Report - listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB

Report Overview

Visited public
2024-05-26 22:50:23
Tags
URL
listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Finishing URL
listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
DrStone3_Ep_03_SUB_ITA.mp4

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-05-26 03:12:29	939 B	15 kB	142.250.74.106
listeamed.net	unknown	2024-04-22	2024-05-12 14:00:17	2024-05-12 14:00:17	4.3 kB	526 kB	188.114.96.1
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2024-05-25 19:26:24	419 B	742 B	139.45.195.8
oaphoace.net	unknown	2022-05-04	2022-05-04 19:35:14	2024-05-25 17:04:33	2.6 kB	93 kB	139.45.197.239
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2024-05-26 00:50:04	891 B	25 kB	104.22.33.172
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2024-05-25 21:39:41	565 B	481 B	139.45.195.254
recordedthereby.com	unknown	2024-05-08	2024-05-14 07:24:53	2024-05-25 23:24:41	400 B	86 kB	188.114.96.1
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-05-26 09:04:48	338 B	942 B	54.230.218.11
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-05-25 19:41:18	427 B	420 B	18.194.210.12
abodedistributionpan.com	unknown	2024-05-06	2024-05-07 13:41:37	2024-05-24 15:53:20	488 B	467 B	192.243.59.13
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27 13:27:45	2024-05-25 19:40:36	412 B	327 B	192.243.61.225
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-05-25 19:40:43	733 B	423 B	192.243.59.13
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2024-05-25 21:39:41	396 B	20 kB	172.67.193.52
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-05-26 05:20:40	2.6 kB	126 kB	216.58.207.227
scenescrockery.com	unknown	unknown	No data	No data	435 B	32 kB	192.243.59.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-26	medium	scenescrockery.com	Sinkholed
2024-05-26	medium	abodedistributionpan.com	Sinkholed
2024-05-26	medium	oaphoace.net	Sinkholed
2024-05-26	medium	capaciousdrewreligion.com	Sinkholed
2024-05-26	medium	unseenreport.com	Sinkholed
2024-05-26	medium	oaphoace.net	Sinkholed
2024-05-26	medium	oaphoace.net	Sinkholed
2024-05-26	medium	recordedthereby.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	listeamed.net/assets/js/captcha.js?id=36fa16859e54f7f19c7f5130212da67a	ScriptElement	56 kB	2024-05-27	2024-08-19
Pretty URL listeamed.net/assets/js/captcha.js?id=36fa16859e54f7f19c7f5130212da67a IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-27 00:50 Last Seen2024-08-19 21:39 Times Seen3 Hash 580210f0e32d7282da072526f6e49497 0166f4f17973bf1b48e583ce2855fcc6d0d6d260 23ed3e9bde792010c4c93ade0dc1fc22b7c4ec17321adbdb55cc76c47ce29152 Loading...

	scenescrockery.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js	ScriptElement	84 kB	2024-08-19	2024-08-19
Pretty URL scenescrockery.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 21:39 Last Seen2024-08-19 21:39 Times Seen1 Hash a064d760228197c5a01e955b0983d97a 121f15b777dc3b13a5264df2f69c29aff9c8ba41 0c7ba74b39983a842d7f10326d1fa9af941ff5dcc3595109cb8630cc5f69ec0e Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2024-02-10	2024-08-20
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-10 03:00 Last Seen2024-08-20 09:57 Times Seen1467 Hash 70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f Loading...

	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-27
Pretty URL capaciousdrewreligion.com/advertisers.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-27 19:45 Times Seen4771582 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	listeamed.net/assets/js/download.js?id=dfdfbd13d065f705584068443d56ccfe	ScriptElement	10 kB	2024-05-27	2024-08-19
Pretty URL listeamed.net/assets/js/download.js?id=dfdfbd13d065f705584068443d56ccfe IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-27 00:50 Last Seen2024-08-19 21:39 Times Seen3 Hash f878b21aed165b31c6c916e07c8c2a75 0f811605469ddb24d176041ba9d312deaad47ad9 cd8d96ba48a2cdd24f969b3b0341953d7f3ab75074c25f3a4e35becc92efe662 Loading...

	listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4	ScriptElement	0 B	0001-01-01	2025-05-27
Pretty URL listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-27 19:45 Times Seen4771582 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4	ScriptElement	0 B	0001-01-01	2025-05-27
Pretty URL listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-27 19:45 Times Seen4771582 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	oaphoace.net/401/6424058	ScriptElement	91 kB	2024-08-19	2024-08-19
Pretty URL oaphoace.net/401/6424058 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 21:39 Last Seen2024-08-19 21:39 Times Seen1 Hash 6c171ef119986ecd8936e11c2a3e1ba2 40b9ced678efbde6edbadf160dbb77391ca72811 c9ee2cf8ab490141eaad5a5948db426f54a12717473db9bd19ec5f244b75c249 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

HTTP Transactions (30)

URL IP Response Size

fonts.googleapis.com/css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

2.6 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint58:16:76:D3:35:A7:C7:1B:68:67:E2:F5:33:04:0E:E9:CB:56:BD:77
ValidityMon, 06 May 2024 14:43:20 GMT - Mon, 29 Jul 2024 14:43:19 GMT

File type
gzip compressed data, max compression
Size
2.6 kB (2648 bytes)
Hash
03edc4de22717d473e4dd706f6b69319
d8211ae32d53c6cf5974028901c454ba339ebf75
fba1a1eca6c7817409e12bb4f6e2b4587e54d18ccd5ed6f7b966db2706a836e5

HTTP Headers

GET /css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 26 May 2024 22:49:54 GMT
date: Sun, 26 May 2024 22:49:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

listeamed.net/assets/css/icons/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf

188.114.96.1

200 OK

112 kB

URL GET HTTP/3
listeamed.net/assets/css/icons/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 112440, version 1.0
Size
112 kB (112440 bytes)
Hash
31e1300d419245fd27614630601dc74d
3a284b0618771f29da8eb6be900e99439253dce0
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764

HTTP Headers

GET /assets/css/icons/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 26 May 2024 22:49:54 GMT
content-type: font/woff2
content-length: 112440
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CBaHphms7Mi7NVVwpkU%2Fhjp0Phd%2BxCSaHw3%2BRVQq7IaESEhgPIKWQ1iUTTtYmyeBK11iDy9HW2tMv588Qyd73zvSG4jyoPEqOuBORzqekkCHa%2FU2rDfCiouQ01I%2BkX9D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88a15235989056bf-OSL
alt-svc: h3=":443"; ma=86400

scenescrockery.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js

192.243.59.13

200 OK

31 kB

URL GET HTTP/1.1
scenescrockery.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectscenescrockery.com
Fingerprint0F:6D:6A:9E:03:A8:F3:CB:BA:EF:0A:F0:8A:D9:DE:2B:21:53:89:44
ValidityFri, 17 May 2024 11:59:19 GMT - Thu, 15 Aug 2024 11:59:18 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30705 bytes)
Hash
a064d760228197c5a01e955b0983d97a
121f15b777dc3b13a5264df2f69c29aff9c8ba41
0c7ba74b39983a842d7f10326d1fa9af941ff5dcc3595109cb8630cc5f69ec0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js HTTP/1.1
Host: scenescrockery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 26 May 2024 22:49:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3523_layer=0; expires=Thu, 30 May 2024 22:49:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 13246e56c08adaee39e8571c46943220
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2

216.58.207.227

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30240, version 1.0
Size
30 kB (30240 bytes)
Hash
2a51724cb1aefe32e3183a8e138189cc
c8f36c7eee7c868b5cba392e353d47180643f5f1
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431

HTTP Headers

GET /s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 May 2024 08:27:51 GMT
expires: Sun, 25 May 2025 08:27:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 Jan 2024 23:13:02 GMT
content-type: font/woff2
age: 138123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2

216.58.207.227

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30240, version 1.0
Size
30 kB (30240 bytes)
Hash
2a51724cb1aefe32e3183a8e138189cc
c8f36c7eee7c868b5cba392e353d47180643f5f1
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431

HTTP Headers

GET /s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 May 2024 08:27:51 GMT
expires: Sun, 25 May 2025 08:27:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 Jan 2024 23:13:02 GMT
content-type: font/woff2
age: 138124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2

216.58.207.227

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30240, version 1.0
Size
30 kB (30240 bytes)
Hash
2a51724cb1aefe32e3183a8e138189cc
c8f36c7eee7c868b5cba392e353d47180643f5f1
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431

HTTP Headers

GET /s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 May 2024 08:27:51 GMT
expires: Sun, 25 May 2025 08:27:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 Jan 2024 23:13:02 GMT
content-type: font/woff2
age: 138124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
55c00f6d57ef9f24e4da2fabf5df00dc
fe47bb66bac393efabacea73d457f6945d4f727b
9bfbdea0ba8c498f435d52ef2c738c0280dae396538cd012cac085f3fe3bd3f6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 26 May 2024 22:49:55 GMT
Last-Modified: Sun, 26 May 2024 21:56:28 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Skzkb-0TH43B3adkBYqLmdcqfCeq-EtY-vEU6XEuNymLA9JIoC9g7w==
Age: 3207

proftrafficcounter.com/stats

18.194.210.12

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.194.210.12:443
ASN
#16509 AMAZON-02

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
662aaf101df93dccce887b19fdc80aa1
63615bb1511829a19572f876cdb89522de6a7867
6d3b3d155473bdce893619441f4182fdfc1cdc64ecd82ba0714ee2e2f11b155d

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 26 May 2024 22:49:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://listeamed.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ca324c62-209d-4f1a-8ae9-72db91f0e14d:3:1; expires=Wed, 24 May 2034 22:49:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint90:47:5A:A5:5F:5F:FA:E6:7C:6F:AB:D2:06:D1:D9:BD:F3:54:9E:6E
ValiditySat, 11 May 2024 20:51:41 GMT - Fri, 09 Aug 2024 20:51:40 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
d3c670426e5b3f92f236aad087eb9ceb
7dfb2b2f3652152d7c883291f1fb3a467bc7f620
dee453f2db75a8b5e7797b91d5307c19a44de3da858cd9c4d5aabcd1c7dffca3

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 26 May 2024 22:49:55 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://listeamed.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=080068b283bf4df4eb08d13e76ed4158; expires=Mon, 26 May 2025 22:49:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

abodedistributionpan.com/pixel/purst?dl=0&th=0&sc=0&rs=1268&rd=1268&fd=672&bv=24.5.8230&tmpl=70

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
abodedistributionpan.com/pixel/purst?dl=0&th=0&sc=0&rs=1268&rd=1268&fd=672&bv=24.5.8230&tmpl=70
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectabodedistributionpan.com
Fingerprint0A:F0:49:46:E9:89:77:CB:6E:7E:0C:A3:C6:E1:22:CA:19:69:A4:DC
ValidityMon, 06 May 2024 08:18:50 GMT - Sun, 04 Aug 2024 08:18:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1268&rd=1268&fd=672&bv=24.5.8230&tmpl=70 HTTP/1.1
Host: abodedistributionpan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 26 May 2024 22:49:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

oaphoace.net/500/6424058?excludes=&oaid=080068b283bf4df4eb08d13e76ed4158&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fd%2FQwP2050QZpxdmy7%2FDrStone3_Ep_03_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0

139.45.197.239

200 OK

0 B

URL GET HTTP/2
oaphoace.net/500/6424058?excludes=&oaid=080068b283bf4df4eb08d13e76ed4158&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fd%2FQwP2050QZpxdmy7%2FDrStone3_Ep_03_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectoaphoace.net
Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4
ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/6424058?excludes=&oaid=080068b283bf4df4eb08d13e76ed4158&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fd%2FQwP2050QZpxdmy7%2FDrStone3_Ep_03_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://listeamed.net/
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 26 May 2024 22:49:55 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://listeamed.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

capaciousdrewreligion.com/advertisers.js

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintBB:9C:12:88:24:43:D4:47:71:3F:F0:A4:BB:E1:85:65:CE:E7:92:E4
ValidityMon, 06 May 2024 02:35:23 GMT - Sun, 04 Aug 2024 02:35:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 26 May 2024 22:49:55 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e3db0fa6d469d9aa077e1d05383bd25c
Strict-Transport-Security: max-age=0; includeSubdomains

offerimage.com/www/images/4dc9fcd8e7241532b9d800257362529c.jpg

104.22.33.172

200 OK

12 kB

URL GET HTTP/2
offerimage.com/www/images/4dc9fcd8e7241532b9d800257362529c.jpg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
12 kB (12082 bytes)
Hash
4dc9fcd8e7241532b9d800257362529c
5c6c841c2958ed768787aafe8595d8974c3fd0bd
089e38ef205fbfef508e5b3d34deb566cd3a1d4fdd6888cf41fd2d2ebdac91dc

HTTP Headers

GET /www/images/4dc9fcd8e7241532b9d800257362529c.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 26 May 2024 22:49:55 GMT
content-type: image/jpeg
content-length: 12082
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6525feaa-2f32"
expires: Mon, 27 May 2024 18:36:47 GMT
last-modified: Wed, 11 Oct 2023 01:47:22 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 15182
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88a1523b8cba92eb-CPH
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c109fd43-4d7d-4624-988a-cc8e439c40d6

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c109fd43-4d7d-4624-988a-cc8e439c40d6
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C
ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c109fd43-4d7d-4624-988a-cc8e439c40d6 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1427
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 26 May 2024 22:49:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://listeamed.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

unseenreport.com/pxf.gif?uuid=ca324c62-209d-4f1a-8ae9-72db91f0e14d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=ca324c62-209d-4f1a-8ae9-72db91f0e14d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintF5:95:0F:2B:01:D6:36:49:AB:2E:61:76:F7:EC:A5:45:3D:F1:0E:59
ValidityTue, 21 May 2024 07:36:27 GMT - Mon, 19 Aug 2024 07:36:26 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=ca324c62-209d-4f1a-8ae9-72db91f0e14d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 26 May 2024 22:49:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 696022ee07f3aa534ab84106664fe0d7
Strict-Transport-Security: max-age=0; includeSubdomains

oaphoace.net/impression/in8xinV1-ztJhiUxmR-EjNHR-RQTe5_5PNL0X9ZYMae5vLZ2JfUrlXJBuYoi-RQ1BvkZU0ObkOcCzVkn-CL27ETb7jsy0g3HzboR5XZ1U4c8xPORhILqIP1b6-EeHb3FLd-Igh23wEY6uuWD2cNk_MbvHrSsqECOLQjuceJT7JqnLyF7nSACl59KO2N5PA6tfVljLK9KUuQqRRXp3kP9-2exKbFgO3uU5tgav7C_S84DFpVTugnMDsDOZvVXGLm9ZmGc__ef1NW76vHrKv7HW522TKB5rrhCs5XJYq5vha8Gw3aZCVVBUbaZpBBT2jStVuLnPN9S3V7CMwVtYVS4--oddpZYUI8L5W_Xda5d5J4HRunJ7CUB87xDN9vdZjtv5Fw2G381LZlJmMUe5ffMv1PEs41gWhGAKROiUxnnRqDfailWlahdyHrllRjuHF3QS_uqcN4idG4ZKIrlxAZpjFeq6vhjnGt6vU1-6tS2aLw2vkF9azg08dv02LpBegzCzkOhuk-ev1qM0wKXnRwfh-aVQ8PR9nOpuPOuIPUgDeTjDZ8gdhQS9L8rjdBH6QiN06fpNEUKmOWXokIcuVOkwS1vVA8r6wJu?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fd%2FQwP2050QZpxdmy7%2FDrStone3_Ep_03_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0

139.45.197.239

200 OK

43 B

URL GET HTTP/2
oaphoace.net/impression/in8xinV1-ztJhiUxmR-EjNHR-RQTe5_5PNL0X9ZYMae5vLZ2JfUrlXJBuYoi-RQ1BvkZU0ObkOcCzVkn-CL27ETb7jsy0g3HzboR5XZ1U4c8xPORhILqIP1b6-EeHb3FLd-Igh23wEY6uuWD2cNk_MbvHrSsqECOLQjuceJT7JqnLyF7nSACl59KO2N5PA6tfVljLK9KUuQqRRXp3kP9-2exKbFgO3uU5tgav7C_S84DFpVTugnMDsDOZvVXGLm9ZmGc__ef1NW76vHrKv7HW522TKB5rrhCs5XJYq5vha8Gw3aZCVVBUbaZpBBT2jStVuLnPN9S3V7CMwVtYVS4--oddpZYUI8L5W_Xda5d5J4HRunJ7CUB87xDN9vdZjtv5Fw2G381LZlJmMUe5ffMv1PEs41gWhGAKROiUxnnRqDfailWlahdyHrllRjuHF3QS_uqcN4idG4ZKIrlxAZpjFeq6vhjnGt6vU1-6tS2aLw2vkF9azg08dv02LpBegzCzkOhuk-ev1qM0wKXnRwfh-aVQ8PR9nOpuPOuIPUgDeTjDZ8gdhQS9L8rjdBH6QiN06fpNEUKmOWXokIcuVOkwS1vVA8r6wJu?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fd%2FQwP2050QZpxdmy7%2FDrStone3_Ep_03_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectoaphoace.net
Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4
ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/in8xinV1-ztJhiUxmR-EjNHR-RQTe5_5PNL0X9ZYMae5vLZ2JfUrlXJBuYoi-RQ1BvkZU0ObkOcCzVkn-CL27ETb7jsy0g3HzboR5XZ1U4c8xPORhILqIP1b6-EeHb3FLd-Igh23wEY6uuWD2cNk_MbvHrSsqECOLQjuceJT7JqnLyF7nSACl59KO2N5PA6tfVljLK9KUuQqRRXp3kP9-2exKbFgO3uU5tgav7C_S84DFpVTugnMDsDOZvVXGLm9ZmGc__ef1NW76vHrKv7HW522TKB5rrhCs5XJYq5vha8Gw3aZCVVBUbaZpBBT2jStVuLnPN9S3V7CMwVtYVS4--oddpZYUI8L5W_Xda5d5J4HRunJ7CUB87xDN9vdZjtv5Fw2G381LZlJmMUe5ffMv1PEs41gWhGAKROiUxnnRqDfailWlahdyHrllRjuHF3QS_uqcN4idG4ZKIrlxAZpjFeq6vhjnGt6vU1-6tS2aLw2vkF9azg08dv02LpBegzCzkOhuk-ev1qM0wKXnRwfh-aVQ8PR9nOpuPOuIPUgDeTjDZ8gdhQS9L8rjdBH6QiN06fpNEUKmOWXokIcuVOkwS1vVA8r6wJu?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fd%2FQwP2050QZpxdmy7%2FDrStone3_Ep_03_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Cookie: OAID=080068b283bf4df4eb08d13e76ed4158
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 26 May 2024 22:50:00 GMT
content-type: image/gif
content-length: 43
x-trace-id: b4284856fcb9ad80e5c2ff2dc3c45b42
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/4dc9fcd8e7241532b9d800257362529c.jpg

104.22.33.172

200 OK

12 kB

URL GET HTTP/2
offerimage.com/www/images/4dc9fcd8e7241532b9d800257362529c.jpg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
12 kB (12082 bytes)
Hash
4dc9fcd8e7241532b9d800257362529c
5c6c841c2958ed768787aafe8595d8974c3fd0bd
089e38ef205fbfef508e5b3d34deb566cd3a1d4fdd6888cf41fd2d2ebdac91dc

HTTP Headers

GET /www/images/4dc9fcd8e7241532b9d800257362529c.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 26 May 2024 22:50:00 GMT
content-type: image/jpeg
content-length: 12082
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6525feaa-2f32"
expires: Mon, 27 May 2024 18:36:47 GMT
last-modified: Wed, 11 Oct 2023 01:47:22 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 15187
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88a1525abee692eb-CPH
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 May 2024 08:27:17 GMT
expires: Sun, 25 May 2025 08:27:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 138163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 May 2024 08:28:58 GMT
expires: Sun, 25 May 2025 08:28:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 138062
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

listeamed.net/assets/img/favicon.ico

188.114.96.1

200 OK

9.8 kB

URL GET HTTP/3
listeamed.net/assets/img/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
9.8 kB (9757 bytes)
Hash
7d9d17baaa54ab2b59859173c38f1a57
f383ac7a911d949ea75ebd07d8d95d5b231e9ea6
86fc3c09c4aec36ca788eabfda604e48d1ee61feb43a16371afab31f0cd2b48f

HTTP Headers

GET /assets/img/favicon.ico HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Cookie: pp_show_on_511a5b14f9f9525cf33f9e93d660853b=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ca324c62-209d-4f1a-8ae9-72db91f0e14d%3A3%3A1; pp_main_511a5b14f9f9525cf33f9e93d660853b=1; pp_exp_511a5b14f9f9525cf33f9e93d660853b=1716770995617
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 26 May 2024 22:49:55 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2Fc8F0KCSjpd6ODAW%2F3YmQC4McKIPXIgMNOU3%2Beyz9%2B1l%2BJZNheNOrE7gIHzsHSTrxLZJvqE1V6FU1HTHo2GTm0t%2Ff%2BGNufj4x65JChUovNxXTfWMLm%2Fh3tm2SMDfD8d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88a1523c1bfd56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tzegilo.com/stattag.js

172.67.193.52

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1
ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT

File type
JavaScript source, ASCII text, with very long lines (18486)
Size
19 kB (19136 bytes)
Hash
70ebd404c2e1e7bad13998538b56887c
86e57af8ba3cfc2c004da3311835f6b54ba6d848
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 26 May 2024 22:49:55 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4205
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJWZ728Vw7pOo34YcD2OIWFxyn39DspycC4OdxKs4scv2VPNbaU3CUaRhvbdY%2B6ct12lH5jkbkzS490F42T9ipvt9lyR3Wdi2YJsBLPV%2F0I%2FJbPexlTYIgetbEEPpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88a15239cb720afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

listeamed.net/assets/js/download.js?id=dfdfbd13d065f705584068443d56ccfe

188.114.96.1

200 OK

10 kB

URL GET HTTP/3
listeamed.net/assets/js/download.js?id=dfdfbd13d065f705584068443d56ccfe
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
JavaScript source, ASCII text, with very long lines (9963), with no line terminators
Size
10 kB (9963 bytes)
Hash
f878b21aed165b31c6c916e07c8c2a75
0f811605469ddb24d176041ba9d312deaad47ad9
cd8d96ba48a2cdd24f969b3b0341953d7f3ab75074c25f3a4e35becc92efe662

HTTP Headers

GET /assets/js/download.js?id=dfdfbd13d065f705584068443d56ccfe HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 26 May 2024 22:49:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 24 May 2024 00:26:55 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BjpAAwfpFU6JXfXXB6E7l1%2BS6Y2lkNve2wzyhFXWeUWI4%2B9ZkJtnRsr1a8W0yqRwlEhpGQv8wMOwrcHpVchE5VTlA3xS9F8coMy1mODpH%2Bsv8RNmTaC8HArR9evasa9K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88a152333f6256bf-OSL
alt-svc: h3=":443"; ma=86400

listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4

188.114.96.1

200 OK

3.2 kB

URL User Request GET HTTP/2
listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3375), with no line terminators
Size
3.2 kB (3207 bytes)
Hash
412e217484cd58492a814ad9c1b8b6f1
7d9a84dfc6c25ea30b3f3d8a10a54197b5fc02a8
cc72c1e53797f2a1651f5ea4f1651d3e92b6de5b3742734958ad6e3297fb9637

HTTP Headers

GET /d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 26 May 2024 22:49:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 26 May 2024 22:49:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k77vmcbujKMMBBqU%2BbOYpMwQl2AR5H9NTa%2BLLfhGrMfNRrSJwz7w1916LJj1DA5YRkhk%2BaVbLbnNjSCMerOOeZRqNwDBRI3lK8trIRkx09QdyzDLuw0iFXssH0At6CuC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88a1522f9ad9b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

listeamed.net/assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c

188.114.96.1

200 OK

46 kB

URL GET HTTP/3
listeamed.net/assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
ASCII text, with very long lines (449)
Size
46 kB (46207 bytes)
Hash
d54edf9aa1cde0c27571f0d70a5a800c
0280204d67163c971177fe07a97de7e7dd9d9bd4
9f323f60f1cb46c682179cbde508d1ad0ded66950f93f64abf9c80ce643ab4da

HTTP Headers

GET /assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 26 May 2024 22:49:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 14:24:17 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6nHAhs%2BEhDIrfN%2FLsyxEltMhyC%2Fn73%2FKYB%2FJzXUrMgjbnsVHXJ%2FrK3j%2F0kUnb8e3PTRtfMiRZECk3o549WhjCMArv18yoEOCPlG4wSulJxEiKaSvfRC6iaJ9sUF1SgDH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88a152332f4f56bf-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.106

200 OK

11 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint58:16:76:D3:35:A7:C7:1B:68:67:E2:F5:33:04:0E:E9:CB:56:BD:77
ValidityMon, 06 May 2024 14:43:20 GMT - Mon, 29 Jul 2024 14:43:19 GMT

File type
ASCII text
Size
11 kB (10915 bytes)
Hash
155f53ee6339ba8215c3513f7e89a646
1785d802da7b560dc8af49e5c17627ecc88285a0
859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 26 May 2024 22:50:00 GMT
date: Sun, 26 May 2024 22:50:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

listeamed.net/assets/js/captcha.js?id=36fa16859e54f7f19c7f5130212da67a

188.114.96.1

200 OK

56 kB

URL GET HTTP/3
listeamed.net/assets/js/captcha.js?id=36fa16859e54f7f19c7f5130212da67a
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
JavaScript source, ASCII text, with very long lines (55948), with no line terminators
Size
56 kB (55948 bytes)
Hash
580210f0e32d7282da072526f6e49497
0166f4f17973bf1b48e583ce2855fcc6d0d6d260
23ed3e9bde792010c4c93ade0dc1fc22b7c4ec17321adbdb55cc76c47ce29152

HTTP Headers

GET /assets/js/captcha.js?id=36fa16859e54f7f19c7f5130212da67a HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 26 May 2024 22:49:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 24 May 2024 00:26:55 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3%2B0u9X2gQ1a7Gv%2B0Ql0Xtgwfl0Slzq4L24hNgbzanCBYVvyNs6NOJ4n3G9cxQRgyKQ1XYPuiPs89%2Fxat1xcaLK3hnbIlOHwuqgPsdlfjQwvpdS0Lfp33HePXucON6nk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88a152333f5656bf-OSL
alt-svc: h3=":443"; ma=86400

listeamed.net/assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85

188.114.96.1

200 OK

89 kB

URL GET HTTP/3
listeamed.net/assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
ASCII text
Size
89 kB (88585 bytes)
Hash
91f7cf4a3d3f0660b4e3914e5ac9298a
6e12e1ebcd983f848e5c280ab77649eeb44e74bc
f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638

HTTP Headers

GET /assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 26 May 2024 22:49:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rIEWEVJbdCE8q%2FqQsL17Qsvd8e6ZSjd%2B6MDrISxdD7AbsyQqrIF1oH9J65D%2BDAnnF6Wj084zj%2BKvzGxb2bWXUnQJ1WY60kayt%2FLrFPW%2F4rGPR0m1MA8uWbF5I%2FGZ0ZF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88a152332f4b56bf-OSL
alt-svc: h3=":443"; ma=86400

oaphoace.net/401/6424058

139.45.197.239

200 OK

91 kB

URL GET HTTP/2
oaphoace.net/401/6424058
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectoaphoace.net
Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4
ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
91 kB (91000 bytes)
Hash
6c171ef119986ecd8936e11c2a3e1ba2
40b9ced678efbde6edbadf160dbb77391ca72811
c9ee2cf8ab490141eaad5a5948db426f54a12717473db9bd19ec5f244b75c249

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/6424058 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 26 May 2024 22:49:54 GMT
content-type: application/javascript
x-trace-id: b81a62cd139f770f9621f4272cc1c139
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=030068b8a1c746adfe030c6455c9e5aa; expires=Mon, 26 May 2025 22:49:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

recordedthereby.com/sfp.js

188.114.96.1

200 OK

85 kB

URL GET HTTP/2
recordedthereby.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectrecordedthereby.com
FingerprintA3:3F:9B:AE:CF:C6:1B:C3:8B:FC:65:01:2F:06:6A:22:60:3C:8E:AF
ValidityWed, 08 May 2024 14:16:18 GMT - Tue, 06 Aug 2024 14:16:17 GMT

File type

Size
85 kB (85378 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 26 May 2024 22:49:55 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f7ab40b00de4586841750fd3d0065556
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 26 May 2024 22:49:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lqLwQlhHyXTpMUtUluqfVK4k%2B56LdSssseFpN0%2BfcRWTO8jr%2BEGOT9PLxDEu2h7Z5GmXBz13pjGg9ZqR6igxDslhLcO0r878Ulj%2BjbUXWTQi15jihA4YBbC2oRSOTXhD7%2F5G0qjA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88a15237980f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

listeamed.net/assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a

188.114.96.1

200 OK

195 kB

URL GET HTTP/3
listeamed.net/assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
195 kB (194901 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/QwP2050QZpxdmy7/DrStone3_Ep_03_SUB_ITA.mp4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 26 May 2024 22:49:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46pfeQHwy2P7lqU3AAcT5ej6e%2BChqir3OBA5PzawkaUAcVpPqhmEQjoAT%2BptDB8xtitBtq7l%2BtEnX5MxAtNFhDlMCApH%2F0KUFxjkZyeVt57T%2BMQGnjMe9Qc0nN6%2BWfdB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88a152332f4456bf-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (30)

URL GET HTTP/2

IP

ASN