Overview

URLnflsportz.com/streamnba/nba6.php?sport=basketball
IP 172.67.211.161 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-05 00:17:19 UTC
StatusLoading report..
IDS alerts0
Blocklist alert13
urlquery alerts No alerts detected
Tags None

Domain Summary (35)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
disembroildisembroilassuredwitchcraft.com (2) 0 2022-08-22 14:37:50 UTC 2022-11-27 21:59:30 UTC 192.243.59.12 Unknown ranking
addresseepaper.com (1) 18169 2021-11-01 21:11:31 UTC 2022-12-04 19:16:48 UTC 34.160.73.230
uptimecdn.com (2) 91400 2017-11-14 20:54:27 UTC 2022-12-04 05:28:01 UTC 172.64.111.4
soldierreproduceadmiration.com (7) 0 2022-11-16 05:50:11 UTC 2022-12-04 16:21:22 UTC 173.233.137.44 Unknown ranking
e1.o.lencr.org (3) 6159 No data No data 23.36.76.226
cdn.barscreative1.com (1) 25648 2021-09-16 11:14:42 UTC 2022-07-13 08:11:12 UTC 45.133.44.4
r3.o.lencr.org (7) 344 No data No data 23.36.76.226
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-04 17:12:39 UTC 34.117.237.239
whiskerssituationdisturb.com (1) 0 2022-11-15 09:13:25 UTC 2022-12-04 19:32:04 UTC 192.243.61.227 Unknown ranking
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
s10.histats.com (1) 15211 2012-05-21 17:14:14 UTC 2020-03-16 19:44:20 UTC 46.105.201.240
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-04 17:40:10 UTC 142.250.74.106
s4.histats.com (1) 12782 2012-05-21 17:14:14 UTC 2022-12-04 17:39:30 UTC 149.56.240.128
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-12-04 17:35:43 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
widgets.amung.us (1) 12623 2012-05-21 19:25:54 UTC 2022-12-04 16:19:30 UTC 104.22.75.171
nflsportz.com (2) 93083 2020-09-23 20:29:09 UTC 2022-12-04 23:53:43 UTC 104.21.37.182
ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-04 17:12:40 UTC 34.102.187.140
asacdn.com (2) 184839 2020-08-19 03:20:07 UTC 2022-12-04 23:11:49 UTC 104.21.93.4
friendshipmale.com (1) 0 2022-10-21 12:15:25 UTC 2022-12-04 19:31:59 UTC 104.21.234.92 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.165.41.15
ocsp.pki.goog (3) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
cdn.creative-bars1.com (7) 0 2022-11-15 16:46:22 UTC 2022-12-04 16:21:23 UTC 172.64.108.13 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
swarm.video (1) 126884 2017-10-22 19:55:23 UTC 2022-12-04 19:16:10 UTC 104.21.17.85
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
deliriousholistic.net (4) 0 2022-05-23 19:58:01 UTC 2022-12-04 13:53:56 UTC 172.67.147.224 Unknown ranking
i.imgur.com (1) 5110 2012-05-21 08:09:36 UTC 2018-08-28 18:45:07 UTC 151.101.244.193
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.1.229
whos.amung.us (1) 12687 2017-01-30 05:21:57 UTC 2022-12-04 16:32:04 UTC 172.67.8.141
unseenreport.com (2) 0 2022-03-30 14:33:17 UTC 2022-12-04 16:20:33 UTC 192.243.59.13 Unknown ranking
awstats.cloud (1) 0 2022-07-07 07:16:14 UTC 2022-12-04 19:16:10 UTC 172.67.168.34 Unknown ranking
simplewebanalysis.com (2) 0 2022-02-25 04:06:25 UTC 2022-12-04 17:31:13 UTC 18.185.190.54 Unknown ranking
youradexchange.com (2) 273384 2013-02-04 16:25:46 UTC 2022-12-04 19:03:32 UTC 35.190.41.116

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-05 2 cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-05 2 disembroildisembroilassuredwitchcraft.com Sinkholed
2022-12-05 2 disembroildisembroilassuredwitchcraft.com Sinkholed
2022-12-04 2 whiskerssituationdisturb.com Sinkholed
2022-12-04 2 soldierreproduceadmiration.com Sinkholed
2022-12-04 2 soldierreproduceadmiration.com Sinkholed
2022-12-04 2 soldierreproduceadmiration.com Sinkholed
2022-12-04 2 unseenreport.com Sinkholed
2022-12-04 2 soldierreproduceadmiration.com Sinkholed
2022-12-04 2 unseenreport.com Sinkholed
2022-12-04 2 soldierreproduceadmiration.com Sinkholed
2022-12-04 2 soldierreproduceadmiration.com Sinkholed
2022-12-04 2 soldierreproduceadmiration.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 172.67.211.161
Date UQ / IDS / BL URL IP
2022-12-05 00:17:19 +0000 0 - 0 - 13 nflsportz.com/streamnba/nba6.php?sport=basketball 172.67.211.161
2022-10-16 03:54:12 +0000 0 - 0 - 1 dailynutrient.cn/ 172.67.211.161


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-03 10:16:52 +0000 0 - 2 - 0 new.eureka.cc/PdfLink/qcUQrosmYtu2iLsFckqZtf0 (...) 104.18.28.84
2023-02-03 10:16:44 +0000 0 - 1 - 0 downloads.sharewareonsale.com/files/Shareware (...) 172.67.71.89
2023-02-03 10:16:06 +0000 0 - 0 - 2 stdater.ru/distr/v4/875ec82a-17f9-4c11-b34e-7 (...) 104.21.16.33
2023-02-03 10:15:56 +0000 0 - 0 - 2 stdater.ru/distr/v4/8245cc64-cc7e-408b-959b-4 (...) 172.67.166.16
2023-02-03 10:15:31 +0000 0 - 1 - 0 cdn.discordapp.com/attachments/10271952928833 (...) 162.159.134.233


Last 2 reports on domain: nflsportz.com
Date UQ / IDS / BL URL IP
2022-12-18 16:20:22 +0000 0 - 0 - 7 nflsportz.com/embed/1.php 104.21.37.182
2022-12-05 00:17:19 +0000 0 - 0 - 13 nflsportz.com/streamnba/nba6.php?sport=basketball 172.67.211.161


No other reports with similar screenshot

JavaScript

Executed Scripts (22)

Executed Evals (2)
#1 JavaScript::Eval (size: 1637) - SHA256: d9b74f2617056c1632aeba35735af6d35518d0a0c32fd639d6e8f6764c0fe008
var player;
var hlsjsConfig = {
    liveSyncDuration: 60,
    maxBufferLength: 60,
    liveMaxLatencyDuration: Infinity,
};
var p2p = false;
var src = "https://6q73crmk54a2uk74.cdnexpress37.net:8443/hls/48lr8dvvddpwh.m3u8?s=9xOhb63EZ6-_E3WwRWxv6g&e=1670221029";
if (typeof engine != "undefined" && typeof p2pml != "undefined") {
    if (p2pml.hlsjs.Engine.isSupported()) {
        p2p = true;
        hlsjsConfig["loader"] = engine.createLoaderClass()
    } else {
        src = "https://lnuyz6u92h5v68.cdnexpress63.net:8443/hls/48lr8dvvddpwh.m3u8?s=9xOhb63EZ6-_E3WwRWxv6g&e=1670221029"
    }
}
$(document).ready(function() {
    player = new Clappr.Player({
        source: src,
        parentId: "#player",
        width: "100%",
        height: "100%",
        playback: {
            hlsjsConfig: hlsjsConfig,
        },
        autoPlay: false,
        mute: startMuted,
        stretching: "bestfit",
        watermark: "",
        position: "1",
        watermarkLink: "",
        events: {
            onError: function(e) {
                errorPlaying()
            },
            onPlay: function(e) {
                setTimeout(function() {
                    $(".stream-logo").fadeOut()
                }, 1000);
                if (!videoStarted) {
                    videoStarted = true;
                    setTimeout(function() {
                        var h = document.getElementsByTagName("head")[0],
                            s = document.createElement("script");
                        s.type = "text/javascript";
                        s.async = true;
                        s.src = "//repentancematernity.com/82/05/4d/82054d468d1245b12f8e814444d99462.js";
                        h.appendChild(s)
                    }, 20000)
                }
            },
            onPause: function(e) {
                $(".stream-logo").fadeIn()
            },
            onVolumeUpdate: function(e) {
                $("#btn-unmute").fadeOut()
            },
            onReady: function() {}
        }
    });
    if (p2p) {
        p2pml.hlsjs.initClapprPlayer(player)
    }
    setTimeout(function() {
        player.play()
    }, 3000)
});

function WSreloadStream() {
    $(".stream-offline").css("display", "none");
    var newplayer = player.configure(player);
    newplayer = new Clappr.Player(newplayer.options);
    player.destroy();
    player = newplayer;
    player.mute();
    player.play();
    player.unmute()
}

function WSUnmute() {
    player.unmute()
}
#2 JavaScript::Eval (size: 4273) - SHA256: e4b93992441655dc425a46000681869863b2da086b45fdda0455375f63471bfc
setTimeout(function() {
    $("body").append("<iframe width=\"1366\" height=\"768\" src=\"https://spathefesting.com/iAZoqS9qIg28n/28749\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://eventhenherthis.info/redirect?tid=756113&file=Watch_Live\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=uFkWgZKDzl\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=sGwNIyGLG5\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=s5e83yzhMM\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=CMAs8uhhKm\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=fXHggLmTuE\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=WYbHISCtLV\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=MrwGr89ffS\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=N2JBJxP2ji\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=CX0BW0NjsB\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=HsP3nKe6J5\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=PReDvl944m\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=PReDvl944m\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=XgOPsot9Xe\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=GQg8mmsLEC\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=tDdYeo7o7\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe>")
}, 50000);

Executed Writes (0)


HTTP Transactions (79)


Request Response
                                        
                                            GET /streamnba/nba6.php?sport=basketball HTTP/1.1 
Host: nflsportz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.21.37.182
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 00:17:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-powered-by: PHP/8.0.26
x-turbo-charged-by: LiteSpeed
GreyDedi: HIT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaDDd65K3nPUxCh7%2B0w5HswZ%2FBSiTp8yZEStKDxQqz2%2Bh6fKhqu6vFbYJPuFdqPoanzdmHgDiOZT2SvIFtF%2BpQAZxJrqjm7JQvpXY6idglBQJdGhlCjXdWzUXPpv3Fd0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774898d90b190b55-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   864
Md5:    16ddcf6c8db2a88cf9b72f92ee9e1287
Sha1:   f94ba572cfc80a281a399317d3fcaff424fca96c
Sha256: c04b8498a45e6c0964bb63a9d2f00627a64379511c99ef1ca4f8fbe96cd31a45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2468
Expires: Mon, 05 Dec 2022 00:58:16 GMT
Date: Mon, 05 Dec 2022 00:17:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1511
Cache-Control: max-age=124760
Date: Mon, 05 Dec 2022 00:17:08 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:56:28 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8956
Expires: Mon, 05 Dec 2022 02:46:24 GMT
Date: Mon, 05 Dec 2022 00:17:08 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 23:18:25 GMT
cache-control: public,max-age=3600
age: 3523
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: y3q18wBmC60OjKQE0Z19JHkxaJG0P+/bCk9+DPBp9jYdaJzKbN0C5mER06Y7fQa/pTeMjznt0LsLE6OPuZT8kg==
x-amz-request-id: TYYBB1G7T0Y39V6Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 23:47:45 GMT
age: 1763
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 05 Dec 2022 00:17:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /script/suv4.js HTTP/1.1 
Host: asacdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         104.21.93.4
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 05 Dec 2022 00:17:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdu8Qzh3Y4lzdEeiymgEIRXf2O9sKx54L9-s4gG9efKxUTMQum6Hu9EEMaOLQDhakSKid2ZAtcjqM8googE7L7ZBhnf6E9dh
x-goog-generation: 1669191527960820
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Mon, 05 Dec 2022 00:52:08 GMT
Cache-Control: public, max-age=14400
Age: 1500
Last-Modified: Wed, 23 Nov 2022 08:18:48 GMT
ETag: W/"58a3706369493493b3ca003a227b6fa6"
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FnziKuBxRU1rg5qQvkNdCnMIBuLK97jSasT81%2B1euRDoNwlI8EdbqR6EUhumhpRJqbDznzrR1Eus2S9ovbxbDERRbjC4TIgnq1VmGIi2%2B36wvdC5OztWN4ddJ81"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774898dafa1c0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Size:   33339
Md5:    455da01c3595fe3918c36ee1ed66add3
Sha1:   267a7ea21fe7e4753458d9d97ac1b09dcba4ee63
Sha256: 154ee1f4d4482732ed9e4f6a93ef7a5d6946355a4d88e08b9227527fd343d476
                                        
                                            GET /NL3BScm.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nflsportz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.244.193
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sun, 17 Apr 2022 00:37:57 GMT
etag: "ec43e2e5cda2c56fc34289ddd3a5cb26"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 05 Dec 2022 00:17:08 GMT
age: 3255898
x-served-by: cache-iad-kcgs7200086-IAD, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 14900, 20
x-timer: S1670199428.349558,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 9542
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, progressive, precision 8, 442x114, components 3\012- data
Size:   9542
Md5:    ec43e2e5cda2c56fc34289ddd3a5cb26
Sha1:   22fb5c79b2f82ce661e20b3362f44ecefd4ca79d
Sha256: 6cdde1b80c7d2e072eaf2affe8810fc2a1e6524ee7156beff729dafcab72eb21
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 490
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /f3/ff/25/f3ff254743e75b5348e4304a6a033cab.js HTTP/1.1 
Host: disembroildisembroilassuredwitchcraft.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 00:17:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35d08098a94d195928ac41be21c7674f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (37160), with no line terminators
Size:   13433
Md5:    edfd66d9379004f1a99a4ed1267b3bb3
Sha1:   d31646ce9b623084f5343425816d1fee55e3af79
Sha256: 74f9aa90a511468e55596fd41c7c3355372ea131affcae0af649eecd45817945

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /44/d2/ff/44d2ffbf0b50325497f0d72371421d20.js HTTP/1.1 
Host: disembroildisembroilassuredwitchcraft.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 00:17:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae940ce28d0dd14380afaa80ed281db3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (60170), with no line terminators
Size:   20711
Md5:    991e54d934c85928870d70c9dd397188
Sha1:   65377f4486f63633b0fe7800c994da09a8216286
Sha256: 077672513aac00e58667ad0c2024bca3c02a868fdedee864dd86d3817a4ec861

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1495
Cache-Control: max-age=119677
Date: Mon, 05 Dec 2022 00:17:09 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:31:46 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /script/ut.js?cb=1670199426530 HTTP/1.1 
Host: asacdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         104.21.93.4
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycduQc_-Q_yReIjFJgwVVT0zrYteLdYonr0bTqZ1yhOWtytGGRamRauYRrQSHeWt_hzZMc_u8V8APdTAv9p7CZxlNrfpK24t0
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Sun, 04 Dec 2022 23:34:29 GMT
Cache-Control: public, max-age=14400
Last-Modified: Mon, 29 Aug 2022 11:45:52 GMT
ETag: W/"c7304eebcb5069f68bd3fa9e74218a36"
Age: 2861
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4plG%2Fik3n8z%2BScXA8bICOpyLTxNkG8jqG3KIe%2F52LvYVdFxlYZSolpChLy4%2BngXr0n%2FTlYTqOIo%2BnCUHHuH2MagZdWNCtvqW%2BvUQvfIXBI6aEW3BVhM1OguC18J"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774898df5c0c0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   24411
Md5:    247b9ea3eb310459e21f78029267717c
Sha1:   1d7ea226aaf8046de5af9ef7975ad30398f517ad
Sha256: dd787f72c85d7d6b736c0563371ea98a66542289101d8001a186d5a595ac05dc
                                        
                                            GET /sfp.js HTTP/1.1 
Host: friendshipmale.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         104.21.234.92
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 922a2e8b1eca0012262d4acc866cb2fc
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 05 Dec 2022 00:17:08 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEqc9FL8dgQygsmfDAuYYvdNMv%2BrXgqqZYE1%2BvYDm%2BE2Apdn3jUFmsEwy56CO7UuL8jFPEysyVyHlnuKn%2BsuJoJKDkrUQ2sXXyUeq%2F7grotFKN3oe3z6ynO4Cn0oZpHUvldzFj4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774898df6b1a718d-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   27574
Md5:    b1fa950e77a7db5425f9a5257af02e9c
Sha1:   2d5580451f34ad96218f8b97edf9708f9ee1be87
Sha256: d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134793
Date: Mon, 05 Dec 2022 00:17:09 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 13:43:42 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bVpFSl72WzTNpMg3a-ieVBFfTXx30RoZqSe6K6M-4HF_VIpktfckBg==
Age: 754

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134868
Date: Mon, 05 Dec 2022 00:17:09 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 13:44:57 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UgVcoTD7W2xeL0tidWj4MEsyPwKEVZ2uPBqC8dGwEYM2vbXrhxFwkQ==
Age: 829

                                        
                                            GET /sfp.js HTTP/1.1 
Host: addresseepaper.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         34.160.73.230
HTTP/1.1 429 Too Many Requests
Content-Type: text/html
                                        
Server: openresty
Date: Mon, 05 Dec 2022 00:17:09 GMT
Content-Length: 298
ETag: "6382c3e0-12a"
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   298
Md5:    2d276fc22806d34e2355196fe7bea1f3
Sha1:   0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
Sha256: 9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nflsportz.com
Connection: keep-alive
Referer: http://nflsportz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         18.185.190.54
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 05 Dec 2022 00:17:09 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: http://nflsportz.com
access-control-allow-credentials: true
set-cookie: uid_id2=4aabc44b-ea58-4c32-bf94-a47f69f5dc5a:2:1; expires=Thu, 02 Dec 2032 00:17:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    aa57227bb09edacd4523d09d763c875c
Sha1:   91413175e125ff8d5851dbf5d3046f51adc94cfe
Sha256: e584c85e6b5551387cc4b795f405c0002dcc0885f6e071c89cb6c385a5be774d
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nflsportz.com
Connection: keep-alive
Referer: http://nflsportz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         18.185.190.54
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 05 Dec 2022 00:17:09 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: http://nflsportz.com
access-control-allow-credentials: true
set-cookie: uid_id2=431e2e5b-5c39-469a-8c6e-57f268b48adb:1:1; expires=Thu, 02 Dec 2032 00:17:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    8c8d141faba0533f319ecfde932702fc
Sha1:   74b0624a7e325a04639e030f8855ec0fcb24f3ff
Sha256: e2dbc3d8c9852f95bc54e7ea7ff0401b81cb9a91df18a85dd98b23a98b687fc8
                                        
                                            GET /script/suurl4.php?r=3741283&cbur=0.48320921832035857&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=&cbpage=http%3A%2F%2Fnflsportz.com%2Fstreamnba%2Fnba6.php%3Fsport%3Dbasketball&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&aggr=0 HTTP/1.1 
Host: youradexchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://nflsportz.com
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         35.190.41.116
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: openresty
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1025)
Size:   795
Md5:    a80da907b9e21f37ba2931099b064565
Sha1:   e32a44e3695dd813435b4abbc8853b2ca47f18f9
Sha256: b22f97cc88d25234e95ad16f3c0ec0a7604a8b22820687b4db85cb0e8498e16c
                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=1188&rd=1188&fd=834&bv=22.10.v.9&tmpl=70 HTTP/1.1 
Host: whiskerssituationdisturb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         192.243.61.227
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 00:17:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: utMj/KUQFE/MBfEOxWqpVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.165.41.15
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FTkcqYHUlYx0UIxuy7G/BcBTRos=

                                        
                                            GET /js15_as.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         46.105.201.240
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Mon, 05 Dec 2022 00:10:55 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 646578734
etag: W/"-375139978"
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4547
x-iplb-request-id: 5B5A2A9A:0B31_2E69C9F0:0050_638D3885_189892:A0E2
x-iplb-instance: 42477


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11440), with no line terminators
Size:   4547
Md5:    2b153cb2287eac49566b32fce9c385f8
Sha1:   206074b038daff8bc66d86bca0c5ff35f9f72655
Sha256: 7398435bd3f0dae8206173dd66954ae029dc8787962d5f089bcb548f53409869
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: nflsportz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nflsportz.com/streamnba/nba6.php?sport=basketball
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=431e2e5b-5c39-469a-8c6e-57f268b48adb%3A1%3A1

search
                                         104.21.37.182
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZkB3FQxgez%2BSzHomdCqMnGXcwrBLTpiMPXsQY8fWkoCfqWjpdm6mlRjLIeOwd1jSnfHHWdnZNpO3s0I9vMpG1TFi%2Fwpvo1Ut2bBILyUI5oxhRqr2dt3i69gbzmqCj8f"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774898e10be2b509-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   719
Md5:    3910d691a67d7d3036d43c34957bccdd
Sha1:   dcd6c43fd152adabf7374f2b4ad8f5a5f42071ea
Sha256: 37f71377e5835115b7911a24f06b61f76ad46cf3e53c97dd926a78aa610c20b7
                                        
                                            GET /embed/48lr8dvvddpwh HTTP/1.1 
Host: deliriousholistic.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/
Upgrade-Insecure-Requests: 1

search
                                         172.67.147.224
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hf1=1; expires=Mon, 05-Dec-2022 00:17:09 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=None hf2=1; expires=Mon, 05-Dec-2022 00:17:09 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=None hf3=1; expires=Mon, 05-Dec-2022 12:17:09 GMT; Max-Age=43200; path=/; secure; HttpOnly; SameSite=None
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYQMdQ%2BQ1MsuUYqnvrQDHL5lDPG7ll2ZYcrplo5zLsLj7yRrEzm6nFY8lQ1lwFnBX1gKAQ%2BANYy5JmkupxTNwaGgQIltO0g4fF%2BByHW0eK8lN%2FUc%2FDTm%2BkZYUhH5zC%2B4KBHnybQ35eU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774898dfccfcb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21362)
Size:   9514
Md5:    635dea67c95d5cbe84883053ce496c89
Sha1:   061426db2f8210bff1466614ea14c99b246fef9d
Sha256: a57fced51321c6f13273274e8ee3f11a7d564d5b5fdbab01c079e8c3dae3c5a0
                                        
                                            GET /css/embed.min.css?v=0.4 HTTP/1.1 
Host: deliriousholistic.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://deliriousholistic.net/embed/48lr8dvvddpwh

search
                                         172.67.147.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 09 Jun 2022 09:49:16 GMT
ETag: W/"62a1c21c-4f0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 79
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUq0d499LY1fDXHS2JYK9slwof%2BAV9RlOobWkHCoQf3Ekhg1g%2FBAKvo8S8abT5YjX84u9usujW2SMeh0kBoQNm99qzPPFkiztaIEXk9DW%2F%2BiC4mlE0pKyabMpO5sfy8bLxfcf6%2FYoT4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774898e28ec4b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (1263)
Size:   567
Md5:    70ea747ef94da8b837322d472ea99c24
Sha1:   06906329a7c674f0bc881257d1712bee4efbc8b3
Sha256: be5466632efad2865297324ed51fe19221da776d9c8865f623a275eab4fd7477
                                        
                                            GET /js/jquery.min.js HTTP/1.1 
Host: deliriousholistic.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://deliriousholistic.net/embed/48lr8dvvddpwh

search
                                         172.67.147.224
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 09 Nov 2020 18:05:02 GMT
ETag: W/"5fa984ce-15283"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 79
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ju0CD7UQdZzx8Lj5LBwLfCWX%2FUyjEKXtrU91eSwa8k9UvM%2FZucaORzejE2h4ztWIBfZ37F8rYcWXgaoXSasYtJCtNtR1etDfz6rp4D4w1Bk8MWr1m9R2C5c9RXzWbHCCDHRXdHwLXhs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774898e29c5fb52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (32058)
Size:   30177
Md5:    165a43244de5b28bfdb9422e0ad82b68
Sha1:   dd12888e259036e6c6986a0c65a3b3e38b697f54
Sha256: 200e3fccd025dffd3f7c6ad186f87ea51737db6c85e279b0d8b9626ad7ce1954
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3B1904AE01A75C6C530B0D4E952F53B823B8EBC3BD4EAF62794DAC74999D6B23"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6569
Expires: Mon, 05 Dec 2022 02:06:38 GMT
Date: Mon, 05 Dec 2022 00:17:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=109905
Date: Mon, 05 Dec 2022 00:17:09 GMT
Etag: "638c42d6-116"
Expires: Tue, 06 Dec 2022 06:48:54 GMT
Last-Modified: Sun, 04 Dec 2022 06:48:54 GMT
Server: nginx
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4794
Cache-Control: max-age=123339
Date: Mon, 05 Dec 2022 00:17:09 GMT
Etag: "638c6496-117"
Expires: Tue, 06 Dec 2022 10:32:48 GMT
Last-Modified: Sun, 04 Dec 2022 09:12:54 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EAEEB7D69DCB603E30C744A8CC6A84D38374C455"
Expires: Mon, 05 Dec 2022 11:00:00 GMT
Last-Modified: Sun, 04 Dec 2022 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1241
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774898e33d460afa-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    91511a47471877b07ff8f8127c3d995b
Sha1:   2978336484926e8fbf1373f189c37ffbc4c8ee3b
Sha256: f0159106e2307b99938569195fef91ffbf53098e5a9af032fff8aba22533f941
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5499
Cache-Control: max-age=115404
Date: Mon, 05 Dec 2022 00:17:09 GMT
Etag: "638c42d6-116"
Expires: Tue, 06 Dec 2022 08:20:33 GMT
Last-Modified: Sun, 04 Dec 2022 06:48:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://deliriousholistic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.1.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 05 Dec 2022 00:17:09 GMT
age: 35274
x-served-by: cache-fra-eddf8230106-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 141142
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   141142
Md5:    7e7fdfacdb1943ea810449001d165a53
Sha1:   fc230e8b4a933497a2da4a783574a5b07b889a7e
Sha256: d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf
                                        
                                            GET /css?family=Lato:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://deliriousholistic.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 00:17:09 GMT
date: Mon, 05 Dec 2022 00:17:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4794
Cache-Control: max-age=123339
Date: Mon, 05 Dec 2022 00:17:09 GMT
Etag: "638c6496-117"
Expires: Tue, 06 Dec 2022 10:32:48 GMT
Last-Modified: Sun, 04 Dec 2022 09:12:54 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /stats/0.php?4619793&@f16&@g1&@h1&@i1&@j1670199426868&@k0&@l1&@mNFLSportz%20Live%20Stream%20Online%20Free&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-168072673&@b3:1670199427&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fnflsportz.com%2Fstreamnba%2Fnba6.php%3Fsport%3Dbasketball&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nflsportz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.128
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    25d74503d452a3663feabdf188787d4f
Sha1:   be8afee13c1ada88ed1a4b140782bdd9369b45f8
Sha256: 354f8704eb8528b311ebb8ac5b50105a4609866f60c4f61c37f4b4ee23d1727a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://deliriousholistic.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 457561
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /script/bootstrap.js HTTP/1.1 
Host: uptimecdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://deliriousholistic.net/

search
                                         172.64.111.4
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdtcy7HalQHJUyC2Hse9WMt1C-FU-hYlAZAVkLNa68rryn29ffXUNWZrRedyFTZwTq6nKtCrmmJSM7Nu1HQ_qDhbUA
x-goog-generation: 1669191375948071
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Mon, 05 Dec 2022 00:36:16 GMT
Cache-Control: public, max-age=14400
Age: 878
Last-Modified: Wed, 23 Nov 2022 08:16:16 GMT
ETag: W/"58a3706369493493b3ca003a227b6fa6"
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lBDhyjlHCMug8ZDIctC51PlOj%2BGLtun%2FN425PLpqjI%2F08jFvQ%2FPt2GiKeQm6Y5lHT1RWqFX8EbpUhjv1wbohMGjLNiTBmKsvP5ecW%2F4z7DABJBTYvUA53Yh6bp7xb4z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774898e4ccde070a-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Size:   33339
Md5:    455da01c3595fe3918c36ee1ed66add3
Sha1:   267a7ea21fe7e4753458d9d97ac1b09dcba4ee63
Sha256: 154ee1f4d4482732ed9e4f6a93ef7a5d6946355a4d88e08b9227527fd343d476
                                        
                                            GET /deb.html HTTP/1.1 
Host: deliriousholistic.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://deliriousholistic.net/embed/48lr8dvvddpwh
Upgrade-Insecure-Requests: 1

search
                                         172.67.147.224
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 16:00:17 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owQkv%2FVmyJaTfZONmfvkxNbv9F0Ya7nNmzv1xtYh5Lmzu%2BaB2wiG5igLi9zV5GWkAcUVqvo6%2FKDSdN6FJLePyrEONDaAiJgk6KbZFmjMFpfNdnGEstNMjUVultC1TIXg%2B4JwpHi0Fio%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774898e49d87b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (21362)
Size:   5475
Md5:    12188f70a8b9f8be42c15861e40707ab
Sha1:   3e292ac106967016f34a7a2e1a95c74aa701d1bc
Sha256: b192805dfb1d1c5c89d6baeadcb36d746194ce6c3e23903e82b79b6bd3938864
                                        
                                            GET /script/ut.js?cb=1670199427484 HTTP/1.1 
Host: uptimecdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://deliriousholistic.net/

search
                                         172.64.111.4
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 05 Dec 2022 00:17:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycduW8EouKrVeJdwa6GxkCQK5X7pDwr_vv7f4jRrCRFIkOWw0lnxrROjVF683R55eohQZUg1idCmEd1oa1c7oHYU2gw
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Mon, 05 Dec 2022 00:24:39 GMT
Cache-Control: public, max-age=14400
Last-Modified: Mon, 29 Aug 2022 11:45:52 GMT
ETag: W/"c7304eebcb5069f68bd3fa9e74218a36"
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2teDK%2FYHKyr5%2Fp7f5%2BmV%2B0uN83oujnjs9e05jA8iblRzwi0G5vn%2BcHzgu4LEi9HmHSMqn2kfoOX2sRzXY21hi2t1FkNG%2Far%2FQd7kGeXqontKroDn1CUy5NSENip51IYb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774898e55d94070a-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   24411
Md5:    247b9ea3eb310459e21f78029267717c
Sha1:   1d7ea226aaf8046de5af9ef7975ad30398f517ad
Sha256: dd787f72c85d7d6b736c0563371ea98a66542289101d8001a186d5a595ac05dc
                                        
                                            GET /sbar.json?key=f3ff254743e75b5348e4304a6a033cab&uuid=4aabc44b-ea58-4c32-bf94-a47f69f5dc5a%3A2%3A1 HTTP/1.1 
Host: soldierreproduceadmiration.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nflsportz.com
Connection: keep-alive
Referer: http://nflsportz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 00:17:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nflsportz.com
Access-Control-Allow-Origin: http://nflsportz.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15733447; expires=Tue, 06 Dec 2022 00:17:09 GMT; secure; SameSite=None uid_id2=4aabc44b-ea58-4c32-bf94-a47f69f5dc5a:2:1; expires=Mon, 12 Dec 2022 00:17:09 GMT; secure; SameSite=None pdhtkv=true; expires=Tue, 06 Dec 2022 00:17:10 GMT; secure; SameSite=None uncs=1; expires=Tue, 06 Dec 2022 00:17:10 GMT; secure; SameSite=None pdhtkv29=true; expires=Tue, 06 Dec 2022 00:17:10 GMT; secure; SameSite=None uncs29=1; expires=Tue, 06 Dec 2022 00:17:10 GMT; secure; SameSite=None slecf3ff254743e75b5348e4304a6a033cab=[3789938]; expires=Mon, 05 Dec 2022 00:17:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7ca67921d1b1f44d43d666f33b19ac58
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5923), with no line terminators
Size:   4131
Md5:    339f64b07e5c87c2150be19e5d1adf29
Sha1:   e69eff01e13690b2d730b76ed2304cb204481be6
Sha256: 04d316951e56df7a2011625746b6287d26fbb0c441b86d93af717f0703d10343

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /script/suurl4.php?r=5954546&cbur=0.690627391727695&cbiframe=1&cbWidth=1280&cbHeight=751&cbtitle=&cbpage=http%3A%2F%2Fnflsportz.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=uptimecdn.com&aggr=0 HTTP/1.1 
Host: youradexchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://deliriousholistic.net/
Origin: http://deliriousholistic.net
Connection: keep-alive

search
                                         35.190.41.116
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: openresty
Date: Mon, 05 Dec 2022 00:17:10 GMT
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (989)
Size:   765
Md5:    0f3651b8cf985792da08aa1726571ad3
Sha1:   cdcb8c3c1bfda054d44ad6be6154605002042763
Sha256: 4bc5339371233cc7ab6363a1d72c6a1f0fdaf921343cd4593e1a32d82eae8d46
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5F51B547C0C938514C9FF19953F33C5D88091906B603564F632431D375BFD20E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2983
Expires: Mon, 05 Dec 2022 01:06:53 GMT
Date: Mon, 05 Dec 2022 00:17:10 GMT
Connection: keep-alive

                                        
                                            GET /cwidget/h6qfsjssi5/000000ffffff.png HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://deliriousholistic.net/

search
                                         172.67.8.141
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 00:17:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=295
location: http://widgets.amung.us/draw/?w=colored&n=42400&c=000000ffffff&p=left
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774898e63964b503-OSL

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwYscxRfHq%2FPb30VPRj14UBrJQcGd7Znu3pkxh%2BAao8GYXZLIXlNVXT1bbnVXU9U9PTunxcCSizDeBC%2B939nNokZJ%2FgCJzAZEFsQdBRmCexFPXgJCzjKzA4vvUO%2B9%2BrzD%2B36rdnaLE%2BKhoJO1j3RfKkWXwprnvrEu00iX1r1%2By617Ne%2Biuy7T5eCi25sepvt23Qtr3pvu%2B4Jv6qWGV%2Fe8uld3r0gjYt1bmlHI7H67Xmt7taBRq4cBeua%2FvS0cWOog6p6Q85DR%2BP8bPz2E5COkyYPLwm7mOnvrvaRQNNcG3ejg43Qz1WWK5KyMjYM4PZhPQ9sxIV%2Bcg04P5gqgu3tTBWByTJzf62DpwXxNsO7%2B6aZMQaRg0fMouyMINYKkI3B9BzI6JgCPcH0VaXLvujYl3TqldErHZOHZP5DlmCz88RLS5LsVJXvuTa2KXOrUohdXkL0RZGeErDhE3ncgy0Pw%2FFPI6Gey9Owa0mRv1SoNGU0uBJQyHgRsUdCwtRhwv7HI4nawSINmvNyOw4iHdGaRlCPIeAQlBqD2HArroJAOithBkTlIoolLw3bsec2Yxb7fCjjnvs952FqOwsgPWrGHgk81DJBnA3A1ADfbyMw2NuUApvgBdqOCjRzYnKAbVSgFQWkJSkpQSoIyJyi71X6kbMNW9yJlC1af58Y8%2B9VQ551duq%2FzjkjJbnZCXpgZ9%2FT8j9gUEzf247gRBs3AF82QhX7QEoHvBXSZer7PKYOVFaQ9B2od9OWYvNz4G5k8%2FuACGD2EVYfg8kXQ4lXQcthseKAbw6DloZ9%2Bm8bKZtrk%2FRrXCSJdIcsXkG85u%2BqEvDJbo%2F2bgeBHlyZPXv%2Flr9sr4KZCZip8Ih8TdNTd4Q1dkr0burTk4WqWy0T26fRtb%2BY0Fwtffyi2Sm2iq5ft4Kt3%2BBRMy%2Fu3hM2v0TSSaceSb1ZkFAlzRRsuyPdX7bpga4XdWClMWmTX1t69cjXJjLBW6nQEKo9vPwKXY%2FJcsjP7ta892YE0I5iiQlIckXlA6kPwbBs2O7o0fuA%2B%2FnL%2FT1hNYNTZDMsclEU1NA12dqkkgRJnPWUVrDizgImjR09P2a69i45xQPM7SJMKXVOhqypQNYAt%2FjfMM3N06Vd%2FFmDKGTJlnD2mjPr81ForJ64IYy8WXkOwuM3iJvWidhy0GW3XRZOFtI7cjvlnrZ1%2FAQAA%2F%2F8BAAD%2F%2F4Pk6%2FeNBAAA HTTP/1.1 
Host: soldierreproduceadmiration.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nflsportz.com/
Cookie: u_pl=15733447; uid_id2=4aabc44b-ea58-4c32-bf94-a47f69f5dc5a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf3ff254743e75b5348e4304a6a033cab=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 00:17:10 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a88c83e375803924e3e96b9c77c44d8c
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /draw/?w=colored&n=42400&c=000000ffffff&p=left HTTP/1.1 
Host: widgets.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://deliriousholistic.net/
Connection: keep-alive

search
                                         104.22.75.171
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 05 Dec 2022 00:17:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
content-disposition: filename=wau-widget.png
expires: Sun, 04 Dec 2022 18:11:56 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
CF-Cache-Status: HIT
Age: 108314
Last-Modified: Sat, 03 Dec 2022 18:11:56 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774898e71e401695-ARN


--- Additional Info ---
Magic:  PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Size:   1454
Md5:    f05eb8f35167025cb3d441ea121dc57c
Sha1:   dd2788115b044e8056c5cb889ba757515cea6f16
Sha256: c52917114607419a8eb463757ce13588d79df5d88dc2ad8c0403d9511e877654
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6478758DD37E708534996B23F8189E79637690D22EDFF70D5183A19EC66854DB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11065
Expires: Mon, 05 Dec 2022 03:21:35 GMT
Date: Mon, 05 Dec 2022 00:17:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6478758DD37E708534996B23F8189E79637690D22EDFF70D5183A19EC66854DB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11065
Expires: Mon, 05 Dec 2022 03:21:35 GMT
Date: Mon, 05 Dec 2022 00:17:10 GMT
Connection: keep-alive

                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Findex.html&l=1300&fd=104 HTTP/1.1 
Host: soldierreproduceadmiration.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         173.233.137.44
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 00:17:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3114
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Mon, 05 Dec 2022 00:17:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3114
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Mon, 05 Dec 2022 00:17:10 GMT
Connection: keep-alive

                                        
                                            GET /sb/notifications/games/nutaku/multi/2/img/girls.png HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 05 Dec 2022 00:17:10 GMT
content-length: 322399
last-modified: Wed, 07 Sep 2022 14:37:32 GMT
etag: "6318acac-4eb5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1679037
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnBWrRE2iFjHado0pjUOOJtNNOp8PRKq3%2BDy5EBE3SCfbJFNL%2BQw7kljBIPSw0qFle5FSwZ3DK1U4miIVMZGBSzlBaFxqACQirougoJUngpfGPaGwppvEruwg1FPKPbDvXcVZMVnweLI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774898e88d2774ad-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 729 x 331, 8-bit/color RGBA, non-interlaced\012- data
Size:   322399
Md5:    47b7ae41a98644de6d46d58a0e51a793
Sha1:   b0f736609af3c0b3214ee52cc9f0798dcc972df6
Sha256: b2ad5bf8fc066203168fbceb53b7df6012e8897be344b240e94105af1b4ba0f2
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3114
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Mon, 05 Dec 2022 00:17:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6478758DD37E708534996B23F8189E79637690D22EDFF70D5183A19EC66854DB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11065
Expires: Mon, 05 Dec 2022 03:21:35 GMT
Date: Mon, 05 Dec 2022 00:17:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vg9n0d9YqjfrKwJHGGcztV4gsGENhNYUuC1HUmWFsxRlDdMSpV4IQw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 15:58:47 GMT
age: 29903
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10031
Md5:    bb029b41d342a82250aef6d6f713be6e
Sha1:   cd754bb6094d2e456b95dce8daace45a0de8a121
Sha256: c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7631
x-amzn-requestid: 9fc3a621-dcd9-4332-b085-6cda0cb25ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYF2toAMFVkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-36f6c7d67940ed18394328c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: azPc-KWHbEA3DMhyphQq3zERUrF14hxrEHwxDZZfcFlu5-IpyKwtgw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:17:41 GMT
age: 75569
etag: "ff7740d3c12ce7ab23291272221c0d9503f9c139"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7631
Md5:    50eeb012f0903f0848c8afcd6b26a7ec
Sha1:   ff7740d3c12ce7ab23291272221c0d9503f9c139
Sha256: f4aeac45941c34d8e0794d20a4bb2658b020fed85c5059f247844f2755bc9d72
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _nGZrHCvmP-EKAQG20l1ayIftZ4spFGPuG--vyTpMhbNa9L3pIWhCA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
age: 8921
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3707
Md5:    d7bde76a4dbab17f37747e7da55ad924
Sha1:   56ee7aa6cf94570b1218ef6e767a7036d0b8900f
Sha256: bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:03 GMT
age: 8887
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10183
Md5:    99d1ff8fa2e095dcf2bda3d1e1af1221
Sha1:   f914f04a0e1fb45a221d31d2105bfc73015b03e6
Sha256: 90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGsNaADKr1KoJT7rxDSFf8dxM1_IXsaF67Eqe8DIO9PAJy8HtqQKng==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:42 GMT
age: 75328
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12348
Md5:    b8e6f84dff61fedd8ff9baa9bb648883
Sha1:   f8d5cc7b315879b66a11b403463da1330617d2fa
Sha256: 025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d5IKLNblcA9AzCoGMpGmIGwUu-kQlHlouju5mm2NwsSOin4MFT40mg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:56:21 GMT
age: 8449
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6826
Md5:    a349d02cce160f72cc93f6fb6e45fa46
Sha1:   a6f82481ea0a820da0f199e8f9051a4aa4013c82
Sha256: ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
                                        
                                            GET /pxf.gif?uuid=431e2e5b-5c39-469a-8c6e-57f268b48adb&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=f3ff254743e75b5348e4304a6a033cab&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 00:17:10 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 349788a102893a238f3441ea2b82e2c7
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fanimate.css&l=79249&fd=354 HTTP/1.1 
Host: soldierreproduceadmiration.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         173.233.137.44
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 00:17:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pxf.gif?uuid=431e2e5b-5c39-469a-8c6e-57f268b48adb&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=44d2ffbf0b50325497f0d72371421d20&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 00:17:10 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e9152780cab22f259a5afebb20b47945
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=368 HTTP/1.1 
Host: soldierreproduceadmiration.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nflsportz.com/

search
                                         173.233.137.44
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 00:17:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sb/notifications/games/nutaku/multi/2/js/main.js HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nflsportz.com
Connection: keep-alive
Referer: http://nflsportz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:17:10 GMT
last-modified: Wed, 21 Sep 2022 07:29:33 GMT
etag: W/"632abd5d-20ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSvjjoLHMFUdKB9B27DHGEkDYlaajQ3CRXYlHs%2B7XOHSeALmdcUuBfV4d17K3YBzJFPXDoJv8AQvWUnzBIpQFEOT37A1y92LbsNtcwyxbUhtK2J9ezc00d8R4eyk087cR7JstPyoWb2m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774898e95dd774ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   4117
Md5:    4d35d2bc8d8e06a426e274716da2afa3
Sha1:   f96bc0fbfedfe4e6e03c5e6a6274e589c5a91e9f
Sha256: 30822752beb7c9938b81b1cacbcffe0a74096422f6132d2d67354ea3e133664f
                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSwYscxRfHq%2FPb30VPRj14UBrJQcGd7Z7u3pkxh%2BAao8GYhCSSa6qrqmfLre5qqrqnJ3NaDCy5CONN8NL7nd0sapTkD5DIbEBkQdxRkCG4F%2FHkJSDkLDM7sPgO9d6rzzu877dqa7s8Ih5KOr36kR5IpehK1PDcN27KjOvKupdvuL7X8M66N2W2Gp51%2B7PD9N72vajhvem%2BL9iGXml6vuf5nu9ekEYkur8yp5D5%2FY7f6HiNsNnwoxB989%2Felg4sdcB7R%2BQ0JJ%2F8f%2F2nh5BsjCx9cF7YjULnb72XlooW2qDH9z7ONjJdZUhPysQ4SLK9xTS0nRDyxSnobG%2BhALq3M1OAWE6I87uPONtbrIm4t3u8aawgMsT8eVS9MYQaQ9IxmL4DyQ8JwDguX0GW3rusTUVvH1M6oxOy9OwfyGpClv54CVn63ZqSffe6VmUhdWbRT2rI%2FhiyO0Ze7qMYOJDVPljxKST%2Fmaw8u4Qs3blilYbk0zMhpTELw3hZ0Ki9HLKguRwnnXCZhq1ktZNEnEV0bpGUY8hkDCWGoPYUSuuglA7KxEGZO0j51KVRJ%2FG8VhInQdAOGWNBwFjUXuURD8J24qFkMw1DFPkQTA3BzCZys4kNOYQpf4Bdr2G5A1sQ9HiNShBUlqCiBJUkqAqCqlfvcmWbtr7HlS1jf5GbixzUI110t%2BmuLroiI9v5EXlhbtzT0z9iQ0zdJEiSZhS2wkC0ojgKwrYIAy%2Bkq9QLAkZjWFlD2lOg1sFATsjLzb%2BRy8MPziCm%2B7BqH0y%2BCFq%2BClqNWk0PdH0Utj0Msm%2BzRNlcm2LQYDoF1zXyYgnFbWdbHZFX5mt0fjMQ7ODc9Mnrv%2Fx1aw3M1MhNjU%2FkY4Kuuju6piuyc01Xljy8khcylQM6e9vrBS3E0tcfituVNvzieTv86h02A7Py%2Fg1hi0s04zLrWvLNmuRcmAvaMEG%2Bv2hvivhqadfXSpOV%2BaWr7164mOZGWCt1NgaVh7cegckJeS7dmv%2Fa155sQZoxTFkjLQ%2FIIiD1Pli%2BCZsfnJs8cB9%2FufsnrCYw6mQmzh1UZT0yzfjkUkkCJU56Gtew4sSCWBw8enrMtu1ddI0DWtxBltbomRo9VYOqIWz5v1GRm4NzvwbzQKycUayMsxMroz4%2FttbKqRv5oWjH7RbjPBaM%2B61m0A48r8l52OoIv4PCTthn7a1%2FAQAA%2F%2F8BAAD%2F%2F5fsZRGNBAAA HTTP/1.1 
Host: soldierreproduceadmiration.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nflsportz.com/
Cookie: u_pl=15733447; uid_id2=4aabc44b-ea58-4c32-bf94-a47f69f5dc5a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf3ff254743e75b5348e4304a6a033cab=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 00:17:11 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a42ff339edfb4ed337060e1226699a7f
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2 HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nflsportz.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: application/octet-stream
                                        
date: Mon, 05 Dec 2022 00:17:11 GMT
content-length: 7664
last-modified: Thu, 15 Sep 2022 10:33:29 GMT
etag: "6322ff79-1df0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxRn%2FNwNrjJvVBreX%2BBnZQ8ymhCZSevwKGyTCzAwvL5VC2FNrbQNrGIJQ5I9Fp9Sn17FLIfNxdNz2JahSX%2F%2FGVnHkvQXG6nP1jWINuKlNN%2Ff%2BvT8c%2Boo2RzHdu5HuQQRpiVVKU7JaNAX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774898edb95274ad-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7664, version 1.0\012- data
Size:   7664
Md5:    e41b02c342b94148fdd5e14fb41dcb4a
Sha1:   9d8415fc8df42aa67fa5a6d15d07f58265535cc0
Sha256: d857f01d0c6fd46a16bf82acf8f6f76e7710524972ef7f88a926a0d97cadca0b
                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: soldierreproduceadmiration.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nflsportz.com/
Cookie: u_pl=15733447; uid_id2=4aabc44b-ea58-4c32-bf94-a47f69f5dc5a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf3ff254743e75b5348e4304a6a033cab=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 00:17:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sb/notifications/games/nutaku/multi/2/css/animate.css HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nflsportz.com
Connection: keep-alive
Referer: http://nflsportz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 05 Dec 2022 00:17:10 GMT
last-modified: Thu, 15 Sep 2022 10:38:28 GMT
etag: W/"632300a4-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySGUV6SA5Kg4rx90KO2WiUB4nrYakat2WMUbK4i7WVmEm3Gkd8FmDW73FE%2FW5krSZqf7SNk8WoamnMisltNdW0nmA70aYjCPTK1eGvPwBK7l0AFrg2CzYhnUA5NSUbYi6x2mm2E0OHcx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774898e81cd674ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/games/nutaku/multi/2/js/jquery.min.js HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:17:10 GMT
last-modified: Thu, 18 Aug 2022 08:55:27 GMT
etag: W/"62fdfe7f-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1679037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEBVcSd2a6XTTz%2BGNEO%2BDowD28jvUejBMY2SeyQ7DNmYKmJRPHshc1T9npOkP0lT3z%2FBSQ6YLxnDyMO1D5va73Lf7hBO4qVs4nr9dAjWdK7wi2C1sPvYECwvvQmCYvyvax1ivcXfcisv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774898e88d3074ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/plausible.js HTTP/1.1 
Host: awstats.cloud
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://deliriousholistic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.168.34
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:17:09 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FmbgXv3rcB5t6qiW9VTeXTOp97rwFLe4c6mwvQH%2FhIlIaglXn7pfggQB9FhW2tQPKv0n0QKwayR8WEA3OgDINkvE3aZhr1Q5M5OAXgf%2FGnwoP7QvEwnoOJo0vkqM1Dd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774898e338a9b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /nsns.js HTTP/1.1 
Host: swarm.video
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://deliriousholistic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.17.85
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Mon, 05 Dec 2022 00:17:09 GMT
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=519718
etag: W/"7ee26-183e189fff7"
last-modified: Sun, 16 Oct 2022 16:04:21 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 985221
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROdHLgxB1AWQ08VkeDSbLk1e6HmwBWVbgfS%2BfVLYVO3v9joihQELqXeQSVJ4tzSFkBavJgfipC0ac3ISys8u9ExI0ixTvTJf5Ynyacbcv9DmDe3xRfj37C6bItgNKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774898e30d8a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/games/nutaku/multi/2/index.html HTTP/1.1 
Host: cdn.barscreative1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nflsportz.com
Connection: keep-alive
Referer: http://nflsportz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         45.133.44.4
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Mon, 05 Dec 2022 00:17:10 GMT
server: nginx/1.17.6
last-modified: Thu, 15 Sep 2022 10:38:26 GMT
etag: W/"632300a2-514"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 05 Dec 2022 01:17:10 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sb/notifications/games/nutaku/multi/2/img/close.svg HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 05 Dec 2022 00:17:10 GMT
last-modified: Thu, 18 Aug 2022 08:55:17 GMT
etag: W/"62fdfe75-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1679037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5Nubohd2QW2Lxjz6qcZESpZa9kyjd8vexch%2FuvK0yw%2FkwsAA0Y8B2%2B9YzOOibFh6NfgePDJnQq2%2BTmW5mcoNjob38Gz%2FcjQmDByFJs8jq2mRn9XYKwXOKRWaF8AVSDJ3mF0VN81OxXj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774898e87d2074ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/games/nutaku/multi/2/css/styles.css HTTP/1.1 
Host: cdn.creative-bars1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nflsportz.com
Connection: keep-alive
Referer: http://nflsportz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.108.13
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 05 Dec 2022 00:17:10 GMT
last-modified: Wed, 21 Sep 2022 08:03:32 GMT
etag: W/"632ac554-2c89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WROSklP52uq7R9h5aevDQwGokMK85xRG4fHveZRmnKKSN0YZoFG6xDQbSx0JMAiT8Fpv6FTJ%2BLtouYuXcc7VsTAhTQmuYsrLASkKTSehEUJB53srQf%2FFKCOhAwSnQImZRzh4OkYT0QA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774898e80cd174ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---