504768394%3Ahid%3A857115359%3Az%3A0%3Ai%3A20221005234940%3Aet%3A1665013780%3Ac%3A1%3Arn%3A427504971%3Arqn%3A1%3Au%3A1665013780370981947%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C73%2C146%2C17%2C386%2C0%2C%2C351%2C2%2C%2C%2C%2C996%3Ans%3A1665013779082%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665013780%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) | 93.158.134.119 | 302 Found | 0 B |
URL HTTP/2mc.yandex.ru/watch/61426822?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fe%2F0lY7kGAJYwhDpy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A756504768394%3Ahid%3A857115359%3Az%3A0%3Ai%3A20221005234940%3Aet%3A1665013780%3Ac%3A1%3Arn%3A427504971%3Arqn%3A1%3Au%3A1665013780370981947%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C73%2C146%2C17%2C386%2C0%2C%2C351%2C2%2C%2C%2C%2C996%3Ans%3A1665013779082%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665013780%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) IP93.158.134.119:0
GET /watch/61426822?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fe%2F0lY7kGAJYwhDpy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A756504768394%3Ahid%3A857115359%3Az%3A0%3Ai%3A20221005234940%3Aet%3A1665013780%3Ac%3A1%3Arn%3A427504971%3Arqn%3A1%3Au%3A1665013780370981947%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C73%2C146%2C17%2C386%2C0%2C%2C351%2C2%2C%2C%2C%2C996%3Ans%3A1665013779082%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665013780%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.to
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fe%2F0lY7kGAJYwhDpy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A756504768394%3Ahid%3A857115359%3Az%3A0%3Ai%3A20221005234940%3Aet%3A1665013780%3Ac%3A1%3Arn%3A427504971%3Arqn%3A1%3Au%3A1665013780370981947%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C73%2C146%2C17%2C386%2C0%2C%2C351%2C2%2C%2C%2C%2C996%3Ans%3A1665013779082%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665013780%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 05 Oct 2022 23:49:40 GMT
access-control-allow-origin: https://streamtape.to
set-cookie: yandexuid=925175791665013780; Expires=Thu, 05-Oct-2023 23:49:40 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=925175791665013780; Expires=Thu, 05-Oct-2023 23:49:40 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2336665351665013780; Path=/; SameSite=None; Secure
i=BxsThHj1wchzvQRgzfAsZeGnZfrIo4MdwtIkQiEo9Aw9XAXT02I/emzpccNwcOn4B2u7NpHBjm9M4HN2IcG7t7zW0g0=; Expires=Sat, 02-Oct-2032 23:49:36 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696549780.yrts.1665013780#1696549780.yrtsi.1665013780; Expires=Thu, 05-Oct-2023 23:49:40 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 05-Oct-2022 23:49:40 GMT
last-modified: Wed, 05-Oct-2022 23:49:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| lame7bsqu8barters.com/get/1876944?zoneid=1876944&jp=_clmje2gv49tv44ldagwn44&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5457142900592310 | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2lame7bsqu8barters.com/get/1876944?zoneid=1876944&jp=_clmje2gv49tv44ldagwn44&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5457142900592310 IP62.122.171.6:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /get/1876944?zoneid=1876944&jp=_clmje2gv49tv44ldagwn44&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5457142900592310 HTTP/1.1
Host: lame7bsqu8barters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:49:40 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22100518494c4db92a8f6344f4911848e1d8; Path=/; Expires=Thu, 05 Oct 2023 23:49:40 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
104.21.36.73