Report - streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4

Report Overview

Submitted URL
streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4
IP
172.67.204.103
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-26 21:21:41
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.215.91.121
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	43 kB	142.250.74.72
zikroarg.com	72511	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	25 kB	139.45.197.236
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	46 kB	34.120.237.76
inpagepush.com	78279	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	2.5 kB	139.45.197.237
fleraprt.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	466 B	478 B	139.45.195.254
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.6 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	51 kB	142.250.74.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.2 kB	142.250.74.10
offerimage.com	304078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	13 kB	172.67.22.216
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	20 kB	142.250.74.174
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
gloodsie.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	66 kB	139.45.197.251
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	104.18.32.68
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	739 B	139.45.195.8
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	579 B	702 B	64.233.162.154
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	830 B	172.67.194.45
streamz.ws	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	894 B	1.3 kB	172.67.204.103
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	16 kB	23.36.76.226
stc.cdncache.xyz	641872	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	48 kB	172.67.179.35
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	141 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	inpagepush.com/400/2994135	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	zikroarg.com	Sinkholed
2022-09-26	medium	fleraprt.com	Sinkholed
2022-09-26	medium	zikroarg.com	Sinkholed

JavaScript (37)

	URL	Size	First Seen	Last Seen
	streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4	59 kB	2023-03-07	2023-03-13
Pretty URL streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 IP 172.67.204.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2023-03-13 17:49:21 Times Seen1 Hash 3d2c2fbe74e22bba38c93dc9f11b0652 694e539d2ff12fdd75258a60779462f0f5d60fd6 72c74252e9d5410fd5f94ef72c30757030916ef9e1ad1f11ea30e2dfeb36ecb3 Loading...

	inpagepush.com/400/2994135	80 kB	2023-03-08	2023-03-08
Pretty URL inpagepush.com/400/2994135 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:59:34 Last Seen2023-03-08 01:59:34 Times Seen1 Hash d1630b011792c3846a0c8332646b0e6f 922f8d87a43dcbd344f349bed659dc4e95e27ae4 09fad7018c2d453292d4e24eb177bed27310a1a785d0f0a8a24727a742443528 Loading...

	stc.cdncache.xyz/js/jquery-2.1.4.min.js	84 kB	2023-03-07	2024-05-10
Pretty URL stc.cdncache.xyz/js/jquery-2.1.4.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-05-10 18:45:57 Times Seen7482 Hash f9c7afd05729f10f55b689f36bb20172 43dc554608df885a59ddeece1598c6ace434d747 f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c Loading...

	stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.video.min.js	21 kB	2023-03-07	2023-12-29
Pretty URL stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.video.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2023-12-29 10:56:18 Times Seen13 Hash 0f09c2483d1a22a14991e13219030678 9eed3176f0f49b3dd6eeed12fc702764294d4074 04e70015b702294a15a9119c7fb4fa340594ae889f78bf996026634522883cc8 Loading...

	stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.slideanims.min.js	28 kB	2023-03-07	2024-05-04
Pretty URL stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.slideanims.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:50 Last Seen2024-05-04 05:27:15 Times Seen187 Hash 58482663f0b229051d659b22fd17fdff c152fe02690edaa8c4207e31ff6fd37204d0b60b a70f6cd4d5e2e3feff8f3a41502ae8871c91cfd180ad8db858e7962c515e9e7f Loading...

	stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.parallax.min.js	8.6 kB	2023-03-07	2024-05-08
Pretty URL stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.parallax.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2024-05-08 21:50:35 Times Seen57 Hash 23952e9fe8e48a8b299373f8480c5799 4da5cc7e107d742a1c424e3a7172a91b883aed40 4acb9405c8c9ccbefba332e99dde5f02ba3f47d2a9c6e29580d7d17a5dec656f Loading...

	stc.cdncache.xyz/js/mfn.menu.js	1.5 kB	2023-03-07	2023-08-03
Pretty URL stc.cdncache.xyz/js/mfn.menu.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2023-08-03 22:35:15 Times Seen6 Hash 238f5c3a7e1fe139ba4ecfbfbeb18fab 68bf0387b9e2114dcc13b6d852ece2a920705d88 af159b8333e973abaae8669749316f23d991ae5bf32683cd8c098aacc9483c68 Loading...

	stc.cdncache.xyz/js/animations/animations.js	1.7 kB	2023-03-07	2024-03-19
Pretty URL stc.cdncache.xyz/js/animations/animations.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2024-03-19 21:17:17 Times Seen12 Hash 68a35c9ee9d02f91313fdff84ce6326f 5871d4c0a192443739b1ffe61a0b6d17adb53214 c985202189156b6149a27bd6cf5708e63fef99b453ab9aa387348729221d93b1 Loading...

	streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4	93 B	2023-03-07	2023-03-14
Pretty URL streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 IP 172.67.204.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2023-03-14 12:29:19 Times Seen1 Hash f0a8795b836f2bbc9f91606a97229b7e 78a6e8a005f7006d710b581a862781d50eb52e45 005cb1179345e56a8b119c3bf819b7a89784d2f378845613ff182f99603ae848 Loading...

	streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4	155 B	2023-03-07	2023-03-11
Pretty URL streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 IP 172.67.204.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2023-03-11 14:35:49 Times Seen1 Hash aad7dc0804e61ae6c9be8b129a49cc44 c062677211f77c60e924a6f6e4f6cd9176c6d7e2 3b202e5429e59542afad599ff55adce9e58b6ca45e06e0d1e5b8c3c38ac2dbf0 Loading...

	stc.cdncache.xyz/js/scripts.js	42 kB	2023-03-07	2023-03-14
Pretty URL stc.cdncache.xyz/js/scripts.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2023-03-14 11:58:29 Times Seen1 Hash 8c47470073e196a15b1ef17cccdcfdd1 4ad216b698c9548cdb2a5fb7bdd9a6869c1d5a9a f471682a881bf53d3924caf2df733e09d5ecbdc3dc119ac8dc7be722f4b90af0 Loading...

	stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.kenburn.min.js	3.1 kB	2023-03-07	2024-05-08
Pretty URL stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.kenburn.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:53 Last Seen2024-05-08 21:50:35 Times Seen504 Hash 2af3650e079ea088f7467879470e0d8d f1c11075b88f893ecb1addfa957632e93181f85c 2beef56f943cd5a4219ffa68183a1a5a5c1e0a1e3fb9e64d2dfcc68de258eec3 Loading...

	streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4	779 B	2023-03-07	2023-03-13
Pretty URL streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 IP 172.67.204.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2023-03-13 17:49:22 Times Seen1 Hash eadde6849933920e38334ba520abe923 19a522669542ceae19755bfea518ea0886faabe3 d0e292e9338069d586007b1b098c0a08cac72c4f03349f75a6d829ebba189bd7 Loading...

	stc.cdncache.xyz/js/jquery.plugins.js	272 kB	2023-03-07	2023-03-13
Pretty URL stc.cdncache.xyz/js/jquery.plugins.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2023-03-13 17:49:21 Times Seen1 Hash 6f8c6613afba64ac0abb9fcedff01f2a ecb4480bca794634078a6db1f7233243b13c48f1 741b81489d9e2ab27811f810fd1dbc6538e832cab97bfffe0a3de3325c7fd285 Loading...

	stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.actions.min.js	6.8 kB	2023-03-07	2023-12-29
Pretty URL stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.actions.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2023-12-29 10:56:19 Times Seen10 Hash 2341f9cfa470de210218a1be3619a22b 182c9551861a55c15b717a0617e5c7bc12c134ab 8fa99fa4fcb093cd5f2ade7e8e07996f3c38d62f34360f9ddcbe69c6cc8df707 Loading...

	stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.migration.min.js	6.1 kB	2023-03-07	2024-05-01
Pretty URL stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.migration.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2024-05-01 00:22:39 Times Seen171 Hash d01dd682b2b1c47e8975c74d5bdd768b 8065111689f207d2b4b838a49525080cdf1fc5c1 4f811fc19c67d51cc0c0fa6db44f0185d7e646210f18e1586356ceb53fcdcb11 Loading...

	streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4	445 B	2023-03-08	2023-03-13
Pretty URL streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 IP 172.67.204.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:59:34 Last Seen2023-03-13 10:18:46 Times Seen1 Hash e797eacb40b0fa233ff8a0f91786cb66 f83b09664a276120bfb92448612d9e3ee47db247 81ee38dd317fde772fb8afd5adc60f6ba325c96671202a1ac3c315f429718059 Loading...

	stc.cdncache.xyz/plugins/rs-plugin/js/jquery.themepunch.tools.min.js	105 kB	2023-03-07	2024-01-29
Pretty URL stc.cdncache.xyz/plugins/rs-plugin/js/jquery.themepunch.tools.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2024-01-29 08:42:43 Times Seen14 Hash 23581c3d130554bbe9334e9cdd9e1729 9450d272d222fc198a7a5fda1d8bdb8b36988bdc d6c2caf7035615098ded459d3644b2f5f73bb4cc3d596023404d292634d7ebec Loading...

	stc.cdncache.xyz/plugins/rs-plugin/js/jquery.themepunch.revolution.min.js	48 kB	2023-03-07	2024-05-08
Pretty URL stc.cdncache.xyz/plugins/rs-plugin/js/jquery.themepunch.revolution.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2024-05-08 21:50:36 Times Seen210 Hash c6ecd8ad32960082375110d0c9c92522 f2e7922e089dfcef2c4c4a03911f7c9180cbd752 4cbdc7fcfc8d4d8fd4f4e233c44b2b4b62fd273b71b0901050e7b05de84f751e Loading...

	stc.cdncache.xyz/streamz.cc/ads.js	108 B	2023-03-07	2023-03-14
Pretty URL stc.cdncache.xyz/streamz.cc/ads.js IP 172.67.179.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2023-03-14 00:57:13 Times Seen1 Hash aa9647e8c45e7e8983a8a401cd3da8d2 b47d566553387c5709c1c7a18f2e8171669dc1e2 391318ec550ca4b11bd4bef86133a45038481b209425acfa3217e95742895c02 Loading...

	streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4	102 kB	2023-03-07	2023-03-08
Pretty URL streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 IP 172.67.204.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:39:59 Last Seen2023-03-08 02:29:44 Times Seen1 Hash 46fea135d8779c679c2d0706a22f08a3 5cd54121aef1c771b1bad8e8340e69cd52c81f6e ed9cf62d154e465aca23b89b91a888b5646d703d91072a8db940b6bf5026d285 Loading...

	streamz.ws/js/deliver.js?new7	18 kB	2023-03-07	2023-03-14
Pretty URL streamz.ws/js/deliver.js?new7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:32 Last Seen2023-03-14 12:29:18 Times Seen1 Hash 0d7a4bd02de1aba35e294c38c6246ec6 681676a29cc8b23e094b21726e1a4877b9f48081 90b67f9c5a6a6ef6c352b886cbdaa2b493b30c1cd67cfc093d86ff5b0ec21a0d Loading...

	stc.cdncache.xyz/streamz.cc/468x60.js	21 B	2023-03-07	2024-03-26
Pretty URL stc.cdncache.xyz/streamz.cc/468x60.js IP 172.67.179.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2024-03-26 15:09:44 Times Seen13 Hash ffa9ac3c3cae5cd6936e75b31a9b1a17 78d2f278ccde75c485f9044d8b9696b07c3ac827 e4931885329088c789bdcbb6d53d5f434f356582574711a0ec9886d39908a0e8 Loading...

	tzegilo.com/stattag.js	33 kB	2023-03-07	2023-03-17
Pretty URL tzegilo.com/stattag.js IP 172.67.194.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:21 Last Seen2023-03-17 12:47:57 Times Seen1 Hash df875929410d71d763e9fa10b830bb2a b0711a8d2bf6ad4ffa4640534588b423f2ef7fec 0be796b658c6cee0d55aa164994d0d83f9ec7aa7ecf1eb41c1ddf208bba9e3b1 Loading...

	stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.navigation.min.js	24 kB	2023-03-07	2024-05-08
Pretty URL stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.navigation.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2024-05-08 21:50:37 Times Seen195 Hash cbe72321ea7f9ac0c3ff7c54de0e0586 0c54c77a64409d08ef217e18ab6d3f1730fe3faa 3abecf804e8ff4db9ddca99b4bffb6c3755f3fccd8148125a293a54d0525ef61 Loading...

	streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4	103 B	2023-03-08	2023-03-08
Pretty URL streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 IP 172.67.204.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:59:34 Last Seen2023-03-08 01:59:34 Times Seen1 Hash 0967f4c37aadd369fcdff1aeb15b58aa a93430503b821446303f84e9bb4e7ac1e1f431fd c515c4672a82ce5ee752e728cabd363e1485dad3cfba6d405671da75432d2074 Loading...

	stc.cdncache.xyz/js/jquery.jplayer.min.js	53 kB	2023-03-07	2024-05-08
Pretty URL stc.cdncache.xyz/js/jquery.jplayer.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-05-08 04:00:06 Times Seen1015 Hash bcff4f0f0eaaf75435e924eec527616d fe1e7850635b2a1564e8f7f3195617d2eaba73d7 552825b186d7451e0bf6df23e2b78b333e0ccc81aea2dd19055a8adf4b9fe329 Loading...

	stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.layeranimation.min.js	30 kB	2023-03-07	2024-05-08
Pretty URL stc.cdncache.xyz/plugins/rs-plugin/js/extensions/revolution.extension.layeranimation.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:44 Last Seen2024-05-08 21:50:37 Times Seen197 Hash c0fa89005229d680839d5e2039ef1e56 9cc626bbe55429e6b7798cff300302cb7c0886ec cbb1d565ceccc2cc16a738a31c6dbdf143324d8c9ee135e3a96adda58bbee23d Loading...

	streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4	218 B	2023-03-08	2023-03-13
Pretty URL streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 IP 172.67.204.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:59:34 Last Seen2023-03-13 10:18:46 Times Seen1 Hash 1577a964a297cc0151c2a53f4d9a4964 89eed745f7d8160a8a0b4b36424674a0e7094dfb bb6c77cae76aee51cea52211a0508b54a3b5e7c0a8be92df8f3a5a11f3b78c37 Loading...

	http:blank	664 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:59:34 Last Seen2023-03-08 01:59:34 Times Seen1 Hash 161bcaac227c4adc0c894ee0bd2ca37b c9a0cbdd37668be03030ce180a1e6a0ac61115cc 2e3bd505dbb14cb5e65511b6d84ecac7f7b707dd628b229967b25bf2be12f4ab Loading...

	zikroarg.com/tag.min.js	72 kB	2023-03-07	2023-03-08
Pretty URL zikroarg.com/tag.min.js IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:57:49 Last Seen2023-03-08 03:00:48 Times Seen1 Hash 358577206ea5e0fe901c1d1a575ee1e2 f7c4551ad5da3008c4a7455610c9491c44800683 b8b180ddafc5463d3a58ae6643b320e0247aca1934c6073a8e54de784f32880a Loading...

	gloodsie.com/pfe/current/tag.min.js?z=2456325	15 kB	2023-03-07	2023-03-08
Pretty URL gloodsie.com/pfe/current/tag.min.js?z=2456325 IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:39:59 Last Seen2023-03-08 02:29:44 Times Seen1 Hash b9e91cdb7ebdcf6f7fab4ba420bc0279 7b8168c8e63f7f19f3aa0fd6e9f7de2bda94fc75 b6cfd864214290df187cfdda0bc4245b59615e2e13d3442470eb9224a8845fc5 Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 05:46:16 Times Seen37535207 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4	3.0 kB	2023-03-07	2023-03-14
Pretty URL streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 IP 172.67.204.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2023-03-14 11:58:30 Times Seen1 Hash 566062db44c508a7766c34d8270fcb13 c106db977f36dfab980d3a8788f773db96e396e8 e3a72003c4301a85c034c5e2910ab86cb30ecc568b62eeb96aa7a792b9852ccd Loading...

	streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4	1.5 kB	2023-03-08	2023-03-08
Pretty URL streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 IP 172.67.204.103 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:59:34 Last Seen2023-03-08 01:59:34 Times Seen1 Hash 66625029cefc71fb5c359fb3e1d95b6a 0ef91ccf0f79c626d478571ad7407803eeb23f70 e9763f472cd77cbd189e9f3117a7fb91dfeeb1ab343594ec3a9163fbb6666111 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

		Size	First Seen	Last Seen
	#1 Eval - d3801c1bc5898cd0d96f7de90a9724b7	80 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 01:59:34 Last Seen2023-03-08 01:59:34 Times Seen1 Hash d3801c1bc5898cd0d96f7de90a9724b7 f1d671eff2eb7c524f8012f97618de88e69d5c08 5284dc695cb53836de1028ffcf9a4a053603f4f659c461271149bbc505a3d277 Loading...

HTTP Transactions (79)

URL IP Response Size

streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4

172.67.204.103

301 Moved Permanently

0 B

URL HTTP/1.1
streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4
IP
172.67.204.103:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 HTTP/1.1
Host: streamz.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 21:21:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 26 Sep 2022 22:21:30 GMT
Location: https://streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HH6PdVaAQmXjw7LLURxmKky6G0Nz%2BaKU5t387rv1ut5ZiEhEvntPIy2acDI%2BsUWD%2BZIiwlk%2Fs0ogk2lvLeAiDU1friaCIy96BBUyjG4%2BgcaH30psNFvVGEHd1SPS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750f0cb2dfbbb4ff-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 21:15:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jXiOfU8fEyucuElaVeMFpCKlRVHZ4vYXVBre1fzgFb6jWK9cSw59GQ==
Age: 368

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4635
Expires: Mon, 26 Sep 2022 22:38:45 GMT
Date: Mon, 26 Sep 2022 21:21:30 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SJvJUNYRc4GaNoTbp7CNGl9KWS_zpCkYYiBv0zjU4No1sIRXTF773g==
age: 60375
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
2fb937ea12babc13078de38e9cb562f0
140275e34a879be6644ff9e9a95dc696bd266ece
02280546c4d8520420d062fbaab2f39f8172603b62c138c3284e8799d33afc21

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "02280546C4D8520420D062FBAAB2F39F8172603B62C138C3284E8799D33AFC21"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10986
Expires: Tue, 27 Sep 2022 00:24:36 GMT
Date: Mon, 26 Sep 2022 21:21:30 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
2fb937ea12babc13078de38e9cb562f0
140275e34a879be6644ff9e9a95dc696bd266ece
02280546c4d8520420d062fbaab2f39f8172603b62c138c3284e8799d33afc21

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "02280546C4D8520420D062FBAAB2F39F8172603B62C138C3284E8799D33AFC21"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10986
Expires: Tue, 27 Sep 2022 00:24:36 GMT
Date: Mon, 26 Sep 2022 21:21:30 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 21:10:46 GMT
Expires: Mon, 26 Sep 2022 21:35:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xsc20eEz5l7PU5YIwQraXnq1eedO9TsTbkuoieo3bcRQrhLxiOMjKA==
Age: 644

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
07de9293b936f7f1b41c9c681cd99fe0
441cf97b18a4cbba0f4f2f03378c9468f5310243
63911f626a355a71b707dcfcf2796ced79a70736576ac2c0ef2b3ed3e686b004

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63911F626A355A71B707DCFCF2796CED79A70736576AC2C0EF2B3ED3E686B004"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5294
Expires: Mon, 26 Sep 2022 22:49:44 GMT
Date: Mon, 26 Sep 2022 21:21:30 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5489
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:30 GMT
Last-Modified: Mon, 26 Sep 2022 19:50:01 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.215.91.121

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.91.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0N5OwqG2SRQSyfnyOSPhDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: isQOa4o9MVo+oXxj4SFS6/nemSA=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
69c8d70a9f301d4a1f3e428b1bd6bb33
3c4d48d89da0ee4f3a5becd36949d02a5aef7fbe
30960e7cf46d5ef221106c47a35c455d2bf1da3ebbe75e6eee4596d901bf66ea

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "30960E7CF46D5EF221106C47A35C455D2BF1DA3EBBE75E6EEE4596D901BF66EA"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2870
Expires: Mon, 26 Sep 2022 22:09:21 GMT
Date: Mon, 26 Sep 2022 21:21:31 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
69c8d70a9f301d4a1f3e428b1bd6bb33
3c4d48d89da0ee4f3a5becd36949d02a5aef7fbe
30960e7cf46d5ef221106c47a35c455d2bf1da3ebbe75e6eee4596d901bf66ea

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "30960E7CF46D5EF221106C47A35C455D2BF1DA3EBBE75E6EEE4596D901BF66EA"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2870
Expires: Mon, 26 Sep 2022 22:09:21 GMT
Date: Mon, 26 Sep 2022 21:21:31 GMT
Connection: keep-alive

stc.cdncache.xyz/streamz.cc/468x60.js

172.67.179.35

200 OK

21 B

URL HTTP/2
stc.cdncache.xyz/streamz.cc/468x60.js
IP
172.67.179.35:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
ffa9ac3c3cae5cd6936e75b31a9b1a17
78d2f278ccde75c485f9044d8b9696b07c3ac827
e4931885329088c789bdcbb6d53d5f434f356582574711a0ec9886d39908a0e8

HTTP Headers

GET /streamz.cc/468x60.js HTTP/1.1
Host: stc.cdncache.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: application/javascript
content-length: 21
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=23
etag: "5cb9e1ba-17"
last-modified: Fri, 19 Apr 2019 14:56:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 246
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68Jrna36HiiMCcKkrnewPUCnljwbnZ5Zc0GM0AU%2BOQNXssGFEhggBfPpvy8iLs2lpPMCV%2FL192tw0VTNpGdeXreXuYUyZuJan4YYv7RMpA9lSIitEljEjlpMc8%2ByXWlXwEWf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbb98920b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stc.cdncache.xyz/streamz.cc/400dpiLogoCropped.png

172.67.179.35

200 OK

32 kB

URL HTTP/2
stc.cdncache.xyz/streamz.cc/400dpiLogoCropped.png
IP
172.67.179.35:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1737 x 394, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31883 bytes)
Hash
25a3d6b08a01ab2bcf0f85ae17a9dc9e
37dd263d0dfde403832f710cbd8a8644a0f79d01
614edc281e7a4388888a2d8a8a222d6b1b42e2fe4a27f8de12d8f14f46a2b16d

HTTP Headers

GET /streamz.cc/400dpiLogoCropped.png HTTP/1.1
Host: stc.cdncache.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: image/png
content-length: 31883
last-modified: Mon, 25 Feb 2019 12:57:04 GMT
etag: "5c73e620-7c8b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2084
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojd0tJER0LpLSSLVqSqei72xhfagjcUmbxouvNPayezii7yq0z0R90NGgNxTuPgMX4QnS9yjNYbb2AXEyPDiyWGsuS%2BUPlkpr1Iyw8I4utcaO%2Fr6Xt%2BTN0wd7jatxgOI%2F9XB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbba8990b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stc.cdncache.xyz/content/video/images/home_video_separator1.png

172.67.179.35

200 OK

183 B

URL HTTP/2
stc.cdncache.xyz/content/video/images/home_video_separator1.png
IP
172.67.179.35:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 39 x 7, 4-bit colormap, non-interlaced\012- data
Size
183 B (183 bytes)
Hash
5531d88509a83a5f727f3b584f5a243f
361ea1fa1ffdcb866742f3a2953030c20ac9f0e6
5621651e2aa6f8af81cca48915d4211d364367f3dbc340fa3153370b1c0833d7

HTTP Headers

GET /content/video/images/home_video_separator1.png HTTP/1.1
Host: stc.cdncache.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: image/png
content-length: 183
last-modified: Mon, 22 Feb 2016 15:07:18 GMT
etag: "56cb2426-b7"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2101
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22vPGJIDU0EsT6lJbHf7BTuTx0viqXgB41mbm3rjFfPqe5OxINmp171E30FDB5MUFEYvP3xQHFIO2jilM2P6VtCd%2Fqo0Kzl4SzBiiDaHncdOkPTPyg83FLFj2skZxUqw6P%2B1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbba89a0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stc.cdncache.xyz/streamz.cc/player.png

172.67.179.35

200 OK

8.2 kB

URL HTTP/2
stc.cdncache.xyz/streamz.cc/player.png
IP
172.67.179.35:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 932 x 521, 8-bit/color RGB, non-interlaced\012- data
Size
8.2 kB (8201 bytes)
Hash
38e01e2a7fef39759a8ce1bbb7194f5f
46b997b58a3ea2308f25529ff560d2fe9cbb4106
ee999a93f10fb9b4db0357f4d095493544b2e71000de15854a9bb4331567ed46

HTTP Headers

GET /streamz.cc/player.png HTTP/1.1
Host: stc.cdncache.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: image/png
content-length: 8201
last-modified: Wed, 16 Oct 2019 09:25:48 GMT
etag: "5da6e21c-2009"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 588
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smHOLtEsq22656TsAh%2FyGZ4XoOz95DocBTSGMwb3oXlgiNphvInFsdAAfWwq0IkuqE8NsnJTrEVb51CR9e7MHVkkCccAQ4nB21QcxAtJSkx8JgqdgiHy%2FmjJveCvmMAdoFkH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbba89d0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71a8e223ac48ef39c78c91d9f55ef4f2
95a1111ef9c9919013446902270d268f94e41d9a
526d316df68c81016fc06f5a2ef98e9677a5841fce026ac5eb63f72886e0218e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "526D316DF68C81016FC06F5A2EF98E9677A5841FCE026AC5EB63F72886E0218E"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13271
Expires: Tue, 27 Sep 2022 01:02:42 GMT
Date: Mon, 26 Sep 2022 21:21:31 GMT
Connection: keep-alive

stc.cdncache.xyz/content/video/css/custom.css

172.67.179.35

200 OK

0 B

URL HTTP/2
stc.cdncache.xyz/content/video/css/custom.css
IP
172.67.179.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /content/video/css/custom.css HTTP/1.1
Host: stc.cdncache.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: text/css
content-length: 0
access-control-allow-origin: *
cf-bgj: minify
etag: "5dbc301a-0"
last-modified: Fri, 01 Nov 2019 13:16:10 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaKgSVDrgHKO%2BxocGnWV8l%2BoAyg2947Q70RqKjgzfqzqU7vTKGWMiUxm8cv9pVc6XIno%2Frcj%2F7rKoqFxxXhNiey77r4lf8KfRaZ%2FG76qZe%2FLmWO3dFpeNRyPXpVI0Rh%2BMB73"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbbc8b80b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
69c8d70a9f301d4a1f3e428b1bd6bb33
3c4d48d89da0ee4f3a5becd36949d02a5aef7fbe
30960e7cf46d5ef221106c47a35c455d2bf1da3ebbe75e6eee4596d901bf66ea

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "30960E7CF46D5EF221106C47A35C455D2BF1DA3EBBE75E6EEE4596D901BF66EA"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2870
Expires: Mon, 26 Sep 2022 22:09:21 GMT
Date: Mon, 26 Sep 2022 21:21:31 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gloodsie.com/zone?pub=0&zone_id=2456325&is_mobile=false&domain=streamz.ws&var=&ymid=&var_3=

139.45.197.251

200 OK

714 B

URL HTTP/2
gloodsie.com/zone?pub=0&zone_id=2456325&is_mobile=false&domain=streamz.ws&var=&ymid=&var_3=
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (713)
Size
714 B (714 bytes)
Hash
7419b1f0088ed7da7f93bf5b53309de8
7a9a7fe9d76f3e12acf8ef8b467766835cc37c36
73950e4712259e387551f1c7c6eb234b448da7d7cbdbe4ff3a5307d36a7e70b0

HTTP Headers

GET /zone?pub=0&zone_id=2456325&is_mobile=false&domain=streamz.ws&var=&ymid=&var_3= HTTP/1.1
Host: gloodsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamz.ws/
Origin: https://streamz.ws
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: application/json; charset=utf-8
content-length: 714
x-trace-id: 7923fdc44c0628382a7292f12338f0d6
access-control-allow-origin: https://streamz.ws
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-135498744-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-135498744-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
42 kB (42257 bytes)
Hash
db149a5803ec757bccc714d71a6761b3
3e5978b6b55569ef46d40d608e1b82543f2148e4
f6b821f3d5cf1c53eb978227fd86edaef75cdeaebead6b2c6f922192521921ad

HTTP Headers

GET /gtag/js?id=UA-135498744-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 21:21:31 GMT
expires: Mon, 26 Sep 2022 21:21:31 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

37 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
37 kB (37312 bytes)
Hash
1ec268da70a2cfadf29636e9d03b49fd
9a7f1cbcfa8d92aff3e075a42158fb04844d63c3
9535763e0a6ca03adacaf1dee91c219b6ddc9bd3e5006d585d85e992eb278b5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a73a925782b0c4098e35e08b53b38ff
70df16413b5b2a92ffada4c768e8d4ee1702cf71
b4613beddcfcf332ce7da3f91cbf97ae9726a1045a5111d78bd03bc4ea1f822a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4613BEDDCFCF332CE7DA3F91CBF97AE9726A1045A5111D78BD03BC4EA1F822A"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1522
Expires: Mon, 26 Sep 2022 21:46:53 GMT
Date: Mon, 26 Sep 2022 21:21:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

10 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
10 kB (10405 bytes)
Hash
331afbac3b93476f9eaa65228ea2f7b1
fe926c77645fb7e99c030be18b7e38ac6d963e5f
b19413ae740b73a7173a630e4ecf768d4286084d31b57351c29bf3a071dce8fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4613BEDDCFCF332CE7DA3F91CBF97AE9726A1045A5111D78BD03BC4EA1F822A"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1522
Expires: Mon, 26 Sep 2022 21:46:53 GMT
Date: Mon, 26 Sep 2022 21:21:31 GMT
Connection: keep-alive

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

56 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
56 kB (56302 bytes)
Hash
cf286e2b72f8c8336c40536232bd1ea9
3b70c6600b909f83b48112f1aec7c7df559e1b74
5fa17dd890aa34bf0cc1395ac7997ca343d9db49903c0da2d8793a620c9f1069

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://streamz.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 533470
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Size
24 kB (24408 bytes)
Hash
efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

HTTP Headers

GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://streamz.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:02:01 GMT
expires: Tue, 26 Sep 2023 20:02:01 GMT
cache-control: public, max-age=31536000
age: 4770
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.163

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://streamz.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 533470
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

5.7 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
5.7 kB (5715 bytes)
Hash
16a0ee2a32b4d7f1c3bb1a0abd898368
25ab31a03e18d1a4560a17f45c22c1ce2f074120
5799d8964cd452796748f9a591e952cc6fc683ceb5b07f96282eccc1102d5457

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zikroarg.com/tag.min.js

139.45.197.236

200 OK

23 kB

URL HTTP/2
zikroarg.com/tag.min.js
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (22987 bytes)
Hash
fad81e1d8109da8e32ac620d2e1c3a42
c94ed2cf8e8fa7dae7946433c614664eef017f70
6cbff42c82c58e3cae69cee8a165739c5bf753a47743aa36973d2bf49b7edb2f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: zikroarg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: text/javascript; charset=utf-8
content-length: 22987
content-encoding: br
x-trace-id: c9b4be01502c72dba47690ad602d5362
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 16:03:17 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

gloodsie.com/custom

139.45.197.251

200 OK

0 B

URL HTTP/2
gloodsie.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: gloodsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://streamz.ws/
Origin: https://streamz.ws
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:32 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://streamz.ws
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

gloodsie.com/custom

139.45.197.251

200 OK

0 B

URL HTTP/2
gloodsie.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: gloodsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://streamz.ws/
Origin: https://streamz.ws
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:32 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://streamz.ws
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

gloodsie.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
gloodsie.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: gloodsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamz.ws/
Content-Type: application/json
Origin: https://streamz.ws
Content-Length: 425
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:32 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 65cbebada361080d82adfbe6a6fec963
access-control-allow-origin: https://streamz.ws
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

gloodsie.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
gloodsie.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: gloodsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamz.ws/
Content-Type: application/json
Origin: https://streamz.ws
Content-Length: 702
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:32 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2a6c0ee189e209f3f3f06fb9d2853149
access-control-allow-origin: https://streamz.ws
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0869109d63ef5270595fb34384023a90
f2ec69fdaca2a0327cd3599ac05d0051df3dee41
c4a67afda7094519228049f837e2e0c1674148bd2e564ae2dccc3458bbdb9ed4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:21:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=550425,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750f0cc02ff0b4eb-OSL

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
cf476087bf65f289294c0a41c1a25f96
d1f6091e1c7ea963c5ceb436f2d6a46844ec229c
a2bfe42cf9b73543103ca081ae619a1db970e1768e2dfb0f2b11f464ada8d07b

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamz.ws
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:32 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://streamz.ws
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b2fd03f4f81a46309997ce59abea037d; expires=Tue, 26 Sep 2023 21:21:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7790
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:21:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7790
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:21:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5157 bytes)
Hash
2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 83476
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6443 bytes)
Hash
3a75be68e82e6a0ba74932fbe74c7b30
36310320605833289e78cd248c45915363a0a0c3
56d709b77802037254b7922e3f85d1b1652b70dfc4b6c65b03e4149d3b1f22ca

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6443
x-amzn-requestid: b6f3be01-6086-4fc1-8bec-c4caa1fe806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKMG04IAMFRxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca41-5452d1805d3f4d71303142c9;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tx-lL61dT3iakJd8VZw31hzMklubUDBQxE6LBhxsJUqyMM0bqCk73g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:28:23 GMT
age: 82389
etag: "36310320605833289e78cd248c45915363a0a0c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13584 bytes)
Hash
2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yl8BCwdlIePsc4gIX4IYH0L6NHipn_5fBsa9nyYy14w0m49jPUYXBw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:51 GMT
age: 84221
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7185 bytes)
Hash
6d79a3a5bd7dc7aa6cab306176fafd11
0d5cb1f3e3ea510308034a5e569c0e65fae30835
57979dfcf6fdc76f04e4790c2b94b876e188ac780aa49d9bfc8a58c498dc4203

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: e7b997d7-f9ce-40c6-b9bb-372ee10d8ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTAfEX5oAMFcHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb9c-31e295e33ead940f381121a1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:43:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YW8Pk1qXdq3DBNRDO3abND1HGTqhUInN2Wo3N8Uzb0zzyXrsKPCvYg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 84760
etag: "0d5cb1f3e3ea510308034a5e569c0e65fae30835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8637 bytes)
Hash
d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 82852
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gloodsie.com/pfe/current/universal.min.js?v=3.1.395

139.45.197.251

200 OK

63 kB

URL HTTP/2
gloodsie.com/pfe/current/universal.min.js?v=3.1.395
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
data
Size
63 kB (62582 bytes)
Hash
f6763f8071085168888208a909218577
c24f0d1fab11c27cadcf7ce0e416e65066f27d70
5965e31daae0b24e3b6e0029fd91bb9639fe5ed741598652f066f380199c1c6c

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1
Host: gloodsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamz.ws/
Origin: https://streamz.ws
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://streamz.ws
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

inpagepush.com/500/2994135?excludes=&oaid=b2fd03f4f81a46309997ce59abea037d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
inpagepush.com/500/2994135?excludes=&oaid=b2fd03f4f81a46309997ce59abea037d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/2994135?excludes=&oaid=b2fd03f4f81a46309997ce59abea037d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://streamz.ws/
Origin: https://streamz.ws
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:32 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://streamz.ws
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

offerimage.com/www/images/c57cba1b4fd29f8c45ed9159b675ffd6.jpeg

172.67.22.216

200 OK

13 kB

URL HTTP/2
offerimage.com/www/images/c57cba1b4fd29f8c45ed9159b675ffd6.jpeg
IP
172.67.22.216:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (12901 bytes)
Hash
c57cba1b4fd29f8c45ed9159b675ffd6
b69fe9bd45be3017e6cba3f32edcf5b1254a1e0a
1e17c6c47b3b114d4a58188f196f1901971f55bbd254dd152515f705c11794cd

HTTP Headers

GET /www/images/c57cba1b4fd29f8c45ed9159b675ffd6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:32 GMT
content-type: image/jpeg
content-length: 12901
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63102b02-3265"
expires: Tue, 27 Sep 2022 12:56:50 GMT
last-modified: Thu, 01 Sep 2022 03:46:10 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 30282
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cc31b5bb503-OSL
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 20:41:09 GMT
expires: Mon, 26 Sep 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 2423
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-135498744-1&cid=196042554.1664227291&jid=127138568&gjid=358839607&_gid=189741546.1664227291&_u=YEBAAUAAAAAAAC~&z=2025510676

64.233.162.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-135498744-1&cid=196042554.1664227291&jid=127138568&gjid=358839607&_gid=189741546.1664227291&_u=YEBAAUAAAAAAAC~&z=2025510676
IP
64.233.162.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-135498744-1&cid=196042554.1664227291&jid=127138568&gjid=358839607&_gid=189741546.1664227291&_u=YEBAAUAAAAAAAC~&z=2025510676 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://streamz.ws
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://streamz.ws
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 26 Sep 2022 21:21:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
008bb0f15929580c49beb48408615d01
a28e34ab71eea646efaf0a505a3bd07671bd6012
f612ef9519f2b8baad9918a77a873fb28c691518df1504fb32a47af79b8f7e18

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:21:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 00:52:20 GMT
Expires: Mon, 03 Oct 2022 00:52:19 GMT
Etag: "a28e34ab71eea646efaf0a505a3bd07671bd6012"
Cache-Control: max-age=530446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750f0cc4cd4cb4eb-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamz.ws/
Content-Type: text/plain;charset=UTF-8
Origin: https://streamz.ws
Content-Length: 1574
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 26 Sep 2022 21:21:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://streamz.ws
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

inpagepush.com/impression/2Gnz3tqAN76R9WXcJq5tZ5R4n4NnpgOf4C_A6JRwrWaqlxs-ryet9op99JhubE1UqRKsPqsuyfKXRasGWcW4-n6K4Yv0peivOnAJ7OoRiqc8I2i4v8zYYDbmVzjaCSum8CuD7KlCEXoSk6zWJvqvU0RY_L1pVrhlsI0tJmVgSwMkOhjiF8KhA_Zw3vbJYsuU6mwbK4cxPZR3WXUMy6kCFYzlOEJJ7jadJcW7M1kmuXaRpKN7HojJygi5gCTR3jZ-ZnFoyNJbGpSoI6AbjZW9NgBtrQ2e_4OTcpfJ0BTz4Ov1eQqISmvlrHLfOE2OeKswJGyJRgv5odfTKMXVECPaKDouAglC-dvozl28nk6hT9rmdGTSrjMZjg_Vh32eLb7Pmi4ZYRw1jJvP-o6s1PCAQdxxTohnDDK2DxcQz05zDjqJq9nhOpkop_zMZHmw6pSYQpWJiT2lwhNJQ3bGvWVZawl2l_zoXxQBId2iZ_rPGrw5kKXbQFPZuIdbmKwlmtEXprXkcy7YkEAzpT8WwzPJNw5B2Arm63aDN5dvFyRZ3TE=?_z=2994135&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

43 B

URL HTTP/2
inpagepush.com/impression/2Gnz3tqAN76R9WXcJq5tZ5R4n4NnpgOf4C_A6JRwrWaqlxs-ryet9op99JhubE1UqRKsPqsuyfKXRasGWcW4-n6K4Yv0peivOnAJ7OoRiqc8I2i4v8zYYDbmVzjaCSum8CuD7KlCEXoSk6zWJvqvU0RY_L1pVrhlsI0tJmVgSwMkOhjiF8KhA_Zw3vbJYsuU6mwbK4cxPZR3WXUMy6kCFYzlOEJJ7jadJcW7M1kmuXaRpKN7HojJygi5gCTR3jZ-ZnFoyNJbGpSoI6AbjZW9NgBtrQ2e_4OTcpfJ0BTz4Ov1eQqISmvlrHLfOE2OeKswJGyJRgv5odfTKMXVECPaKDouAglC-dvozl28nk6hT9rmdGTSrjMZjg_Vh32eLb7Pmi4ZYRw1jJvP-o6s1PCAQdxxTohnDDK2DxcQz05zDjqJq9nhOpkop_zMZHmw6pSYQpWJiT2lwhNJQ3bGvWVZawl2l_zoXxQBId2iZ_rPGrw5kKXbQFPZuIdbmKwlmtEXprXkcy7YkEAzpT8WwzPJNw5B2Arm63aDN5dvFyRZ3TE=?_z=2994135&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /impression/2Gnz3tqAN76R9WXcJq5tZ5R4n4NnpgOf4C_A6JRwrWaqlxs-ryet9op99JhubE1UqRKsPqsuyfKXRasGWcW4-n6K4Yv0peivOnAJ7OoRiqc8I2i4v8zYYDbmVzjaCSum8CuD7KlCEXoSk6zWJvqvU0RY_L1pVrhlsI0tJmVgSwMkOhjiF8KhA_Zw3vbJYsuU6mwbK4cxPZR3WXUMy6kCFYzlOEJJ7jadJcW7M1kmuXaRpKN7HojJygi5gCTR3jZ-ZnFoyNJbGpSoI6AbjZW9NgBtrQ2e_4OTcpfJ0BTz4Ov1eQqISmvlrHLfOE2OeKswJGyJRgv5odfTKMXVECPaKDouAglC-dvozl28nk6hT9rmdGTSrjMZjg_Vh32eLb7Pmi4ZYRw1jJvP-o6s1PCAQdxxTohnDDK2DxcQz05zDjqJq9nhOpkop_zMZHmw6pSYQpWJiT2lwhNJQ3bGvWVZawl2l_zoXxQBId2iZ_rPGrw5kKXbQFPZuIdbmKwlmtEXprXkcy7YkEAzpT8WwzPJNw5B2Arm63aDN5dvFyRZ3TE=?_z=2994135&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Cookie: OAID=b2fd03f4f81a46309997ce59abea037d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:36 GMT
content-type: image/gif
content-length: 43
x-trace-id: bdcebc02ba6d4fc66619677aa0e2e6d6
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://streamz.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 438448
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://streamz.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 438448
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stc.cdncache.xyz/content/video/css/structure.css

172.67.179.35

200 OK

0 B

URL HTTP/2
stc.cdncache.xyz/content/video/css/structure.css
IP
172.67.179.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /content/video/css/structure.css HTTP/1.1
Host: stc.cdncache.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=138463
etag: W/"58a75664-21cdf"
last-modified: Fri, 17 Feb 2017 20:00:36 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2215
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOhvbo3YNC3u%2FWfynpdUMP2F5fiBhS1N2pTAQ%2BN%2Br6zC6hzCKjS35x2T%2F%2Fcpqqpqn8Njw8NCx5gi5mcOFnmhOE2kryphKk%2FBCYJQUgfQxiaaKlRJHosnQLCr1ac6leJLysLf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbbb8b40b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.194.45

200 OK

0 B

URL HTTP/2
tzegilo.com/stattag.js
IP
172.67.194.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnoAtGitJ5DNMYAM9dMlkwbYHHvp0EWDrmQJytrAnLB0nz0corOHBXEM0BOk49yGbKmTzeIJTSkWVYgifklbM7B%2B%2BA8k1RUFjITw9wrNOBS%2BvFhlB%2BoytLWMEk5Lfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbe7d2bb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stc.cdncache.xyz/content/video/css/video.css

172.67.179.35

200 OK

0 B

URL HTTP/2
stc.cdncache.xyz/content/video/css/video.css
IP
172.67.179.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /content/video/css/video.css HTTP/1.1
Host: stc.cdncache.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=80773
etag: W/"58a7565a-13b85"
last-modified: Fri, 17 Feb 2017 20:00:26 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2215
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuxDHUXpwqlCAu5IhmtFO2NdLWrKx6IDkB7L%2BLL2pymueKOns2epEak75emIME70HiqnviFkMK5VgMSucsBI5TZWe8Ok0HhQMy1cCibteb8woa1GOOx%2BQVhGcCtWIWZl8GKb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbbc8bb0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stc.cdncache.xyz/css/global.css

172.67.179.35

200 OK

0 B

URL HTTP/2
stc.cdncache.xyz/css/global.css
IP
172.67.179.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/global.css HTTP/1.1
Host: stc.cdncache.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=435962
etag: W/"5be5d45c-6a6fa"
last-modified: Fri, 09 Nov 2018 18:39:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2215
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fy3fM80ybjAJO%2FroOJfhaJNQJ4M9QMMA%2F71oSrFZYCMFi%2FUvGB7jeqRgpS4Jrzo8JaM%2BMZIIyqfF99kzI3iS%2BkKBRYifNb7CKpCg6YeUAbxYCEQw1a8xQ6hqFMFbWpVAABry"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbbb8b30b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

0 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

142.250.74.163

200 OK

0 B

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://streamz.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:17:25 GMT
expires: Wed, 20 Sep 2023 17:17:25 GMT
cache-control: public, max-age=31536000
age: 533046
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

inpagepush.com/400/2994135

139.45.197.237

200 OK

0 B

URL HTTP/2
inpagepush.com/400/2994135
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /400/2994135 HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: application/javascript
x-trace-id: 8e339ccf2df5f64a51dee2bfc41a902d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=93f7c5b8d7d142a1b3d2a72e32cbc070; expires=Tue, 26 Sep 2023 21:21:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

stc.cdncache.xyz/plugins/rs-plugin/css/settings.css

172.67.179.35

200 OK

0 B

URL HTTP/2
stc.cdncache.xyz/plugins/rs-plugin/css/settings.css
IP
172.67.179.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /plugins/rs-plugin/css/settings.css HTTP/1.1
Host: stc.cdncache.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=34481
etag: W/"589c8a56-86b1"
last-modified: Thu, 09 Feb 2017 15:27:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2215
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MI6U%2B6fGK0DLq%2FydRJYDwfT7KK8nUIVWG4%2BCC4AxARniEphFgSsZ5g8AZ6lp1j8q70tXh1gBUNt1Ntslb51YDGaKAlaougt2xHPuUOGADczQjXBKYIe69NWl3vKhkjqp1D74"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbba8a30b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Patua+One:100,300,400,400italic,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Patua+One:100,300,400,400italic,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Patua+One:100,300,400,400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 21:21:31 GMT
date: Mon, 26 Sep 2022 21:21:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gloodsie.com/pfe/current/tag.min.js?z=2456325

139.45.197.251

200 OK

0 B

URL HTTP/2
gloodsie.com/pfe/current/tag.min.js?z=2456325
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/tag.min.js?z=2456325 HTTP/1.1
Host: gloodsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.237

200 OK

0 B

URL HTTP/2
inpagepush.com/500/2994135?excludes=&oaid=b2fd03f4f81a46309997ce59abea037d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /500/2994135?excludes=&oaid=b2fd03f4f81a46309997ce59abea037d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://streamz.ws
Connection: keep-alive
Referer: https://streamz.ws/
Cookie: OAID=93f7c5b8d7d142a1b3d2a72e32cbc070
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:32 GMT
content-type: application/javascript
x-trace-id: a0849ca8262d6c3a7fe8a407a5b2b07e
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://streamz.ws
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b2fd03f4f81a46309997ce59abea037d; expires=Tue, 26 Sep 2023 21:21:32 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4

172.67.204.103

200 OK

0 B

URL HTTP/2
streamz.ws/wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4
IP
172.67.204.103:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wdu?tc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4 HTTP/1.1
Host: streamz.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:30 GMT
content-type: text/html
last-modified: Wed, 13 Apr 2022 14:31:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUE53lJG4VLxlILT0GTlzpTwW606CIzIKuZ0MYidsxbRSrDnxzSHJMwB9QVS%2B0pvHMKdeilhgontKsbw5pEb8q1SaZKb0NckZkpC4cJGO4ma17I3Y6WYYOnyltdk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f0cb488d7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stc.cdncache.xyz/streamz.cc/ads.js

172.67.179.35

200 OK

0 B

URL HTTP/2
stc.cdncache.xyz/streamz.cc/ads.js
IP
172.67.179.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /streamz.cc/ads.js HTTP/1.1
Host: stc.cdncache.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:21:31 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=111
etag: W/"5ea0ac58-6f"
last-modified: Wed, 22 Apr 2020 20:43:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 246
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F9JYBbMq6mQ7Ywmb8Fzn5Z5HFdXYQRp2GJe92%2F437H5PUgSbexzuNV5yAhD17ZHk1%2BCFIX06MXn0ytK6rrfa5afJ4xGxbmZWkZtaCbzeK35m%2FHDB3FEP5e%2BBVQ4KmFtE7j7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f0cbb98970b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zikroarg.com/?rb=ikd18e9iW3cNAHKjVWsWyoF33avfTux-vQaY9RiAgV2zJaXMCcA4fIJqS2mt9PPjr1aBTksMp72oh2sg46ZzHDxDLnGY96a-Olk8ou2huTHH4xuwMf5QL2Ing3puBmISvFXZ3duPBxfWE3fDpOuC87ds_mRFTz4EIH0O-g1x-YdNajgST5YO8nFS1EX_V570xRrdoj61n4cmVhF5u0ZYAA%3D%3D&request_ab2=0&zoneid=2850024&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=4e45e289-96b0-450d-824d-20f5c392673c&userId=b2fd03f4f81a46309997ce59abea037d&m=link

139.45.197.236

200 OK

0 B

URL HTTP/2
zikroarg.com/?rb=ikd18e9iW3cNAHKjVWsWyoF33avfTux-vQaY9RiAgV2zJaXMCcA4fIJqS2mt9PPjr1aBTksMp72oh2sg46ZzHDxDLnGY96a-Olk8ou2huTHH4xuwMf5QL2Ing3puBmISvFXZ3duPBxfWE3fDpOuC87ds_mRFTz4EIH0O-g1x-YdNajgST5YO8nFS1EX_V570xRrdoj61n4cmVhF5u0ZYAA%3D%3D&request_ab2=0&zoneid=2850024&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=4e45e289-96b0-450d-824d-20f5c392673c&userId=b2fd03f4f81a46309997ce59abea037d&m=link
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?rb=ikd18e9iW3cNAHKjVWsWyoF33avfTux-vQaY9RiAgV2zJaXMCcA4fIJqS2mt9PPjr1aBTksMp72oh2sg46ZzHDxDLnGY96a-Olk8ou2huTHH4xuwMf5QL2Ing3puBmISvFXZ3duPBxfWE3fDpOuC87ds_mRFTz4EIH0O-g1x-YdNajgST5YO8nFS1EX_V570xRrdoj61n4cmVhF5u0ZYAA%3D%3D&request_ab2=0&zoneid=2850024&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstreamz.ws%2Fwdu%3Ftc5p78li1k5n5sm8d1tcmwxxkv8a116vdbkkj52lp89v0w4exxrkuohfkppmrvi4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=4e45e289-96b0-450d-824d-20f5c392673c&userId=b2fd03f4f81a46309997ce59abea037d&m=link HTTP/1.1
Host: zikroarg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamz.ws/
Origin: https://streamz.ws
Connection: keep-alive
Cookie: OAID=11d33bc347f446c1ab5b2ddc48c0c1e0; oaidts=1664227292
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:21:32 GMT
content-type: application/json
x-trace-id: 8f53ab74f0d30e9e2fca7a59d054d4e2
access-control-allow-origin: https://streamz.ws
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b2fd03f4f81a46309997ce59abea037d; expires=Tue, 26 Sep 2023 21:21:32 GMT; path=/; secure; SameSite=None
oaidts=1664227292; expires=Tue, 26 Sep 2023 21:21:32 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 03 Oct 2022 21:21:32 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,300,400,400italic,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:100,300,400,400italic,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:100,300,400,400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 21:21:31 GMT
date: Mon, 26 Sep 2022 21:21:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:100,300,400,400italic,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:100,300,400,400italic,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:100,300,400,400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamz.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 21:21:31 GMT
date: Mon, 26 Sep 2022 21:21:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (37)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations