Report - listeamed.net/v/JzkPxznpKvrxbyd

Report Overview

Submitted URL
listeamed.net/v/JzkPxznpKvrxbyd
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-05 13:23:57
Access
public
Website Title
HUNTC-024.mp4
Final URL
listeamed.net/v/JzkPxznpKvrxbyd
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-04	926 B	716 B	18.185.9.67
oaphoace.net	unknown	2022-05-04	2022-05-04	2024-04-18	2.9 kB	38 kB	139.45.197.239
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-04	408 B	37 kB	172.67.180.87
i.guardstorage.net	unknown	2022-12-22	2023-02-27	2024-02-06	1.4 kB	1.1 MB	172.67.211.88
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-05-04	412 B	327 B	172.240.108.84
3ymvxmq6w4.guardstorage.net	unknown	unknown	No data	No data	2.9 kB	1.8 MB	135.125.67.87
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-05	953 B	54 kB	142.250.74.106
tzegilo.com	unknown	2022-01-14	2022-01-14	2024-05-02	396 B	20 kB	172.67.193.52
okaydisciplemeek.com	unknown	unknown	No data	No data	437 B	31 kB	192.243.59.20
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-04	419 B	742 B	139.45.195.8
offerimage.com	304078	2019-06-10	2019-06-10	2024-05-02	891 B	122 kB	104.22.32.172
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-04	733 B	423 B	192.243.59.12
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-04	338 B	942 B	3.164.222.26
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-05	2.1 kB	90 kB	216.58.207.227
listeamed.net	unknown	unknown	No data	No data	6.7 kB	1.3 MB	188.114.96.1
gabblewhining.com	unknown	unknown	No data	No data	481 B	467 B	172.240.108.84
fleraprt.com	unknown	2022-01-14	2022-01-14	2024-05-04	565 B	481 B	139.45.195.254

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-05	medium	okaydisciplemeek.com	Sinkholed
2024-05-05	medium	oaphoace.net	Sinkholed
2024-05-05	medium	oaphoace.net	Sinkholed
2024-05-05	medium	unseenreport.com	Sinkholed
2024-05-05	medium	oaphoace.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	listeamed.net/assets/js/bootstrap.bundle.min.js?id=780372263c4e1fecbb636a38f53d3a2f	80 kB	2023-03-08	2024-05-18
Pretty URL listeamed.net/assets/js/bootstrap.bundle.min.js?id=780372263c4e1fecbb636a38f53d3a2f IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:58:09 Last Seen2024-05-18 21:50:55 Times Seen1516 Hash d2b0d31f74e62440ea1a557f126d0c64 5c8f6cb983397deb65673b961a8657cfd6113ad9 c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00 Loading...

	listeamed.net/v/JzkPxznpKvrxbyd	0 B	2023-03-07	2024-05-18
Pretty URL listeamed.net/v/JzkPxznpKvrxbyd IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 22:50:29 Times Seen37804459 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	1.8 kB	2024-05-05	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-05 15:24:04 Last Seen2024-05-05 15:24:04 Times Seen1 Hash dab5a009c0c8917f3f3e5b1ba600a9a0 1a4a2bc3bed4512eb12d0378a36cf165fcf45ee0 b0af9e5eb704a583058f000131c2c774dfbcaf24911295a59d5b147d146fb071 Loading...

	unknown	502 B	2024-05-05	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-05 15:24:05 Last Seen2024-05-05 15:24:05 Times Seen1 Hash 1b0364eb131763ffedd8bccdd261feba baee81a203524e5eaad31965ac486a216e4cbaab 10f24280ad059c649cc8ae2d1c645b7ffc466380a195ab271fb805f3bf6d581b Loading...

	listeamed.net/assets/jwplayer/8.28.1/jwplayer.core.controls.js	325 kB	2023-09-06	2024-05-05
Pretty URL listeamed.net/assets/jwplayer/8.28.1/jwplayer.core.controls.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-06 18:59:05 Last Seen2024-05-05 15:24:05 Times Seen77 Hash a69921d2a260f2b763c6f4866ab08ff5 2d1430cd5d243ad05ca0e7cfbac1c4398f31995e 45bba1c625ca7128376311c5490b2d4a283dd787eec1c011be838141bfbb42ea Loading...

	listeamed.net/assets/jwplayer/8.28.1/provider.hlsjs.js	423 kB	2023-09-06	2024-05-05
Pretty URL listeamed.net/assets/jwplayer/8.28.1/provider.hlsjs.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-06 18:59:05 Last Seen2024-05-05 15:24:05 Times Seen63 Hash 750b19146211c426d9bdd9dcf4d93787 9b7639977960dc609de99863a12b1866b0ffd5a0 fac5e74d89a9f7ebaada1c783e47de50657803bf20ced45bea0336b9a0dda254 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 172.67.180.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	data:text/javascript;base64,dmFyIHA9ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoInNjcmlwdCIpWzBdLGU9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgic2NyaXB0IiksZD1kb2N1bWVudC5xdWVyeVNlbGVjdG9yKCJkaXZbZG9tYWluXSIpLmdldEF0dHJpYnV0ZSgiZG9tYWluIik7ZS5zcmM9Ii8vIitkKyIvYXNzZXRzL2pzL2xvYWQuanMiLHAuYWZ0ZXIoZSk7	192 B	2023-10-15	2024-05-05
Pretty URL data:text/javascript;base64,dmFyIHA9ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoInNjcmlwdCIpWzBdLGU9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgic2NyaXB0IiksZD1kb2N1bWVudC5xdWVyeVNlbGVjdG9yKCJkaXZbZG9tYWluXSIpLmdldEF0dHJpYnV0ZSgiZG9tYWluIik7ZS5zcmM9Ii8vIitkKyIvYXNzZXRzL2pzL2xvYWQuanMiLHAuYWZ0ZXIoZSk7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 21:02:05 Last Seen2024-05-05 15:24:05 Times Seen8 Hash 721c2c4cf8c4351e65dae7637ae3c9c8 7a03f1eeb68bf9e279110b84e6f88b3dea90e66c 7ef7acf33713063709afcbd55e29fe14556cfff565d3437eece71e34fe9553d7 Loading...

	listeamed.net/assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6	109 kB	2023-12-30	2024-05-05
Pretty URL listeamed.net/assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-30 23:53:23 Last Seen2024-05-05 15:24:05 Times Seen13 Hash 80a18bc4937ae794bf8b80cc2b15c821 7c2e3f66f9b3d983db4188baadc8fe1fa44b6073 4400d6dbc620c2f7aecdba4ca1a6f715866367e5e74f2a6190a52c214266d5ae Loading...

	listeamed.net/e/4e7e6f547c7e6a744f72767c667d60	0 B	2023-03-07	2024-05-18
Pretty URL listeamed.net/e/4e7e6f547c7e6a744f72767c667d60 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 22:50:29 Times Seen37804459 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	okaydisciplemeek.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js	84 kB	2024-05-05	2024-05-05
Pretty URL okaydisciplemeek.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 15:24:05 Last Seen2024-05-05 15:24:05 Times Seen2 Hash ad6c6961380477b8d33ab5ca040fb85f c4956dee8cc9390024b795d5e44296ba761d6fd1 8901131c8f70b29775db601450fb7e09815dbf7a7842f565b4ab53d6ee792a25 Loading...

	listeamed.net/assets/jwplayer/8.28.1/jwpsrv.js	65 kB	2023-12-30	2024-05-05
Pretty URL listeamed.net/assets/jwplayer/8.28.1/jwpsrv.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-30 23:53:23 Last Seen2024-05-05 15:24:05 Times Seen19 Hash 8035032c7bcdff774adfcf60e84b450d 1eb7f0268ef459954dea51343ef96720ed370566 b676f19bfd6bc7f2d07cdf0d00beb0c75ad04d1a8e4268df0f10ddbffb7313bf Loading...

	listeamed.net/assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da	14 kB	2023-03-07	2024-05-05
Pretty URL listeamed.net/assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:43 Last Seen2024-05-05 15:24:06 Times Seen149 Hash 19b624e7fe7a86b4c7851ed61e250626 760a6c0399930b96c61b6e18a6cbb0dbf0125f97 eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e Loading...

	oaphoace.net/401/6424058	91 kB	2024-05-05	2024-05-05
Pretty URL oaphoace.net/401/6424058 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 15:24:05 Last Seen2024-05-05 15:24:05 Times Seen1 Hash fe9235fa82603e62186d2db72912b05e ba0fcb6e7e0181517080abe7b74f75cd0a355ec0 776510cb59175a0e2da1f9e171fd3428f22e96018ad2c754bc8a21ea90b976fe Loading...

	capaciousdrewreligion.com/advertisers.js	0 B	2023-03-07	2024-05-18
Pretty URL capaciousdrewreligion.com/advertisers.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 22:50:29 Times Seen37804459 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	listeamed.net/assets/js/load.js	3.7 kB	2024-04-24	2024-05-05
Pretty URL listeamed.net/assets/js/load.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 19:47:13 Last Seen2024-05-05 15:24:05 Times Seen4 Hash d9c20c3e3512735c34d570b27902ce21 2e759ef4e518009e4414a5ef65d96f1489fd0df3 88777310a5c3f5382fcd464fbbf4d6dd119089bf94be45aa7789ce43c0184481 Loading...

	listeamed.net/assets/js/main.js?id=eddfd74f6de7386e3162347efd9a6be3	105 kB	2024-04-10	2024-05-05
Pretty URL listeamed.net/assets/js/main.js?id=eddfd74f6de7386e3162347efd9a6be3 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 21:08:26 Last Seen2024-05-05 15:24:05 Times Seen9 Hash 49b39d637f801152c5a7fcd78b03ae32 ee64fdbb655fc81e5d2771b6680fa96dbf8d8a9a 1beeb5ad0ede6c67083aacdf3593950d4190148f1b00a4df85cbb733c37a4336 Loading...

	tzegilo.com/stattag.js	19 kB	2024-02-10	2024-05-18
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-10 03:00:18 Last Seen2024-05-18 22:36:52 Times Seen1809 Hash 70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6261a5aacdd04cf4c0150edcf2971053	33 kB	2024-05-05	2024-05-05
Pretty Observations First Seen2024-05-05 15:24:05 Last Seen2024-05-05 15:24:05 Times Seen1 Hash 6261a5aacdd04cf4c0150edcf2971053 91e7e1a410dbd4296a1ae975a108ea1e236df80d 2e72fc8229a66ffcb43b3443954362fe38582c83a4d0b4794a2ef5ebeac0bea9 Loading...

HTTP Transactions (44)

URL IP Response Size

listeamed.net/assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
listeamed.net/assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/v/JzkPxznpKvrxbyd
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
ASCII text
Size
12 kB (12467 bytes)
Hash
91f7cf4a3d3f0660b4e3914e5ac9298a
6e12e1ebcd983f848e5c280ab77649eeb44e74bc
f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638

HTTP Headers

GET /assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/JzkPxznpKvrxbyd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F16Emd9q0a%2FxLDuXwBxqfuTS%2FH%2BZM7oZJJlPV%2FCEQkxz3M82nt%2F2HT16d3QF5GXm43mP9wPD2zfU6FKwn0jyiMjq4hM9kKmrH51f5KY0wGHB%2BrPe1Ha1aY5KCP8UkhCO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10b9b4f0856b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

listeamed.net/assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a

188.114.96.1

200 OK

32 kB

URL GET HTTP/3
listeamed.net/assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/v/JzkPxznpKvrxbyd
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
32 kB (31656 bytes)
Hash
025df1ec88740cad5ff14bb3380da6dd
7abed070e37ce060c0a561575f1d41a7f248fc74
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a

HTTP Headers

GET /assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/JzkPxznpKvrxbyd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rFAqhj5r9MjihcwRwKQ34cs8vMibwn%2FgCo8SYDRCx0KWtzny5CB92IUbEXJverd72gSUp3DrYMILD83g709bPZ10hCyElIt5ryiUzsKWpjDu39CVZLJoLBpN6XXBEmVj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10b9b4f0756b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

listeamed.net/assets/js/bootstrap.bundle.min.js?id=780372263c4e1fecbb636a38f53d3a2f

188.114.96.1

200 OK

49 kB

URL GET HTTP/3
listeamed.net/assets/js/bootstrap.bundle.min.js?id=780372263c4e1fecbb636a38f53d3a2f
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/v/JzkPxznpKvrxbyd
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
49 kB (49049 bytes)
Hash
d2b0d31f74e62440ea1a557f126d0c64
5c8f6cb983397deb65673b961a8657cfd6113ad9
c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00

HTTP Headers

GET /assets/js/bootstrap.bundle.min.js?id=780372263c4e1fecbb636a38f53d3a2f HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/JzkPxznpKvrxbyd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:29 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HoaSwvLjGZ388O3fWARyMTKsT1qqmsw%2FI1Va6%2FwwJsQ828ZheZF0mhOK7IZIlxaokCqTDphhAg6ikdjo0JaD2sfTD2mT4jiM5B%2B7qvNFDLbjxSpbe4rdhYbJX5llGbTW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10b9b4f0b56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

listeamed.net/assets/js/load.js

188.114.96.1

200 OK

32 kB

URL GET HTTP/3
listeamed.net/assets/js/load.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/v/JzkPxznpKvrxbyd
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
JavaScript source, ASCII text, with very long lines (3720), with no line terminators
Size
32 kB (32210 bytes)
Hash
d9c20c3e3512735c34d570b27902ce21
2e759ef4e518009e4414a5ef65d96f1489fd0df3
88777310a5c3f5382fcd464fbbf4d6dd119089bf94be45aa7789ce43c0184481

HTTP Headers

GET /assets/js/load.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/JzkPxznpKvrxbyd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:29 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 08 Apr 2024 14:13:45 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4155
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xuwxR0bOZa8wVz3KVK4O7Q1LsDAOjTnY4zNPUnRNyTIwNWsQfiwhQwVTWYt2CBo5LNe3vfAxRrpaQqXzbiPp3p%2BUmtq1VAJCBO7tejXMn329%2BvDqm4xs641gPi0O3CQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10b9d995756b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

listeamed.net/assets/img/favicon.ico

188.114.96.1

200 OK

54 kB

URL GET HTTP/3
listeamed.net/assets/img/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/v/JzkPxznpKvrxbyd
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
54 kB (53885 bytes)
Hash
7d9d17baaa54ab2b59859173c38f1a57
f383ac7a911d949ea75ebd07d8d95d5b231e9ea6
86fc3c09c4aec36ca788eabfda604e48d1ee61feb43a16371afab31f0cd2b48f

HTTP Headers

GET /assets/img/favicon.ico HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/JzkPxznpKvrxbyd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:29 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxQ7hqGKANBNiQmhgsx0MYQ2d89dCp%2ByA7Bk%2BMeE0OfFUNegBeaPGkX837ioMjUpgL6%2FaHKaiUKvBnoxiOvzBdzzEiUBAIy9cd7Ojvlbk4HGjocR2Cji3CKrobLHNRZO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f10b9db97656b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

okaydisciplemeek.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js

192.243.59.20

200 OK

31 kB

URL GET HTTP/1.1
okaydisciplemeek.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjectokaydisciplemeek.com
Fingerprint66:C7:C8:9B:E8:68:D4:DB:8D:92:05:DD:C9:8E:61:83:F9:73:04:5A
ValidityMon, 25 Mar 2024 09:21:59 GMT - Sun, 23 Jun 2024 09:21:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30586 bytes)
Hash
ad6c6961380477b8d33ab5ca040fb85f
c4956dee8cc9390024b795d5e44296ba761d6fd1
8901131c8f70b29775db601450fb7e09815dbf7a7842f565b4ab53d6ee792a25

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js HTTP/1.1
Host: okaydisciplemeek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 13:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bcd09345aef855ab99ce305494c57d9e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

3.164.222.26

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
3.164.222.26:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
691c3f87e4fe41a736328d3c71e2dbdc
fd76f455b38ba18f00a6fb81e3585201eb3c43f6
8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 05 May 2024 13:23:30 GMT
Last-Modified: Sun, 05 May 2024 11:52:14 GMT
Server: ECAcc (ska/F6CC)
X-Cache: Miss from cloudfront
Via: 1.1 e2b910126831841c6bf3d6563742ab92.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: i5BU9zyZDVKL8JPkarxTL7hlPWZfdgoi0gPRpHzcwvhymkOmd8TWwQ==
Age: 5476

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
61b5d37d0909f032873498eff9cff849
8c4dd39c818c6a08a46eba2d6b2f6367090e60b3
bf38802db18855f8e1a0c9758db309a5656bad8c1f42a35fbc6102b9b66ff914

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 13:23:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://listeamed.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=5fb34df9-14fc-432e-a94c-4bcaba87848a:2:1; expires=Wed, 03 May 2034 13:23:30 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

oaphoace.net/401/6424058

139.45.197.239

200 OK

35 kB

URL GET HTTP/2
oaphoace.net/401/6424058
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjectoaphoace.net
Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4
ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT

File type
gzip compressed data, max speed, from Unix
Size
35 kB (35445 bytes)
Hash
07e9cdfdbd2defb1285c7d45ad333e05
433829306cfa610aaf1dcfaceb70569f415b6442
c1abc2607c39c860f1b4df4575a9776573fc5832751c902619b00f4d15608c99

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/6424058 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:23:30 GMT
content-type: application/javascript
x-trace-id: 443bbb0c728dd8921ca74f0e5e1ab1e1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=030053f892644888fa872267c52e74e7; expires=Mon, 05 May 2025 13:23:30 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

gabblewhining.com/pixel/purst?dl=0&th=0&sc=0&rs=1185&rd=1185&fd=741&bv=24.5.6485&tmpl=70

172.240.108.84

200 OK

0 B

URL GET HTTP/1.1
gabblewhining.com/pixel/purst?dl=0&th=0&sc=0&rs=1185&rd=1185&fd=741&bv=24.5.6485&tmpl=70
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjectgabblewhining.com
FingerprintF0:84:D3:40:EA:2D:AB:6F:9E:1C:8D:B9:D1:18:83:5A:B1:B1:7C:10
ValiditySun, 28 Apr 2024 10:03:37 GMT - Sat, 27 Jul 2024 10:03:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1185&rd=1185&fd=741&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: gabblewhining.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 13:23:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

downstairsnegotiatebarren.com/sfp.js

172.67.180.87

200 OK

36 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
36 kB (36259 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 13:23:30 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 864c1041a422d3cfdc7610c4e999bf6d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 May 2024 13:23:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9QxS1U8plTBRLcBTpZymcS1x1M3l%2Bx08EBWNtU1pVQYyJrSP6%2FnKXG686HN3PUIx8EcoukIqKXQsY3Keivyxi0m1X6LQh1CbDB4tTD6GgC9qgD63xSBOzdpAgCvIHbEyuIfurMbTX2pE1HR0m7CPng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f10ba5b97eb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
b79b7278508690398be08f565b074190
26818f2959d5af56f47c87d7301552cd1aeb2d07
bc08a5c25efc6acb62b8aaf5c9bbe0706c09b5b2ad34ddadcd6d142c02cdfa9b

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:23:31 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://listeamed.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0800531d10054387fbb304ddae2f3b8a; expires=Mon, 05 May 2025 13:23:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

i.guardstorage.net/posters/RXJzkPxznpKvrxbydBeA.poster.jpg

172.67.211.88

200 OK

172 kB

URL GET HTTP/2
i.guardstorage.net/posters/RXJzkPxznpKvrxbydBeA.poster.jpg
IP
172.67.211.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjecti.guardstorage.net
Fingerprint04:03:23:15:78:06:68:60:E6:22:9F:F4:EF:79:DC:D8:DA:79:11:7B
ValidityTue, 16 Apr 2024 11:01:27 GMT - Mon, 15 Jul 2024 11:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 852x476, components 3
Size
172 kB (171973 bytes)
Hash
4d636043f74dbd3b98aba57176d3f125
31f885be8c3b541c67c3360250ea8828dc97a664
521208fba50d7420ab3e29c53c011646ef1dbc3c9d38b6e80e534cc36bcb0abe

HTTP Headers

GET /posters/RXJzkPxznpKvrxbydBeA.poster.jpg HTTP/1.1
Host: i.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 13:23:31 GMT
content-type: image/jpeg
content-length: 171973
last-modified: Sun, 07 Apr 2024 17:55:53 GMT
etag: "6612de29-29fc5"
access-control-allow-origin: *
x-server: cdn2
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y32xpzG3SsaoujVz6wySndkeJfCjxbU3J%2FmojoQhUZpoyaqObkpMYmh39Kyv7Z2%2BYGxhBTa%2FiGemsCEilL8BMXhCbSR%2F5WZB2KZSK%2B4nfYVXPEYQkOTZTDo2BNPVPonMdvsrkNA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f10ba72f8e5699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

capaciousdrewreligion.com/advertisers.js

172.240.108.84

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC
ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 13:23:31 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: acc25f2a643a6a80e38fa811a26464b6
Strict-Transport-Security: max-age=0; includeSubdomains

oaphoace.net/500/6424058?excludes=&oaid=0800531d10054387fbb304ddae2f3b8a&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F4e7e6f547c7e6a744f72767c667d60&drf=https%3A%2F%2Flisteamed.net%2Fv%2FJzkPxznpKvrxbyd&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0

139.45.197.239

200 OK

0 B

URL OPTIONS HTTP/2
oaphoace.net/500/6424058?excludes=&oaid=0800531d10054387fbb304ddae2f3b8a&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F4e7e6f547c7e6a744f72767c667d60&drf=https%3A%2F%2Flisteamed.net%2Fv%2FJzkPxznpKvrxbyd&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjectoaphoace.net
Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4
ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/6424058?excludes=&oaid=0800531d10054387fbb304ddae2f3b8a&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F4e7e6f547c7e6a744f72767c667d60&drf=https%3A%2F%2Flisteamed.net%2Fv%2FJzkPxznpKvrxbyd&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://listeamed.net/
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:23:31 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://listeamed.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fe484dc1-fd2e-4143-83ac-f196c66597c0

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fe484dc1-fd2e-4143-83ac-f196c66597c0
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C
ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fe484dc1-fd2e-4143-83ac-f196c66597c0 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1453
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 05 May 2024 13:23:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://listeamed.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

i.guardstorage.net/previews/RXJzkPxznpKvrxbydBeA.preview.jpg

172.67.211.88

200 OK

869 kB

URL GET HTTP/2
i.guardstorage.net/previews/RXJzkPxznpKvrxbydBeA.preview.jpg
IP
172.67.211.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjecti.guardstorage.net
Fingerprint04:03:23:15:78:06:68:60:E6:22:9F:F4:EF:79:DC:D8:DA:79:11:7B
ValidityTue, 16 Apr 2024 11:01:27 GMT - Mon, 15 Jul 2024 11:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 765x4080, components 3
Size
869 kB (869216 bytes)
Hash
ab10765b89429b3c7618a7ea398d99a0
91972b4ffce0b16dce5c3c24f57acf3b4144ab87
e489e21be672af81b28042ea9b06f2da0fa8a1d1d91fd9b9a19754ee989c9ba2

HTTP Headers

GET /previews/RXJzkPxznpKvrxbydBeA.preview.jpg HTTP/1.1
Host: i.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 13:23:31 GMT
content-type: image/jpeg
content-length: 869216
last-modified: Sun, 07 Apr 2024 17:56:04 GMT
etag: "6612de34-d4360"
access-control-allow-origin: *
x-server: cdn2
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZecjTGxzDPgCK%2BSMbbAtzxpHEDZir%2FupvFTdMJJYr2lI1JqQgZl1SWC8WUZF%2B17bi3b7eyzIS9Jpu1shLp2W4B30qrMNwrXCVuKmnm6amvhoju4iHfhJo5akHkMUAHzYGv%2Ft%2Flg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f10ba848a35699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

offerimage.com/www/images/ae3860cff8da21042245e4d26341aec8.png

104.22.32.172

200 OK

60 kB

URL GET HTTP/2
offerimage.com/www/images/ae3860cff8da21042245e4d26341aec8.png
IP
104.22.32.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
60 kB (60492 bytes)
Hash
ae3860cff8da21042245e4d26341aec8
d269ef2eb3b874b206683eaa192557cc912d1d9b
5312d856f309d28367406622b04cea5458e7853572fdf5e9ba79be6c03f8b0c6

HTTP Headers

GET /www/images/ae3860cff8da21042245e4d26341aec8.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 13:23:31 GMT
content-type: image/png
content-length: 60492
last-modified: Wed, 06 Dec 2023 13:53:30 GMT
etag: "65707cda-ec4c"
expires: Sun, 05 May 2024 17:32:12 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 71479
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f10bab59b5abde-CPH
X-Firefox-Spdy: h2

3ymvxmq6w4.guardstorage.net/hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/seg-1-f1-v1-a1.ts?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409

135.125.67.87

200 OK

840 kB

URL GET HTTP/2
3ymvxmq6w4.guardstorage.net/hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/seg-1-f1-v1-a1.ts?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409
IP
135.125.67.87:443
ASN
#16276 OVH SAS

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerSectigo Limited
Subject*.guardstorage.net
FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1
ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
840 kB (839608 bytes)
Hash
dde926927907c034d81ff506a05b098d
6240cc0199cfb2bb40bb64c6bfb7ebe86ae075ba
7ae3782f129de36b67efa9a4fbc866f8447c9f36669ac400d938f31cb0494fba

HTTP Headers

GET /hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/seg-1-f1-v1-a1.ts?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409 HTTP/1.1
Host: 3ymvxmq6w4.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.21.4.3
date: Sun, 05 May 2024 13:23:34 GMT
content-type: video/MP2T
content-length: 839608
etag: "3a1794b0-ccfb8"
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
expires: Tue, 13 Aug 2024 13:23:34 GMT
cache-control: max-age=8640000
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
61b5d37d0909f032873498eff9cff849
8c4dd39c818c6a08a46eba2d6b2f6367090e60b3
bf38802db18855f8e1a0c9758db309a5656bad8c1f42a35fbc6102b9b66ff914

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Cookie: uid_id2=5fb34df9-14fc-432e-a94c-4bcaba87848a:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 13:23:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://listeamed.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

3ymvxmq6w4.guardstorage.net/hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/seg-2-f2-v1-a1.ts?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409

135.125.67.87

200 OK

743 kB

URL GET HTTP/2
3ymvxmq6w4.guardstorage.net/hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/seg-2-f2-v1-a1.ts?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409
IP
135.125.67.87:443
ASN
#16276 OVH SAS

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerSectigo Limited
Subject*.guardstorage.net
FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1
ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
743 kB (743352 bytes)
Hash
788690e417e0cff2302a9c6e065c3a39
d040f61d3ac871695100c7717553fc5b11c7af6e
45c47a0dd7a14c7a6d85b41e67bdd06d6ce03cae6279586a0f2eb594dafc918f

HTTP Headers

GET /hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/seg-2-f2-v1-a1.ts?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409 HTTP/1.1
Host: 3ymvxmq6w4.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.21.4.3
date: Sun, 05 May 2024 13:23:34 GMT
content-type: video/MP2T
content-length: 743352
etag: "3a1794b0-b57b8"
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
expires: Tue, 13 Aug 2024 13:23:34 GMT
cache-control: max-age=8640000
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=5fb34df9-14fc-432e-a94c-4bcaba87848a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=5fb34df9-14fc-432e-a94c-4bcaba87848a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=5fb34df9-14fc-432e-a94c-4bcaba87848a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 13:23:35 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 34e1b74de607600995bfec537c68278d
Strict-Transport-Security: max-age=0; includeSubdomains

oaphoace.net/impression/VB5QRS5SVz3-9E8xAPnF30UStnYwkOgypfd6Ws6ty39FtqoJ40MJzsJCreg39YkzbAfC1CXeA6uVgotOrk1TGd_xqxuEw4Afs9qAJKn6Tyflvl_B12_F2s1HfUATGHDK-Y4XJ8eyk03CqcN_5UxW9LkneOkVI-S9LGgvSzrStXoL--AQYPmjp4u_rhd1F0wlUvFpLTU_w-uNnwrYXCBFQzRjzacTmfDdQkMJLEyEOBrw1DQLc24CjOQYip6T9ELkCCVB60TArqwjS6aHfsdhDPKAnAYK33pkVs-cygTlsynaN3llyMYmHb-Pv_GsJhFKaVSq1mx5X9jVdr11nzLF62fMHF9t4VqbTRox-fJ87HPp3FPcCi4yY2024nMGWEFgophFYpJ69o0APP9J0PXZPoIrkUgw2THJA6yeEZtalEelVRApmu76fc4nItLyxFS_nEtdj9ePuZnkpN-OjfHj2mVkwjMaAKexjGGjcrsLvgb4_9Rlhxfd2xv6Uz43M89Bagrf_VJiT7OaXUfk-5l6IBg43YfDNNHzTvMwYqf_ITBvy3_2oDwPjM9eTlIxqOC3-eGcnByLh7zgPzBKZO3x5VtT-MBV0l_wVGywCOxXXTQpl4vEum73ZwjmmEIQk5L2hkn0PyCapp1ypJ-6PSVWhQ8Dw0vY1muh8cYspQSNt07SP5_B9weXoBlXzMhAb-Q921ANmHCRNWO8h6dgFu1q_AsaxEdFjohQavswM_YEwKGRcYO7wkTrrcm90eKEIv72s6SlCsEmUoVMqQhWJjxPvDsK600RIrfrcpfZiOwY8c0=?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F4e7e6f547c7e6a744f72767c667d60&drf=https%3A%2F%2Flisteamed.net%2Fv%2FJzkPxznpKvrxbyd&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0

139.45.197.239

200 OK

43 B

URL GET HTTP/2
oaphoace.net/impression/VB5QRS5SVz3-9E8xAPnF30UStnYwkOgypfd6Ws6ty39FtqoJ40MJzsJCreg39YkzbAfC1CXeA6uVgotOrk1TGd_xqxuEw4Afs9qAJKn6Tyflvl_B12_F2s1HfUATGHDK-Y4XJ8eyk03CqcN_5UxW9LkneOkVI-S9LGgvSzrStXoL--AQYPmjp4u_rhd1F0wlUvFpLTU_w-uNnwrYXCBFQzRjzacTmfDdQkMJLEyEOBrw1DQLc24CjOQYip6T9ELkCCVB60TArqwjS6aHfsdhDPKAnAYK33pkVs-cygTlsynaN3llyMYmHb-Pv_GsJhFKaVSq1mx5X9jVdr11nzLF62fMHF9t4VqbTRox-fJ87HPp3FPcCi4yY2024nMGWEFgophFYpJ69o0APP9J0PXZPoIrkUgw2THJA6yeEZtalEelVRApmu76fc4nItLyxFS_nEtdj9ePuZnkpN-OjfHj2mVkwjMaAKexjGGjcrsLvgb4_9Rlhxfd2xv6Uz43M89Bagrf_VJiT7OaXUfk-5l6IBg43YfDNNHzTvMwYqf_ITBvy3_2oDwPjM9eTlIxqOC3-eGcnByLh7zgPzBKZO3x5VtT-MBV0l_wVGywCOxXXTQpl4vEum73ZwjmmEIQk5L2hkn0PyCapp1ypJ-6PSVWhQ8Dw0vY1muh8cYspQSNt07SP5_B9weXoBlXzMhAb-Q921ANmHCRNWO8h6dgFu1q_AsaxEdFjohQavswM_YEwKGRcYO7wkTrrcm90eKEIv72s6SlCsEmUoVMqQhWJjxPvDsK600RIrfrcpfZiOwY8c0=?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F4e7e6f547c7e6a744f72767c667d60&drf=https%3A%2F%2Flisteamed.net%2Fv%2FJzkPxznpKvrxbyd&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjectoaphoace.net
Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4
ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/VB5QRS5SVz3-9E8xAPnF30UStnYwkOgypfd6Ws6ty39FtqoJ40MJzsJCreg39YkzbAfC1CXeA6uVgotOrk1TGd_xqxuEw4Afs9qAJKn6Tyflvl_B12_F2s1HfUATGHDK-Y4XJ8eyk03CqcN_5UxW9LkneOkVI-S9LGgvSzrStXoL--AQYPmjp4u_rhd1F0wlUvFpLTU_w-uNnwrYXCBFQzRjzacTmfDdQkMJLEyEOBrw1DQLc24CjOQYip6T9ELkCCVB60TArqwjS6aHfsdhDPKAnAYK33pkVs-cygTlsynaN3llyMYmHb-Pv_GsJhFKaVSq1mx5X9jVdr11nzLF62fMHF9t4VqbTRox-fJ87HPp3FPcCi4yY2024nMGWEFgophFYpJ69o0APP9J0PXZPoIrkUgw2THJA6yeEZtalEelVRApmu76fc4nItLyxFS_nEtdj9ePuZnkpN-OjfHj2mVkwjMaAKexjGGjcrsLvgb4_9Rlhxfd2xv6Uz43M89Bagrf_VJiT7OaXUfk-5l6IBg43YfDNNHzTvMwYqf_ITBvy3_2oDwPjM9eTlIxqOC3-eGcnByLh7zgPzBKZO3x5VtT-MBV0l_wVGywCOxXXTQpl4vEum73ZwjmmEIQk5L2hkn0PyCapp1ypJ-6PSVWhQ8Dw0vY1muh8cYspQSNt07SP5_B9weXoBlXzMhAb-Q921ANmHCRNWO8h6dgFu1q_AsaxEdFjohQavswM_YEwKGRcYO7wkTrrcm90eKEIv72s6SlCsEmUoVMqQhWJjxPvDsK600RIrfrcpfZiOwY8c0=?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F4e7e6f547c7e6a744f72767c667d60&drf=https%3A%2F%2Flisteamed.net%2Fv%2FJzkPxznpKvrxbyd&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Cookie: OAID=0800531d10054387fbb304ddae2f3b8a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:23:36 GMT
content-type: image/gif
content-length: 43
x-trace-id: 8d5e82185304cbdb1aa1be023add6c58
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/ae3860cff8da21042245e4d26341aec8.png

104.22.32.172

200 OK

60 kB

URL GET HTTP/2
offerimage.com/www/images/ae3860cff8da21042245e4d26341aec8.png
IP
104.22.32.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
60 kB (60492 bytes)
Hash
ae3860cff8da21042245e4d26341aec8
d269ef2eb3b874b206683eaa192557cc912d1d9b
5312d856f309d28367406622b04cea5458e7853572fdf5e9ba79be6c03f8b0c6

HTTP Headers

GET /www/images/ae3860cff8da21042245e4d26341aec8.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 13:23:36 GMT
content-type: image/png
content-length: 60492
last-modified: Wed, 06 Dec 2023 13:53:30 GMT
etag: "65707cda-ec4c"
expires: Sun, 05 May 2024 17:32:12 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 71484
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f10bca485dabde-CPH
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 300516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 100499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.106

200 OK

9.7 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
9.7 kB (9654 bytes)
Hash
033802060a15739b68df279f41a6d021
f226bd4f6acca73d9efc7ad7ce7006e6894c876d
698f961f470a89becf1e49420de0c235762b6cedfd0154abf2ab5752223623af

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 13:23:36 GMT
date: Sun, 05 May 2024 13:23:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

listeamed.net/assets/jwplayer/8.28.1/jwpsrv.js

188.114.96.1

200 OK

65 kB

URL GET HTTP/3
listeamed.net/assets/jwplayer/8.28.1/jwpsrv.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
JavaScript source, ASCII text, with very long lines (65100), with no line terminators
Size
65 kB (65100 bytes)
Hash
8035032c7bcdff774adfcf60e84b450d
1eb7f0268ef459954dea51343ef96720ed370566
b676f19bfd6bc7f2d07cdf0d00beb0c75ad04d1a8e4268df0f10ddbffb7313bf

HTTP Headers

GET /assets/jwplayer/8.28.1/jwpsrv.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38BNsX%2BfjkTvYwaxMT%2BjoAG52psemvUUHBsHWFdkiri7ywjOPPYb70CAkmbHPZqmeuy5UYbpLjzOAQ2XNjWAtHEuGVn7XQaahwAmcYtRzN6MeUtWo79l1aFY3kzWn8Iq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10ba5790f56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

43 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/v/JzkPxznpKvrxbyd
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1572)
Size
43 kB (43274 bytes)
Hash
3e32afaeab15a05db2c05ffbc64301d4
16263be6088f307dacc812b4db01f4e5be4cf122
659fcc80b9999153ced6cbc81530b538d814fb0a4a4029f3d0576744dc445184

HTTP Headers

GET /css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 13:23:29 GMT
date: Sun, 05 May 2024 13:23:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

216.58.207.227

200 OK

25 kB

URL GET HTTP/2
fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/v/JzkPxznpKvrxbyd
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24964, version 1.0
Size
25 kB (24964 bytes)
Hash
ab1e118c3ab25d4210327093166ca977
6d6c24619115649c4c80a20d725c78f65175fb38
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc

HTTP Headers

GET /s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 11:39:22 GMT
expires: Sat, 03 May 2025 11:39:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 14:50:32 GMT
content-type: font/woff2
age: 179047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

listeamed.net/assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6

188.114.96.1

200 OK

109 kB

URL GET HTTP/3
listeamed.net/assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
109 kB (109142 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:31:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1026
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2B5DzGdM1E3ZYCGZ9xJE61iYBsXE9liGwC8cd9J4D6SEmEnjIb%2FiQa5nPA3mnQmB%2BZiWwrnR2Bj%2FKIRW0pm%2B2%2BWTrpRJ6UUX6nF7VF5MCLdR%2BZursVxw1xSBe%2FKhZGuf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10ba09c5556b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

listeamed.net/assets/jwplayer/8.28.1/provider.hlsjs.js

188.114.96.1

200 OK

423 kB

URL GET HTTP/3
listeamed.net/assets/jwplayer/8.28.1/provider.hlsjs.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
423 kB (423017 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/jwplayer/8.28.1/provider.hlsjs.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 869
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6bW4XNo73gLJ5UPqUwZYgqGEESvMJg%2BnD6%2FftmyJlazDx1vv28Xt0opGfleBv3ni31DM4HnVWKN%2BtSzdLRKwhHkHLqY%2FGJCbWUSuC%2FwbQ89FKzAKZu1fx%2Bl3y59Wbmkl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10ba5c97656b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.guardstorage.net/previews/RXJzkPxznpKvrxbydBeA.preview.vtt

172.67.211.88

200 OK

8.8 kB

URL GET HTTP/2
i.guardstorage.net/previews/RXJzkPxznpKvrxbydBeA.preview.vtt
IP
172.67.211.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerLet's Encrypt
Subjecti.guardstorage.net
Fingerprint04:03:23:15:78:06:68:60:E6:22:9F:F4:EF:79:DC:D8:DA:79:11:7B
ValidityTue, 16 Apr 2024 11:01:27 GMT - Mon, 15 Jul 2024 11:01:26 GMT

File type
WebVTT subtitles, ASCII text
Size
8.8 kB (8798 bytes)
Hash
2fc2e7c51a52f72824a89d103a56c0b8
62e303778a97b937ff7565e3a52737bd6ea97eef
c3352fd63fb65dd1263c5e09c0fc0de0233538f9be32d36aa264587e492df00b

HTTP Headers

GET /previews/RXJzkPxznpKvrxbydBeA.preview.vtt HTTP/1.1
Host: i.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 13:23:31 GMT
content-type: application/octet-stream
content-length: 8798
last-modified: Sun, 07 Apr 2024 17:56:04 GMT
etag: "6612de34-225e"
accept-ranges: bytes
access-control-allow-origin: *
x-server: cdn2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIflhRg2YII4kOwaF9AJTTXkQ7I9LAcR5V3uwU3eBQrm4fJsyrnf%2BL8XVhFu22kZb3Mn%2BUX9Qfpb8ym9KgKRI6upX7PxGiWLrZdqH4%2FXy0yRU157j6kp1JU7n3gnDXOVNuJPh48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10ba71ad256b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

listeamed.net/assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c

188.114.96.1

200 OK

46 kB

URL GET HTTP/3
listeamed.net/assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/v/JzkPxznpKvrxbyd
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
ASCII text, with very long lines (449)
Size
46 kB (46207 bytes)
Hash
d54edf9aa1cde0c27571f0d70a5a800c
0280204d67163c971177fe07a97de7e7dd9d9bd4
9f323f60f1cb46c682179cbde508d1ad0ded66950f93f64abf9c80ce643ab4da

HTTP Headers

GET /assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/JzkPxznpKvrxbyd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 14:24:17 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XjoqCDcGGyRG0UcIZ%2BSapRLya37j2MCEMOfphDCVG2rMeIwJV7PFqBbz30DrJbuSWlVA1nxsuEy9eNPitQqanGR3S%2Fqf6jDDTncKZPA%2BLMJLpg3Ch0jpP71OEjINHfP4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10b9b4f0a56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

3ymvxmq6w4.guardstorage.net/hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/index-f2-v1-a1.m3u8?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409

135.125.67.87

200 OK

86 kB

URL GET HTTP/2
3ymvxmq6w4.guardstorage.net/hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/index-f2-v1-a1.m3u8?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409
IP
135.125.67.87:443
ASN
#16276 OVH SAS

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerSectigo Limited
Subject*.guardstorage.net
FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1
ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
86 kB (86424 bytes)
Hash
f24c25a3b9861b504f010a938b60b1c9
1b59b6e3b7f738522f3ef5b3b7285b79e502b017
b02b2c3bd95e5bdc886ffb5d7cf840eb4b75ed5d3abbcd0e5b589176e0f53fec

HTTP Headers

GET /hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/index-f2-v1-a1.m3u8?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409 HTTP/1.1
Host: 3ymvxmq6w4.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.3
date: Sun, 05 May 2024 13:23:34 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Sun, 05 May 2024 13:23:34 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

listeamed.net/v/JzkPxznpKvrxbyd

188.114.96.1

200 OK

7.0 kB

URL User Request GET HTTP/2
listeamed.net/v/JzkPxznpKvrxbyd
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (7303), with no line terminators
Size
7.0 kB (6962 bytes)
Hash
a83a1d4449798f80e70163021d99a783
7eea788c6342b77a5b82aebbf5566a4d65973b4f
c7433eadf6476781b3a60862e4ad9957523b08bfb3954af328776cff39a77c13

HTTP Headers

GET /v/JzkPxznpKvrxbyd HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 13:23:28 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtDUcolIevfwRNjEYOn8YxtV0CDULmLxugz%2Bzizb4TqPz4Wb9NPzAYesFYKyrflmjMTtJIArKjQdLR%2B2AVoEkkoACJc%2BgE9LzCurGNgNq%2FWEt3GTP%2B%2FGvetBgwMssY30"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10b980f3b0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

listeamed.net/assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da

188.114.96.1

200 OK

14 kB

URL GET HTTP/3
listeamed.net/assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
ASCII text, with very long lines (13852), with no line terminators
Size
14 kB (13852 bytes)
Hash
19b624e7fe7a86b4c7851ed61e250626
760a6c0399930b96c61b6e18a6cbb0dbf0125f97
eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e

HTTP Headers

GET /assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 07:00:44 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwxVKcKB9KAmzox%2BBqBdhGB6IhistEkKBZKI7GfhAd4NS7UElp4PFCzgolalxizIMEyndzd5PnAyR74J7iQ9m%2Bq7tCiL%2F2LDydsu91wpCp8ptZOpOB6qIx%2FROMH07qE5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10ba09c5756b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tzegilo.com/stattag.js

172.67.193.52

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1
ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT

File type
JavaScript source, ASCII text, with very long lines (18486)
Size
19 kB (19136 bytes)
Hash
70ebd404c2e1e7bad13998538b56887c
86e57af8ba3cfc2c004da3311835f6b54ba6d848
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 13:23:31 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4233
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFR8RlHrJMNCfHpB63yhMJL5EQH8tngHgd8F1U9G7Wbp42RZvMVkYowNR7e%2FXWwVguxdjg8OMJ0TFF59%2FsFUKoo79dYF4I5cqGJ8aOuInLrKXrXDJ3jMTg0x3%2F7kdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f10ba90c705694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

listeamed.net/assets/js/main.js?id=eddfd74f6de7386e3162347efd9a6be3

188.114.96.1

200 OK

105 kB

URL GET HTTP/3
listeamed.net/assets/js/main.js?id=eddfd74f6de7386e3162347efd9a6be3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
105 kB (105278 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/js/main.js?id=eddfd74f6de7386e3162347efd9a6be3 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 08 Apr 2024 14:13:45 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7FpqNAVA4Gu%2FDspkg%2FH0pJgMoccMuGde52jzmYlKAB6mh4qv9Axciu7aWwBY%2BPl70kYaSjuMOnSJ%2F7%2ByNSZVXuzWjUYMLtdpuBqq32WHFdu%2F%2BkTVsKPecn%2BnpJmcxae"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10ba09c6356b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

3ymvxmq6w4.guardstorage.net/hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/master.m3u8?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409

135.125.67.87

200 OK

1.3 kB

URL GET HTTP/2
3ymvxmq6w4.guardstorage.net/hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/master.m3u8?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409
IP
135.125.67.87:443
ASN
#16276 OVH SAS

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerSectigo Limited
Subject*.guardstorage.net
FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1
ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (1288), with no line terminators
Size
1.3 kB (1268 bytes)
Hash
1698e3a57217cdd88e0da083a429962d
01a828c8885d57749cde9b8347b8a2100a55126e
6ad46d83d47743bddb3fad892b3c4e572862a867fda9ca73b3b27d51fa4ca6fd

HTTP Headers

GET /hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/master.m3u8?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409 HTTP/1.1
Host: 3ymvxmq6w4.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.3
date: Sun, 05 May 2024 13:23:33 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Sun, 05 May 2024 13:23:33 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

3ymvxmq6w4.guardstorage.net/hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/index-f1-v1-a1.m3u8?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409

135.125.67.87

200 OK

86 kB

URL GET HTTP/2
3ymvxmq6w4.guardstorage.net/hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/index-f1-v1-a1.m3u8?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409
IP
135.125.67.87:443
ASN
#16276 OVH SAS

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerSectigo Limited
Subject*.guardstorage.net
FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1
ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
86 kB (86424 bytes)
Hash
7b76a36a1e0402497afb3281ff31b7af
92856ca27e7672b0eb97fd97567e6778885abb22
91f0f38fef216ce9bc6d6e07ad3878e3c5c854ad50a26f6f963afccdbf46b4c7

HTTP Headers

GET /hls_3/16N64KTI_ZUEOeoTPfs0wFcG-vCnhFEpzODSOCJg_hDvbGHi9zGavUZhzXD70zdctVf3M894BtbTeMffBuM6qQ/index-f1-v1-a1.m3u8?sig=vnNY1681KVz1VyvPTJ-80A&expires=1714924409 HTTP/1.1
Host: 3ymvxmq6w4.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.3
date: Sun, 05 May 2024 13:23:33 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Sun, 05 May 2024 13:23:33 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

listeamed.net/e/4e7e6f547c7e6a744f72767c667d60

188.114.96.1

200 OK

56 kB

URL GET HTTP/3
listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/v/JzkPxznpKvrxbyd
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
56 kB (56508 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e/4e7e6f547c7e6a744f72767c667d60 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/JzkPxznpKvrxbyd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uil%2BenOgbdx0p5k6lDdEi%2Faa%2FWtnDgEs9OST%2FhjmDDxpmgg0u8D811x%2FT%2FVkrr310xp%2FBBDlkRLdWhoEN6MR%2FsjtVxHNgN5xc7ARjuQyS83mca9RRcH4OROUpLQcOFFD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10b9dd99156b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

listeamed.net/assets/jwplayer/8.28.1/jwplayer.core.controls.js

188.114.96.1

200 OK

325 kB

URL GET HTTP/3
listeamed.net/assets/jwplayer/8.28.1/jwplayer.core.controls.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
325 kB (325119 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/jwplayer/8.28.1/jwplayer.core.controls.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/4e7e6f547c7e6a744f72767c667d60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 13:23:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 528
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bEWl%2BVkJgXcYejj3lbsr2NsgQfC9J7nDp6jmuIUJz9naKhUvEHz%2FOB01vvtL%2BMGMqh17kI6rlpEsLDAOUKEs9DS2kb%2FP6uWMsOCfhLTpNQvy0%2FWI94zt6ez%2Fub1eY%2B%2FK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10ba5b97356b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2

216.58.207.227

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/v/JzkPxznpKvrxbyd
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30240, version 1.0
Size
30 kB (30240 bytes)
Hash
2a51724cb1aefe32e3183a8e138189cc
c8f36c7eee7c868b5cba392e353d47180643f5f1
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431

HTTP Headers

GET /s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 05:07:54 GMT
expires: Sat, 03 May 2025 05:07:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 Jan 2024 23:13:02 GMT
content-type: font/woff2
age: 202535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by