GET sheegiwo.com/tag.min.js
200 OK 27 kB IP
Requested by https://zvision.link/flash14
Certificate IssuerLet's Encrypt
Subjectsheegiwo.com
FingerprintED:A6:79:59:D1:41:31:20:94:3A:23:30:BB:14:3F:FE:F5:95:07:31
ValidityWed, 04 Sep 2024 06:05:01 GMT - Tue, 03 Dec 2024 06:05:00 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash f23f64a47812c32c74c11864e030d35b
95c812b5bfeb2054b19de482ee5e27d47fcd8db9
9c388fba5952c9d66f1ff96e9f41d51357b95b8c055c44990f06fdf027b7fb58
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tag.min.js HTTP/1.1
Host: sheegiwo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: text/javascript; charset=utf-8
content-length: 27245
content-encoding: br
x-trace-id: 45d71e937688aeb26d34fa8039806e51
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Sun, 20 Oct 2024 14:58:12 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET locatedinfain.com/embed.js
200 OK 543 B URL GET HTTP/2 locatedinfain.com/embed.js
IP
Requested by https://zvision.link/flash14
Certificate IssuerGoogle Trust Services
Subjectlocatedinfain.com
FingerprintF6:5E:68:A4:B9:07:A0:64:5D:39:94:D2:38:A8:C4:FA:4B:F9:F8:A1
ValiditySun, 25 Aug 2024 10:17:11 GMT - Sat, 23 Nov 2024 10:17:10 GMT
File type ASCII text, with very long lines (324)
Hash 62ece9ef2914860da9686befd0bf7882
023aaf896fd011d989747ffb9e2b33c953eeac80
73f3f979812b1346256489bae244df70db6fe73be9cf6872013b37307a958b8a
GET /embed.js HTTP/1.1
Host: locatedinfain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 07:37:02 GMT
vary: Accept-Encoding
etag: W/"66c2f61e-4e3"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6531
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KhuOMdxmqXP80zEbNiO2zHf7WHYn0s213eHkgtQhsHHdMLzC7FxRHzVlhZsJ1r%2BOQyhE0AWAflWGisNTo556OwAwImGQl2UF2XVOkbI2NoE76FQeNF0B3LQey371GbEAuwj3Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d5b00139c7b06e1-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23269&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3215&recv_bytes=1025&delivery_rate=186022&cwnd=33&unsent_bytes=0&cid=da5cc09487ec9da1&ts=55&x=0"
X-Firefox-Spdy: h2
GET code.jquery.com/jquery-migrate-1.2.1.min.js
200 OK 3.1 kB URL GET HTTP/2 code.jquery.com/jquery-migrate-1.2.1.min.js
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (7085)
Hash eb05d8d73b5b13d8d84308a4751ece96
743052320809514fb788fe1d3df37fc87ce90452
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1c1f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Oct 2024 18:16:40 GMT
age: 3399577
x-served-by: cache-lga21931-LGA, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 5, 295342
x-timer: S1729448201.977071,VS0,VE0
vary: Accept-Encoding
content-length: 3063
X-Firefox-Spdy: h2
GET cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
200 OK 11 kB URL GET HTTP/2 cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT
File type JavaScript source, ASCII text, with very long lines (30387)
Hash 1b142ebaf5f868c4c11a73ffe9175afb
aa8b49bab8e92ff04d17a5a2c7c0dafc426e2fe9
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
GET /gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.0
x-jsd-version-type: version
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
content-encoding: br
accept-ranges: bytes
date: Sun, 20 Oct 2024 18:16:40 GMT
age: 23218
x-served-by: cache-fra-eddf8230055-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10804
X-Firefox-Spdy: h2
GET code.jquery.com/jquery-latest.js
200 OK 84 kB URL GET HTTP/2 code.jquery.com/jquery-latest.js
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
File type JavaScript source, ASCII text
Hash 3d93b072d14f2bd1ede58f4847f537fd
73e5d044bd153dd912930e8be433059454ce19cd
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
GET /jquery-latest.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-4508e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Oct 2024 18:16:40 GMT
age: 3852881
x-served-by: cache-lga21958-LGA, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 14380, 1399509
x-timer: S1729448201.980892,VS0,VE0
vary: Accept-Encoding
content-length: 83875
X-Firefox-Spdy: h2
GET code.jquery.com/jquery-1.11.0.min.js
200 OK 33 kB URL GET HTTP/2 code.jquery.com/jquery-1.11.0.min.js
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32341)
Hash 8fc25e27d42774aeae6edbc0a18b72aa
b66ed708717bf0b4a005a4d0113af8843ef3b8ff
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
GET /jquery-1.11.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1787d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Oct 2024 18:16:41 GMT
age: 3399576
x-served-by: cache-lga21931-LGA, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 7961, 308797
x-timer: S1729448201.005070,VS0,VE0
vary: Accept-Encoding
content-length: 33357
X-Firefox-Spdy: h2
GET cdn.jsdelivr.net/npm/@clappr/player@~0/dist/clappr.min.js
200 OK 163 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/@clappr/player@~0/dist/clappr.min.js
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 163 kB (162684 bytes)
Hash 42509a698c4a0a880be4fed4be1d880c
bfcb9e6d59961e198dcb60c624d51318f29b4447
6f5b1f0a4f1fef7ea05eb308fca7857e89a82ef35b4c803f77e0d569971c3001
GET /npm/@clappr/player@~0/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.11.0
x-jsd-version-type: version
etag: W/"9a337-v8uebVmWHhmNy2DGJNUTGPKbREc"
content-encoding: br
accept-ranges: bytes
date: Sun, 20 Oct 2024 18:16:41 GMT
age: 10720
x-served-by: cache-fra-eddf8230063-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 162684
X-Firefox-Spdy: h2
GET cdn.jsdelivr.net/npm/@swarmcloud/hls/p2p-engine.min.js
200 OK 54 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/@swarmcloud/hls/p2p-engine.min.js
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 8b282736631cc6e37fa25c5ea13db461
7b0886e78d52d87b188c792823a0353fcb2532b6
938cec20a584d283e32fc1fafb5b3619a62507a9e7a701c68f974b657fbc95ab
GET /npm/@swarmcloud/hls/p2p-engine.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.12.7
x-jsd-version-type: version
etag: W/"2e97f-ewiG541S2HsYjHkoI6A1P8slMrY"
content-encoding: br
accept-ranges: bytes
date: Sun, 20 Oct 2024 18:16:41 GMT
age: 31715
x-served-by: cache-fra-eddf8230149-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54259
X-Firefox-Spdy: h2
POST pubtrky.com/ut/hb.php?cb=0.8654792232175674&v=1
204 No Content 0 B URL POST HTTP/2 pubtrky.com/ut/hb.php?cb=0.8654792232175674&v=1
IP
Requested by https://zvision.link/flash14
Certificate IssuerGoogle Trust Services
Subjectpubtrky.com
Fingerprint1C:AA:FC:FF:38:D8:EF:73:88:D2:C1:25:B4:81:1C:94:2A:06:07:C3
ValidityWed, 11 Sep 2024 07:35:33 GMT - Tue, 10 Dec 2024 07:35:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.8654792232175674&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 865
Origin: https://zvision.link
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 20 Oct 2024 18:16:41 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SU5h%2BHvsq19WZCOPiXYq5NCJWg%2FkmxwCFs6OHy6GRBAOni76i3qgQbMczMkhwJe7LLdhFUAY8vy%2Fru2g8yN%2FG3E4h7fJF9vI%2Fs9kkacNC9TnldFSu6jgUpSSTS2gOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d5b00184a3806b6-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21170&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3197&recv_bytes=1995&delivery_rate=204231&cwnd=75&unsent_bytes=0&cid=90bc586b1566bf2d&ts=182&x=0"
X-Firefox-Spdy: h2
GET kbjn-sibltg.icu/script/ut.js?cb=1729448200491
200 OK 53 kB URL GET HTTP/2 kbjn-sibltg.icu/script/ut.js?cb=1729448200491
IP
Requested by https://zvision.link/flash14
Certificate IssuerGoogle Trust Services
Subjectkbjn-sibltg.icu
Fingerprint86:2B:0F:8C:26:34:EA:51:FA:67:FF:36:C4:97:F9:8E:CC:FD:E0:00
ValidityFri, 18 Oct 2024 15:16:13 GMT - Thu, 16 Jan 2025 15:16:12 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (63028), with no line terminators
Hash 8c24b56eda595fd9b563b16eb92087d6
61a384a63a0f3179ca7318084e768119eb67157a
35ec1d1b03ab4ffa697084f162cf49b979f7d27c84b8771f8f591fad95feb757
GET /script/ut.js?cb=1729448200491 HTTP/1.1
Host: kbjn-sibltg.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: text/javascript
x-goog-generation: 1728560515014783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63065
x-goog-hash: crc32c=8dV6jg==, md5=jCS1btpZX9m1Y7FuuSCH1g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AHmUCY2ICvj5FyMZyaODaCD2q_relt6KrokQUD4PFlxbqI9DNuN0SniFnAB8RRRvmEvAJNDv9JdKZKZXFg
expires: Sun, 20 Oct 2024 18:02:25 GMT
cache-control: public, max-age=14400
age: 2159
last-modified: Thu, 10 Oct 2024 11:41:55 GMT
etag: W/"8c24b56eda595fd9b563b16eb92087d6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0XynBaP5W7Tx4fAQBAp4rmpOaXQv0ZIoevn5nYCKUPJaf2UFu7YEM7lhbcnNH4hwiFe5fi3GCHS%2FeFkUUKJPtuMvJ458LQo%2B6JuVsmgGUULC%2FURwVgW13Yji%2BRs5pHk%2FMI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d5b0015cec1a899-RIX
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17747&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3190&recv_bytes=1070&delivery_rate=241092&cwnd=254&unsent_bytes=0&cid=fc7dc5c79c5e3037&ts=53&x=0"
X-Firefox-Spdy: h2
GET my.rtmark.net/gid.js?userId=0080fb55baf34be5e96fe4649b550d40
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=0080fb55baf34be5e96fe4649b550d40
IP
Requested by https://zvision.link/flash14
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint59:49:A1:C9:C3:99:98:FC:2D:E7:4A:9E:86:83:A6:DE:2E:C3:8A:B6
ValidityFri, 30 Aug 2024 01:00:45 GMT - Thu, 28 Nov 2024 01:00:44 GMT
Hash f22b7223178a803ccc64435175027937
af57172fc21a46b9658bf3a87a427ffe042c64db
47bb59426a4acd3b936d032e5b22daa5783a94fcaca1f2c19edc650143e2b263
GET /gid.js?userId=0080fb55baf34be5e96fe4649b550d40 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zvision.link
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 20 Oct 2024 18:16:41 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://zvision.link
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080fb55baf34be5e96fe4649b550d40; expires=Mon, 20 Oct 2025 18:16:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET locatedinfain.com/css/embed.css?ver=1.4.4
200 OK 2.9 kB URL GET HTTP/3 locatedinfain.com/css/embed.css?ver=1.4.4
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerGoogle Trust Services
Subjectlocatedinfain.com
FingerprintF6:5E:68:A4:B9:07:A0:64:5D:39:94:D2:38:A8:C4:FA:4B:F9:F8:A1
ValiditySun, 25 Aug 2024 10:17:11 GMT - Sat, 23 Nov 2024 10:17:10 GMT
File type gzip compressed data, from Unix
Hash 31c4ab3f8139611a49702941c19cd5b6
130c174f891cb81e0dd5a256d42a37933a48c4dd
a5d54f530f21dd2d23113bb62ef8f8cfeba2219c37a38aef5b63b2d9fe045116
GET /css/embed.css?ver=1.4.4 HTTP/1.1
Host: locatedinfain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/embed.php?player=desktop&live=do14
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: text/css
last-modified: Fri, 29 Oct 2021 09:08:53 GMT
vary: Accept-Encoding
etag: W/"617bba25-219"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 3372
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mAkpgeBzpeW%2BGc4pnCPeEeOkX0UoSxXQFDW1D1Kb6FblDEgRbjduRCH%2BcjzzHtEKtWuTVStVQTKbkFSdWcXwCeMl57PdUrkg2FfaU3jmKyWLtr9DFrUAkpRUmWCtaTcO0YlWOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d5b00173eedb734-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22222&sent=19&recv=11&lost=0&retrans=0&sent_bytes=7775&recv_bytes=2328&delivery_rate=12974&cwnd=12000&unsent_bytes=0&cid=978b7406eba41677&ts=556&x=1", cfExtPri, cfHdrFlush;dur=0
GET ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
200 OK 87 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint04:E9:E7:03:97:99:66:D7:5B:E7:AE:2C:40:95:6F:E2:07:A3:7D:6C
ValidityMon, 30 Sep 2024 15:09:59 GMT - Mon, 23 Dec 2024 15:09:58 GMT
File type JavaScript source, ASCII text, with very long lines (32033)
Hash d4162c9d7e520a5de05001be6e741899
0baf29230047c9cd896f14c59618c9948ea79451
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
GET /ajax/libs/jquery/3.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30281
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Oct 2024 04:05:20 GMT
expires: Sun, 19 Oct 2025 04:05:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 137481
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET zvision.link/favicon.ico
200 OK 11 kB IP
Requested by https://zvision.link/flash14
Certificate IssuerGoogle Trust Services
Subjectzvision.link
FingerprintDB:CC:C8:47:EB:4E:8D:68:E6:1A:27:F1:80:75:6D:70:95:7A:8E:2D
ValidityMon, 26 Aug 2024 00:32:28 GMT - Sun, 24 Nov 2024 00:32:27 GMT
File type MS Windows icon resource - 2 icons, 48x48, 32 bits/pixel, 16x16, 32 bits/pixel
Hash da4a74faee57944047548a93c4836df6
da5f7d9c492faa88bfd2be9b84e649de4818d2d2
a33f7d76e43eef7580ed1a6e8ebec87c8e64e2fd815e21a66d1345dfc01122d0
GET /favicon.ico HTTP/1.1
Host: zvision.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/flash14
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: image/x-icon
last-modified: Fri, 22 Apr 2022 13:44:00 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9WS6pOXK%2BcIYVi62YOuUdY7OIPnAbknd0F3doj9JJWrIhfk%2FGyW4lQcpYzt4yg5MmdV0Oz36X3ONm%2BcNznBFNjInG4GAdwSIE240m5BkvDSXNZPq0Pw6osxgeHfoFI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d5b0016db10b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19347&sent=19&recv=13&lost=0&retrans=0&sent_bytes=7925&recv_bytes=2273&delivery_rate=16670&cwnd=12000&unsent_bytes=0&cid=76acbfd0a842329e&ts=994&x=1", cfExtPri, cfHdrFlush;dur=0
GET sheegiwo.com/5/6837565/?oo=1&aab=1
200 OK 4.0 kB URL GET HTTP/2 sheegiwo.com/5/6837565/?oo=1&aab=1
IP
Requested by https://zvision.link/flash14
Certificate IssuerLet's Encrypt
Subjectsheegiwo.com
FingerprintED:A6:79:59:D1:41:31:20:94:3A:23:30:BB:14:3F:FE:F5:95:07:31
ValidityWed, 04 Sep 2024 06:05:01 GMT - Tue, 03 Dec 2024 06:05:00 GMT
File type troff or preprocessor input, ASCII text, with very long lines (4029), with no line terminators
Hash cbe917d91a1a9e9c2ba37dc4333784d9
fa003cc86482e140ff2b98ee3f1a1c1ba41c07db
9c1a9aba9d4f57b894809ebe96ea87774b8b8dd190956b4c014a2fd112919856
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /5/6837565/?oo=1&aab=1 HTTP/1.1
Host: sheegiwo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zvision.link
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: application/json
x-trace-id: 2629bdc3d2014ffe1363d0921596d3bb
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://zvision.link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080fb55baf34be5e96fe4649b550d40; expires=Mon, 20 Oct 2025 18:16:40 GMT; path=/; secure; SameSite=None
oaidts=1729448200; expires=Mon, 20 Oct 2025 18:16:40 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
GET sheegiwo.com/?rb=WMCmpANEti_RF5qVLvaywEdpJX_SWi2O3FBd4WHCBsx6JONgwxncb0AuE6n9NC06TDSWRJ7fnApe2p-EWkfZfv2ONqZ6H0LRX_lJaopBc3jNFt6OdV7kLYa_C98W5phqL_dqK5SN4ljjar1ODPTHhujCpcI5Pf1SmloIpmvWon-VY-jOxbNKIub_KyW_69TfEHCJ7VBA4rHt1op14YA7hA1TOfZo9RLlf5wFi3ExvV0FRnselRvKnyHOkdVPMZN1m6wMJYoM2xs1N1Fh&request_ab2=0&zoneid=6837565&js_build=iclick-v1.978.17-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fzvision.link%2Fflash14&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.978.17-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=df0cd0bd-1a53-4fde-ba12-02ebc436a656&wasm=1&userId=0080fb55baf34be5e96fe4649b550d40&m=link
200 OK 2.8 kB URL GET HTTP/2 sheegiwo.com/?rb=WMCmpANEti_RF5qVLvaywEdpJX_SWi2O3FBd4WHCBsx6JONgwxncb0AuE6n9NC06TDSWRJ7fnApe2p-EWkfZfv2ONqZ6H0LRX_lJaopBc3jNFt6OdV7kLYa_C98W5phqL_dqK5SN4ljjar1ODPTHhujCpcI5Pf1SmloIpmvWon-VY-jOxbNKIub_KyW_69TfEHCJ7VBA4rHt1op14YA7hA1TOfZo9RLlf5wFi3ExvV0FRnselRvKnyHOkdVPMZN1m6wMJYoM2xs1N1Fh&request_ab2=0&zoneid=6837565&js_build=iclick-v1.978.17-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fzvision.link%2Fflash14&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.978.17-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=df0cd0bd-1a53-4fde-ba12-02ebc436a656&wasm=1&userId=0080fb55baf34be5e96fe4649b550d40&m=link
IP
Requested by https://zvision.link/flash14
Certificate IssuerLet's Encrypt
Subjectsheegiwo.com
FingerprintED:A6:79:59:D1:41:31:20:94:3A:23:30:BB:14:3F:FE:F5:95:07:31
ValidityWed, 04 Sep 2024 06:05:01 GMT - Tue, 03 Dec 2024 06:05:00 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2796), with no line terminators
Hash 373f89d0e23dfb52a87a424ea3253fcb
f710821a53d38a7dc4d75b47c928b03e1ca2296f
3b9995bfb3d8c8062e9527247625449d9cede210955791488c66a39182361210
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?rb=WMCmpANEti_RF5qVLvaywEdpJX_SWi2O3FBd4WHCBsx6JONgwxncb0AuE6n9NC06TDSWRJ7fnApe2p-EWkfZfv2ONqZ6H0LRX_lJaopBc3jNFt6OdV7kLYa_C98W5phqL_dqK5SN4ljjar1ODPTHhujCpcI5Pf1SmloIpmvWon-VY-jOxbNKIub_KyW_69TfEHCJ7VBA4rHt1op14YA7hA1TOfZo9RLlf5wFi3ExvV0FRnselRvKnyHOkdVPMZN1m6wMJYoM2xs1N1Fh&request_ab2=0&zoneid=6837565&js_build=iclick-v1.978.17-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fzvision.link%2Fflash14&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.978.17-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=df0cd0bd-1a53-4fde-ba12-02ebc436a656&wasm=1&userId=0080fb55baf34be5e96fe4649b550d40&m=link HTTP/1.1
Host: sheegiwo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zvision.link/
Origin: https://zvision.link
DNT: 1
Connection: keep-alive
Cookie: OAID=0080fb55baf34be5e96fe4649b550d40; oaidts=1729448200
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 20 Oct 2024 18:16:41 GMT
content-type: application/json
x-trace-id: f08780c3b116ee4a5564b9c893e8a39a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://zvision.link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080fb55baf34be5e96fe4649b550d40; expires=Mon, 20 Oct 2025 18:16:41 GMT; path=/; secure; SameSite=None
oaidts=1729448201; expires=Mon, 20 Oct 2025 18:16:41 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 27 Oct 2024 18:16:41 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET zvision.link/css/custom.css
200 OK 1.3 kB URL GET HTTP/3 zvision.link/css/custom.css
IP
Requested by https://zvision.link/flash14
Certificate IssuerGoogle Trust Services
Subjectzvision.link
FingerprintDB:CC:C8:47:EB:4E:8D:68:E6:1A:27:F1:80:75:6D:70:95:7A:8E:2D
ValidityMon, 26 Aug 2024 00:32:28 GMT - Sun, 24 Nov 2024 00:32:27 GMT
File type ASCII text, with very long lines (1393), with no line terminators
Hash 4077cfd8f42fc28f405f3a0e698e0056
b1544c2fb6474673ac04272e0dbba8b58cbbcc28
7330b6ca901463540ef153dfc4dd5eab6c8d7ac81219226e02e2251bb96e8b61
GET /css/custom.css HTTP/1.1
Host: zvision.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/flash14
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: text/css
last-modified: Sun, 27 Aug 2023 19:45:26 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1137
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FzU0wpT0NR%2BbcFqpp0J%2FMcvIPJbumxSgA98UL%2FVLm0fi44wA0yTWeKThhWELVd9osvuDpLu5RYE3Z8qFBZ4nDmu901XzBSBlWTW19RC6gNu4Z1kAqR72Y1MRYNMZgHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d5b0012fb8fb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19802&sent=13&recv=7&lost=0&retrans=0&sent_bytes=5162&recv_bytes=1359&delivery_rate=34150&cwnd=12000&unsent_bytes=0&cid=76acbfd0a842329e&ts=266&x=1", cfExtPri, cfHdrFlush;dur=0
GET locatedinfain.com/css/site.css
200 OK 199 B URL GET HTTP/3 locatedinfain.com/css/site.css
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerGoogle Trust Services
Subjectlocatedinfain.com
FingerprintF6:5E:68:A4:B9:07:A0:64:5D:39:94:D2:38:A8:C4:FA:4B:F9:F8:A1
ValiditySun, 25 Aug 2024 10:17:11 GMT - Sat, 23 Nov 2024 10:17:10 GMT
File type ASCII text, with no line terminators
Hash 1c0354d5d809202b32e2767fd752d997
3ae81b6a2f708ebb1baa145d25dc061ebd93be57
bb217a86ff30bcaa4bb0d0dabc9809fe4da66226cb9dc7f5b3bc16fa0e781ad0
GET /css/site.css HTTP/1.1
Host: locatedinfain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/embed.php?player=desktop&live=do14
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: text/css
last-modified: Fri, 29 Oct 2021 09:54:42 GMT
etag: W/"617bc4e2-c7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3372
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Of4u6%2BDgVFXjoaA8HvganJ%2FVl1zaN2ksYT97ZzB%2BowH8fENJyD1PPTVCg18E0w%2F%2F9KLdDuvrbhToFjytAVOGqxu7B1TtHttoD9orVrQtoW5ouojXRRGQYPJzIFCE8PyLWpGwvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d5b00173ef3b734-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22222&sent=21&recv=11&lost=0&retrans=0&sent_bytes=9924&recv_bytes=2328&delivery_rate=12974&cwnd=12000&unsent_bytes=0&cid=978b7406eba41677&ts=556&x=1", cfExtPri, cfHdrFlush;dur=22
GET locatedinfain.com/js/aclib.js
200 OK 172 kB URL GET HTTP/3 locatedinfain.com/js/aclib.js
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerGoogle Trust Services
Subjectlocatedinfain.com
FingerprintF6:5E:68:A4:B9:07:A0:64:5D:39:94:D2:38:A8:C4:FA:4B:F9:F8:A1
ValiditySun, 25 Aug 2024 10:17:11 GMT - Sat, 23 Nov 2024 10:17:10 GMT
Size 172 kB (172259 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/aclib.js HTTP/1.1
Host: locatedinfain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/embed.php?player=desktop&live=do14
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: application/javascript
last-modified: Sun, 20 Oct 2024 17:00:02 GMT
vary: Accept-Encoding
etag: W/"67153712-2a0e3"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 3162
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DmPisM0s6N9R6ee9jMLiKcWpwPu4Un7LpjlsgjxRh9v980Z9K57h6aPW1oSAEupAnsPUyVTAERyNu2s7BOZN7tJMie%2BUtL2pVxqpBvx%2B30sMgQ04y51C0Y%2BGa6zZOx7NpLnNpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d5b00174f1ab734-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22222&sent=30&recv=11&lost=0&retrans=0&sent_bytes=19775&recv_bytes=2328&delivery_rate=12974&cwnd=12000&unsent_bytes=0&cid=978b7406eba41677&ts=574&x=1", cfExtPri, cfHdrFlush;dur=4
GET zvision.link/css/style.css
200 OK 1.0 kB URL GET HTTP/3 zvision.link/css/style.css
IP
Requested by https://zvision.link/flash14
Certificate IssuerGoogle Trust Services
Subjectzvision.link
FingerprintDB:CC:C8:47:EB:4E:8D:68:E6:1A:27:F1:80:75:6D:70:95:7A:8E:2D
ValidityMon, 26 Aug 2024 00:32:28 GMT - Sun, 24 Nov 2024 00:32:27 GMT
File type ASCII text, with very long lines (1158), with no line terminators
Hash 35ad9916e85e6be86a94b18f2e0fdf7c
03a2386612870bdc253846bf21f66f9f51f70dd2
5c3e36ebb79160c5ca3eb7c939e3b699a8eea9c2c54d7947ab89ec91306ffd1d
GET /css/style.css HTTP/1.1
Host: zvision.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/flash14
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 13:45:00 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1137
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbiWJ1%2FQ9Dp3DBSjfcMKHxOm25a0RS5DpWYaCAxDMGWR5WJf9TG92Ix56QfT8V7AWVfhPyCkQmAxCgcVVGgAcmDUq8%2F5eo0Xk%2FSuT4p0IKy1cejGaptuNM3TgR3pFL8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d5b0012eb85b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19802&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4076&recv_bytes=1359&delivery_rate=34150&cwnd=12000&unsent_bytes=0&cid=76acbfd0a842329e&ts=264&x=1", cfExtPri, cfHdrFlush;dur=0
GET zvision.link/img/bgs.png
404 Not Found 939 B IP
Requested by https://zvision.link/flash14
Certificate IssuerGoogle Trust Services
Subjectzvision.link
FingerprintDB:CC:C8:47:EB:4E:8D:68:E6:1A:27:F1:80:75:6D:70:95:7A:8E:2D
ValidityMon, 26 Aug 2024 00:32:28 GMT - Sun, 24 Nov 2024 00:32:27 GMT
File type HTML document, ASCII text, with very long lines (968), with no line terminators
Hash 2bbb565fb7b04fdd182fc348c285b5b2
958c4282722ea19aea868d253001747fb01e36fa
e236d40640c22c786a2b3c440a720ba5e87ebd801066209e4c2af8c5f57cb7cf
GET /img/bgs.png HTTP/1.1
Host: zvision.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/flash14
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wz2hZfhr8YAvsB3z3Tccth8bB8SiXf1h6rBHEn99FAvpsxY3JWdQ2pNt%2BMVhKzBsFt8SUUvhVcmFLn9fic5N50rTJqNW8cvJ5Xl637INehAA51TeRjv80FVOUfmjmBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d5b00148e81b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19861&sent=16&recv=10&lost=0&retrans=0&sent_bytes=6406&recv_bytes=1912&delivery_rate=9634&cwnd=12000&unsent_bytes=0&cid=76acbfd0a842329e&ts=691&x=1", cfExtPri, cfHdrFlush;dur=0
200 OK 236 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services
Subjectzvision.link
FingerprintDB:CC:C8:47:EB:4E:8D:68:E6:1A:27:F1:80:75:6D:70:95:7A:8E:2D
ValidityMon, 26 Aug 2024 00:32:28 GMT - Sun, 24 Nov 2024 00:32:27 GMT
Size 236 kB (235462 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /flash14 HTTP/1.1
Host: zvision.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Oct 2024 18:16:39 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMxZ3H2jooC3VAYIF6AGR%2B0fHDneomvM2ObEfSa1tX9kD8N1Rjjna5T8V%2BItFWLuntmUD4oi%2BecLFdi85ma6y85EyuFRYsxmQ%2F%2B%2B2jex%2FIpAUkvwscILNxJfrjg4mA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d5b00103ad052ab-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=27309&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3201&recv_bytes=1120&delivery_rate=200971&cwnd=40&unsent_bytes=0&cid=e220216e4d9c084a&ts=136&x=0"
X-Firefox-Spdy: h2
GET locatedinfain.com/embed.php?player=desktop&live=do14
200 OK 7.6 kB URL GET HTTP/3 locatedinfain.com/embed.php?player=desktop&live=do14
IP
Requested by https://zvision.link/flash14
Certificate IssuerGoogle Trust Services
Subjectlocatedinfain.com
FingerprintF6:5E:68:A4:B9:07:A0:64:5D:39:94:D2:38:A8:C4:FA:4B:F9:F8:A1
ValiditySun, 25 Aug 2024 10:17:11 GMT - Sat, 23 Nov 2024 10:17:10 GMT
File type JavaScript source, ASCII text, with very long lines (8163), with no line terminators
Hash e772f45516a03f261ab15cce6ab0ec99
5bfbf956d65863d58c3f6754e5b1d9c62787347f
a14269dc0c99074950d5587445d954dfa4c68ee31761c1e1c5e3bd000b30d8bb
GET /embed.php?player=desktop&live=do14 HTTP/1.1
Host: locatedinfain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.30
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8q8%2FDP8VfyriWyeHafFuiL43M8UuarIktdyLcOG%2BZiC%2BEhr361bSUkHyE7e1YSuh0M5JdXsHcD4Q5VHOyDITYcbiK6YxkAF4FJNrq5w%2FlidkijcciyJolfHG7T3w5dsvC6TXmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d5b0014ab83b734-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22663&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4058&recv_bytes=1156&delivery_rate=32631&cwnd=12000&unsent_bytes=0&cid=978b7406eba41677&ts=316&x=1", cfExtPri, cfHdrFlush;dur=0
GET locatedinfain.com/blast.js
200 OK 78 kB URL GET HTTP/3 locatedinfain.com/blast.js
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerGoogle Trust Services
Subjectlocatedinfain.com
FingerprintF6:5E:68:A4:B9:07:A0:64:5D:39:94:D2:38:A8:C4:FA:4B:F9:F8:A1
ValiditySun, 25 Aug 2024 10:17:11 GMT - Sat, 23 Nov 2024 10:17:10 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 091faec928970e76d37a3601c19fcf8a
6441e8eebe90eb8d4a40e7c25440ff99caba3520
eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12
GET /blast.js HTTP/1.1
Host: locatedinfain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/embed.php?player=desktop&live=do14
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: application/javascript
last-modified: Sat, 08 Oct 2022 23:56:20 GMT
vary: Accept-Encoding
etag: W/"63420e24-13040"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 3162
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4jHzgRrgWO%2BYwmhi6syB9iJH3N3om4dEITcRLSZLRsI6CrPqu7Fcp02e2L68XCwflrDItuI%2F51MzyE0eKQ3y3tNe9YIU6rw04pZ2vZ25FEVB2z%2FSqJ5ywnl8avcyd8IgHfdrxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d5b00174efdb734-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22222&sent=19&recv=11&lost=0&retrans=0&sent_bytes=7775&recv_bytes=2328&delivery_rate=12974&cwnd=12000&unsent_bytes=0&cid=978b7406eba41677&ts=556&x=1", cfExtPri, cfHdrFlush;dur=0
GET youradexchange.com/script/suurl5.php?r=2278415&cbur=0.5101377230492685&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Live%20Footbal%20Streaming%20-%20Live%20Premier%20League&cbpage=https%3A%2F%2Fzvision.link%2Fflash14&cbref=&cbdescription=&cbkeywords=&cbcdn=kbjn-sibltg.icu&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1729448200286&srs=f770695e6038614305883d58b7c1afc9&atv=55.0&abtg=1&adbv=3-cdn
200 OK 958 B URL GET HTTP/2 youradexchange.com/script/suurl5.php?r=2278415&cbur=0.5101377230492685&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Live%20Footbal%20Streaming%20-%20Live%20Premier%20League&cbpage=https%3A%2F%2Fzvision.link%2Fflash14&cbref=&cbdescription=&cbkeywords=&cbcdn=kbjn-sibltg.icu&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1729448200286&srs=f770695e6038614305883d58b7c1afc9&atv=55.0&abtg=1&adbv=3-cdn
IP
Requested by https://zvision.link/flash14
Certificate IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint03:7E:C0:10:42:5B:39:CE:2A:03:91:B7:74:65:C7:B0:C7:27:21:4B
ValidityTue, 08 Oct 2024 07:34:56 GMT - Mon, 06 Jan 2025 07:34:55 GMT
File type troff or preprocessor input, ASCII text, with very long lines (985), with no line terminators
Hash 0e14f185572043db0ec41bda5fe22360
514ed759a72c92c2d3c0c3b635a6582db72763c4
5d1baae3132002badc19ce92f9f980fa4af8bc860dfa2944938d60fbf7658e66
GET /script/suurl5.php?r=2278415&cbur=0.5101377230492685&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Live%20Footbal%20Streaming%20-%20Live%20Premier%20League&cbpage=https%3A%2F%2Fzvision.link%2Fflash14&cbref=&cbdescription=&cbkeywords=&cbcdn=kbjn-sibltg.icu&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1729448200286&srs=f770695e6038614305883d58b7c1afc9&atv=55.0&abtg=1&adbv=3-cdn HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zvision.link/
Origin: https://zvision.link
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JskSCesmmC8UFuGoXgxsJTQoHZ7yLPU8IOM18CPdrONSSuhXu4Rx1CkbsT9VSpFTrHir0bhztI38OagBI%2FsjZdVumTdZeymjdjf2HZ3ZnJSdPE8CHPGug4zOHV65RWflhdvTPgM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d5b0014dcf75315-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23290&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3216&recv_bytes=1382&delivery_rate=187096&cwnd=229&unsent_bytes=0&cid=01786c97e72cb458&ts=199&x=0"
X-Firefox-Spdy: h2
HEAD zvision.link/flash14
200 OK 0 B IP
Requested by https://zvision.link/flash14
Certificate IssuerGoogle Trust Services
Subjectzvision.link
FingerprintDB:CC:C8:47:EB:4E:8D:68:E6:1A:27:F1:80:75:6D:70:95:7A:8E:2D
ValidityMon, 26 Aug 2024 00:32:28 GMT - Sun, 24 Nov 2024 00:32:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /flash14 HTTP/1.1
Host: zvision.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zvision.link/flash14
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgB4jjj8CH0Pf3VTfc%2BDjVfrjRCaNaIpMwS3sA%2FH35Hjq%2Bt8gyjy3b8yyq%2BWWwjYay7h4B%2FMf3prXM0gpdhru3Onc%2FvkgoJarD%2B9RYOz3xtD9ArnslCKRjJK4z3BKk0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d5b00146e55b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19603&sent=17&recv=11&lost=0&retrans=0&sent_bytes=7272&recv_bytes=1956&delivery_rate=3537&cwnd=12000&unsent_bytes=0&cid=76acbfd0a842329e&ts=792&x=1", cfExtPri, cfHdrFlush;dur=0
GET maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
200 OK 37 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
Requested by https://locatedinfain.com/embed.php?player=desktop&live=do14
Certificate IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint95:66:C2:43:CE:55:3C:D7:76:0E:9C:5F:28:8C:E9:AA:DC:AC:A2:59
ValidityFri, 20 Sep 2024 01:25:04 GMT - Thu, 19 Dec 2024 01:25:03 GMT
File type JavaScript source, ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locatedinfain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Oct 2024 18:16:40 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 03/18/2024 12:13:26
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 3e4803ebcd67682eccd326d11a83c865
cdn-cache: HIT
cf-cache-status: HIT
age: 346391
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8d5b0018199756ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.84.147
172.67.177.214
139.45.197.245