Report - listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB

Report Overview

Visited public
2024-05-25 09:41:20
Tags
URL
listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Finishing URL
listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
Shangri-LaFrontier_Ep_10_SUB_ITA.mp4

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-05-25 00:55:18	427 B	420 B	52.59.123.150
oaphoace.net	unknown	2022-05-04	2022-05-04 19:35:14	2024-05-24 12:09:51	2.6 kB	93 kB	139.45.197.239
scenescrockery.com	unknown	unknown	No data	No data	435 B	32 kB	172.240.127.234
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-05-25 04:40:08	338 B	942 B	143.204.53.97
i.guardstorage.net	unknown	2022-12-22	2023-02-27 03:44:44	2024-05-12 14:00:21	1.4 kB	1.1 MB	188.114.96.1
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27 13:27:45	2024-05-25 01:24:45	412 B	327 B	172.240.108.68
jnm9bocres.guardstorage.net	unknown	unknown	No data	No data	3.6 kB	5.4 MB	37.59.30.235
listeamed.net	unknown	2024-04-22	2024-05-12 14:00:17	2024-05-12 14:00:17	4.4 kB	1.1 MB	188.114.97.1
captivityhandleicicle.com	unknown	2024-05-06	2024-05-07 20:41:58	2024-05-24 19:52:40	489 B	467 B	172.240.127.234
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2024-05-24 18:35:28	419 B	742 B	139.45.195.8
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2024-05-24 19:40:34	565 B	481 B	139.45.195.254
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-05-24 19:52:45	732 B	423 B	192.243.61.227
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-05-25 02:29:32	1.0 kB	33 kB	216.58.207.227
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2024-05-24 19:40:33	396 B	20 kB	172.67.193.52
recordedthereby.com	unknown	2024-05-08	2024-05-14 07:24:53	2024-05-25 01:24:42	400 B	86 kB	188.114.97.1
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2024-05-24 23:16:10	891 B	21 kB	172.67.22.216
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-05-25 03:04:54	417 B	1.9 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-25	medium	scenescrockery.com	Sinkholed
2024-05-25	medium	captivityhandleicicle.com	Sinkholed
2024-05-25	medium	oaphoace.net	Sinkholed
2024-05-25	medium	unseenreport.com	Sinkholed
2024-05-25	medium	oaphoace.net	Sinkholed
2024-05-25	medium	recordedthereby.com	Sinkholed
2024-05-25	medium	oaphoace.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4	ScriptElement	77 B	2024-01-22	2025-05-30
Pretty URL listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-22 09:14 Last Seen2025-05-30 22:35 Times Seen47 Hash b5cdb3fb48157901ac97a5b90241bffb 0669ba024cb1a6fcc2270de34f57e32315fc3949 aeca2316a1f3548628f04b96af44da3ac3519b76bbe79f513c7195380e52d0d7 Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2024-02-10	2024-08-20
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-10 03:00 Last Seen2024-08-20 09:57 Times Seen1467 Hash 70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4	ScriptElement	163 B	2024-01-22	2025-05-30
Pretty URL listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-22 09:14 Last Seen2025-05-30 22:35 Times Seen51 Hash 8c86115a74a05eab860602400b1bf55a d852d67127ab71ac875b26ff5d4e2b8b2ed006f5 a757611ec5dd52c76c6599caf7e64796d0b93116b7b70b352fdf506fc2178438 Loading...

	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-30
Pretty URL capaciousdrewreligion.com/advertisers.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-30 23:25 Times Seen4799622 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	listeamed.net/assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da	ScriptElement	14 kB	2023-03-07	2025-05-30
Pretty URL listeamed.net/assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-30 22:35 Times Seen1350 Hash 19b624e7fe7a86b4c7851ed61e250626 760a6c0399930b96c61b6e18a6cbb0dbf0125f97 eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e Loading...

	listeamed.net/assets/js/main.js?id=8fdfd78f6de7386e3162347efd9a6be4	ScriptElement	105 kB	2024-05-25	2024-12-07
Pretty URL listeamed.net/assets/js/main.js?id=8fdfd78f6de7386e3162347efd9a6be4 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-25 11:20 Last Seen2024-12-07 21:19 Times Seen29 Hash 56b52daa6da5f5d0fb6a2d4b3cd3b6f6 29ae686fe889ea16798dd4adadce826fdb958d5a f6d15536ad2f2a1ed4600bb002bcd3c44c01f3d0563ab6bf0f9c3eef6d141539 Loading...

	listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4	ScriptElement	2.5 kB	2024-08-19	2024-08-19
Pretty URL listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 21:50 Last Seen2024-08-19 21:50 Times Seen1 Hash 3ae19779a2d826ac05f3503d28fb2478 407e4753d5b35289443c789a1f7bfb95ad0d3d83 293a5c87138c3709d1944b5b5b7567fffab88fa35c99e4358b7c85cbc3a2a4a6 Loading...

	unknown	Function	630 B	2024-08-19	2024-08-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-19 21:50 Last Seen2024-08-19 21:50 Times Seen1 Hash 9d59e214be1de9e7c4517daa53d5da39 0013830ddba98455710e2cffd3957b88811c363a d5fed8b05a5893a96c828f33e7137d1dc3ad40289290937f991421f65fa6f813 Loading...

	listeamed.net/assets/jwplayer/8.28.1/jwplayer.core.controls.js	ScriptElement	325 kB	2023-09-06	2025-01-28
Pretty URL listeamed.net/assets/jwplayer/8.28.1/jwplayer.core.controls.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-06 18:59 Last Seen2025-01-28 05:37 Times Seen70 Hash a69921d2a260f2b763c6f4866ab08ff5 2d1430cd5d243ad05ca0e7cfbac1c4398f31995e 45bba1c625ca7128376311c5490b2d4a283dd787eec1c011be838141bfbb42ea Loading...

	listeamed.net/assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6	ScriptElement	109 kB	2023-12-30	2025-01-28
Pretty URL listeamed.net/assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-30 23:53 Last Seen2025-01-28 05:37 Times Seen44 Hash 80a18bc4937ae794bf8b80cc2b15c821 7c2e3f66f9b3d983db4188baadc8fe1fa44b6073 4400d6dbc620c2f7aecdba4ca1a6f715866367e5e74f2a6190a52c214266d5ae Loading...

	listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4	ScriptElement	56 kB	2024-08-19	2024-08-19
Pretty URL listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 21:50 Last Seen2024-08-19 21:50 Times Seen1 Hash 5879235ff55917182613a05c63de502d 6e298a0d0affbcd030041d573829298cae813028 a4d1641a8f8b1cd9c8638fb246190b9703b31605b43fc2d5851ef567577596ce Loading...

	listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4	ScriptElement	2.2 kB	2023-05-22	2025-05-30
Pretty URL listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 10:53 Last Seen2025-05-30 22:35 Times Seen54 Hash 62a92dd510564854e07d8a6de701ed58 03e17a24753ced6bf9fa12b7aba90abb873d72f1 92b002ab80f8fdaac7bbb92f61853a089cf735188c7de0bd7417e65bd644bf13 Loading...

	oaphoace.net/401/6424058	ScriptElement	91 kB	2024-08-19	2024-08-19
Pretty URL oaphoace.net/401/6424058 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 21:50 Last Seen2024-08-19 21:50 Times Seen1 Hash b028a10c1ef82954150835d8d2d50095 f2becb2e22f0620e34f2ce5955126ac3ebb38db9 10aa83b65ec063aff8be99364f9039074a8300f97f68e7eeb5aa08ec78e93f75 Loading...

	unknown	Function	2.2 kB	2024-08-19	2024-08-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-19 21:50 Last Seen2024-08-19 21:50 Times Seen1 Hash df179cf6107e94c7b287cb0e840fc71c 8b5289a7bb87b117825154e9d7915fa6258390a0 69237a35e6dbb798439a37d4faef2aca3fff5b6f58f35993a8dde57b3f6b3b7b Loading...

	scenescrockery.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js	ScriptElement	84 kB	2024-08-19	2024-08-19
Pretty URL scenescrockery.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 21:50 Last Seen2024-08-19 21:50 Times Seen1 Hash 89f480249af4671a3bf48ec0bfadcb8b e2e790aba4c1cf68b2a73b66c49106443c4e64fb ecde8f871d870a74a644c3d6a8f17fd0da1213bc9545a2102aa41dfa9db154fd Loading...

	listeamed.net/assets/jwplayer/8.28.1/jwpsrv.js	ScriptElement	65 kB	2023-12-30	2025-01-28
Pretty URL listeamed.net/assets/jwplayer/8.28.1/jwpsrv.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-30 23:53 Last Seen2025-01-28 05:37 Times Seen44 Hash 8035032c7bcdff774adfcf60e84b450d 1eb7f0268ef459954dea51343ef96720ed370566 b676f19bfd6bc7f2d07cdf0d00beb0c75ad04d1a8e4268df0f10ddbffb7313bf Loading...

	listeamed.net/assets/jwplayer/8.28.1/provider.hlsjs.js	ScriptElement	423 kB	2023-09-06	2025-01-28
Pretty URL listeamed.net/assets/jwplayer/8.28.1/provider.hlsjs.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-06 18:59 Last Seen2025-01-28 05:37 Times Seen65 Hash 750b19146211c426d9bdd9dcf4d93787 9b7639977960dc609de99863a12b1866b0ffd5a0 fac5e74d89a9f7ebaada1c783e47de50657803bf20ced45bea0336b9a0dda254 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0a7fbc01b8cff096af9ae1a1466559f3	41 kB	2024-08-19 21:50	2024-08-19 21:50
Pretty Observations First Seen2024-08-19 21:50 Last Seen2024-08-19 21:50 Times Seen1 Hash 0a7fbc01b8cff096af9ae1a1466559f3 284d2078a5a624dc688e97979ebdcd885ca05e41 84577c2e7442832941f8b4bf4d49b173ee43f2694b710330d4f9465167989c2f Loading...

HTTP Transactions (34)

URL IP Response Size

scenescrockery.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js

172.240.127.234

200 OK

31 kB

URL GET HTTP/1.1
scenescrockery.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectscenescrockery.com
Fingerprint0F:6D:6A:9E:03:A8:F3:CB:BA:EF:0A:F0:8A:D9:DE:2B:21:53:89:44
ValidityFri, 17 May 2024 11:59:19 GMT - Thu, 15 Aug 2024 11:59:18 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30709 bytes)
Hash
89f480249af4671a3bf48ec0bfadcb8b
e2e790aba4c1cf68b2a73b66c49106443c4e64fb
ecde8f871d870a74a644c3d6a8f17fd0da1213bc9545a2102aa41dfa9db154fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js HTTP/1.1
Host: scenescrockery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 25 May 2024 09:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3523_layer=0; expires=Wed, 29 May 2024 09:40:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 792c78aa7d5b4d7282b1ab1f5b9fb9a6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

listeamed.net/assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
listeamed.net/assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
gzip compressed data, max compression, from Unix
Size
11 kB (11066 bytes)
Hash
3e6c7cd9f225c27521079ffdf9c45692
da5336ca0ef8631aa0090ec0cf44ec7c0e9f7e91
a89941e92ff08175f4fd93e29b762e4678f003adc1f8df80fd3d0e93b4d6b9bf

HTTP Headers

GET /assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 09:40:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 07:00:44 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aPZlQa94ejqO4fWKEop5N24bASrX%2F7RV7ODn6ZQq4%2BycDdhjIzb01Gt%2BoFDKoKqRdb8GkOkCReoQAP8TnW5tM8W%2BhpwyP1ntgH2ZtObqGCXVe7rxe1pqOQiOUD0Gavx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8894910a698b5695-OSL
alt-svc: h3=":443"; ma=86400

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
488b7a05960fe74864a4fd031b39c6ae
382ba1771ec268683b10e78245b4aaea415bf60e
bda109a8c7f3d03a5bd96c0ec06e636fceb7df48787db56494e903bd6ba37ddc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 25 May 2024 09:40:54 GMT
Last-Modified: Sat, 25 May 2024 08:45:04 GMT
Server: ECAcc (ska/F6E1)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fWshIILre9kRFDu9feLBLwDyvze6rGwOH-LJEaG-EypTdD9lMDzA-Q==
Age: 3350

proftrafficcounter.com/stats

52.59.123.150

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.59.123.150:443
ASN
#16509 AMAZON-02

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
aac7e6cbb1feee2ae7b889934f065b26
fb9052e9b910b4ed8f1d9362dba1396f16805b4b
db520ac2e073f8c4d51ca5a6115e6b22f543cb5016a1f3b7f31124d6264c0b89

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 25 May 2024 09:40:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://listeamed.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=62d7f51c-008c-46ad-92c8-b6242432a6f4:2:1; expires=Tue, 23 May 2034 09:40:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

captivityhandleicicle.com/pixel/purst?dl=0&th=0&sc=0&rs=1783&rd=1783&fd=563&bv=24.5.8230&tmpl=70

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
captivityhandleicicle.com/pixel/purst?dl=0&th=0&sc=0&rs=1783&rd=1783&fd=563&bv=24.5.8230&tmpl=70
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectcaptivityhandleicicle.com
Fingerprint03:7E:2E:B2:58:E8:9E:B9:20:A6:35:45:93:6E:A7:28:4F:7E:D5:C7
ValidityMon, 06 May 2024 12:56:33 GMT - Sun, 04 Aug 2024 12:56:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1783&rd=1783&fd=563&bv=24.5.8230&tmpl=70 HTTP/1.1
Host: captivityhandleicicle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 25 May 2024 09:40:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

i.guardstorage.net/previews/QYdqA3WOmbdV25Kkz4BR.preview.vtt

188.114.96.1

200 OK

8.8 kB

URL GET HTTP/2
i.guardstorage.net/previews/QYdqA3WOmbdV25Kkz4BR.preview.vtt
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjecti.guardstorage.net
Fingerprint04:03:23:15:78:06:68:60:E6:22:9F:F4:EF:79:DC:D8:DA:79:11:7B
ValidityTue, 16 Apr 2024 11:01:27 GMT - Mon, 15 Jul 2024 11:01:26 GMT

File type
WebVTT subtitles, ASCII text
Size
8.8 kB (8798 bytes)
Hash
ecccf345cb748668475f11ee0631ff00
e257df5d646810fb93d5ea5a0e4d2f035ace4329
d1f77acb94aed3bd5339facfd59b6b7a4f540bc262be79c07c0a6c367babaed4

HTTP Headers

GET /previews/QYdqA3WOmbdV25Kkz4BR.preview.vtt HTTP/1.1
Host: i.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 25 May 2024 09:40:54 GMT
content-type: application/octet-stream
content-length: 8798
last-modified: Sun, 03 Dec 2023 12:25:32 GMT
etag: "656c73bc-225e"
accept-ranges: bytes
access-control-allow-origin: *
x-server: cdn1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0KV2tAlXOGDG7NHpQADIdeh64Vv2ub%2B98cRvmYdpIWV2yMagMVz0e%2FqNwqUfRVR2Wx%2BK8HrXNGvJDqMJvgCnlPabqOMlHbszfpTWyjZ6TO6iSRuLI0RrJLcAJYIXTBXc98TRbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 889491109aae5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint90:47:5A:A5:5F:5F:FA:E6:7C:6F:AB:D2:06:D1:D9:BD:F3:54:9E:6E
ValiditySat, 11 May 2024 20:51:41 GMT - Fri, 09 Aug 2024 20:51:40 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
ff8a43258b86c5e805b44961fca73493
c410f5f9dbe8bf2a3663dfdbe0e098b3bd224d69
4b94f9f7ccfb45bd3217b1733036eb327de60be9f273a06eb1a6efe74e595270

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 May 2024 09:40:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://listeamed.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=08006742083a45c0e3e039e7026e9b70; expires=Sun, 25 May 2025 09:40:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

capaciousdrewreligion.com/advertisers.js

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintBB:9C:12:88:24:43:D4:47:71:3F:F0:A4:BB:E1:85:65:CE:E7:92:E4
ValidityMon, 06 May 2024 02:35:23 GMT - Sun, 04 Aug 2024 02:35:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 25 May 2024 09:40:54 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cdf20c68889d29c6b8486c888b3057a3
Strict-Transport-Security: max-age=0; includeSubdomains

i.guardstorage.net/posters/QYdqA3WOmbdV25Kkz4BR.poster.jpg

188.114.96.1

200 OK

63 kB

URL GET HTTP/2
i.guardstorage.net/posters/QYdqA3WOmbdV25Kkz4BR.poster.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjecti.guardstorage.net
Fingerprint04:03:23:15:78:06:68:60:E6:22:9F:F4:EF:79:DC:D8:DA:79:11:7B
ValidityTue, 16 Apr 2024 11:01:27 GMT - Mon, 15 Jul 2024 11:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 852x476, components 3
Size
63 kB (63202 bytes)
Hash
dd378182d65af077c105e009c3847c0e
39c1b3f7ae3a0ffb219b2e4a661e2a03e4865aa7
520e72378a7470cf57838477dced3a58b3aa40efab1196b8dfe12b70c50a2395

HTTP Headers

GET /posters/QYdqA3WOmbdV25Kkz4BR.poster.jpg HTTP/1.1
Host: i.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 25 May 2024 09:40:54 GMT
content-type: image/jpeg
content-length: 63202
last-modified: Tue, 07 May 2024 02:19:33 GMT
etag: "66398fb5-f6e2"
access-control-allow-origin: *
x-server: cdn2
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lP06o8FuDKrBVYYAFqwwQfnogyCIG7fOwMumc8dIc7tKRpxM27FEKXPLLX5OChZkvUxBcLXc57x2Nvz%2BRQRrGDfXCZYsFh6rtJIckOIwkIMCs1xD1CPsPPDkYKIsj9mPwdmFElo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 889491109befb50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

oaphoace.net/500/6424058?excludes=&oaid=08006742083a45c0e3e039e7026e9b70&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fe%2FqA3WOmbdV25Kkz4%2FShangri-LaFrontier_Ep_10_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0

139.45.197.239

200 OK

0 B

URL GET HTTP/2
oaphoace.net/500/6424058?excludes=&oaid=08006742083a45c0e3e039e7026e9b70&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fe%2FqA3WOmbdV25Kkz4%2FShangri-LaFrontier_Ep_10_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectoaphoace.net
Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4
ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/6424058?excludes=&oaid=08006742083a45c0e3e039e7026e9b70&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fe%2FqA3WOmbdV25Kkz4%2FShangri-LaFrontier_Ep_10_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://listeamed.net/
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 May 2024 09:40:54 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://listeamed.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

offerimage.com/www/images/3f69e1877801cf3e6e161bb2114c915f.jpg

172.67.22.216

200 OK

10 kB

URL GET HTTP/2
offerimage.com/www/images/3f69e1877801cf3e6e161bb2114c915f.jpg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
10 kB (10224 bytes)
Hash
3f69e1877801cf3e6e161bb2114c915f
e5bd65573fc9d952cbd63fb097395eed8f3f7a3c
34312eeb95acf67ca8d3e63a8bbfb9e067f61550f19e606ab244dab69c78ef5f

HTTP Headers

GET /www/images/3f69e1877801cf3e6e161bb2114c915f.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 25 May 2024 09:40:55 GMT
content-type: image/jpeg
content-length: 10224
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63fdb2cf-27f0"
expires: Sat, 25 May 2024 11:03:43 GMT
last-modified: Tue, 28 Feb 2023 07:52:47 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 81432
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8894911418fe1c12-OSL
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5d0b7404-c60a-49ca-a1fb-3a8da7d6ae04

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5d0b7404-c60a-49ca-a1fb-3a8da7d6ae04
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C
ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5d0b7404-c60a-49ca-a1fb-3a8da7d6ae04 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1437
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 25 May 2024 09:40:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://listeamed.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

jnm9bocres.guardstorage.net/hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/index-f1-v1-a1.m3u8?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052

37.59.30.235

200 OK

657 kB

URL GET HTTP/2
jnm9bocres.guardstorage.net/hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/index-f1-v1-a1.m3u8?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052
IP
37.59.30.235:443
ASN
#16276 OVH SAS

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerSectigo Limited
Subject*.guardstorage.net
FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1
ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
657 kB (656730 bytes)
Hash
6ac84590cca436160a83a5238a483512
e7a29513210f44223a6b9a138870e8d84f66d711
485053f3bdc651588a3577ff9f8485e10d1a2a033b7d74340b374a55fcce41c0

HTTP Headers

GET /hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/index-f1-v1-a1.m3u8?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052 HTTP/1.1
Host: jnm9bocres.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.21.4.3
date: Sat, 25 May 2024 09:40:55 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Sat, 25 May 2024 09:40:55 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

listeamed.net/favicon.ico

188.114.97.1

404 Not Found

18 B

URL GET HTTP/3
listeamed.net/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
53af239ee5d3e261545dededcb6ffd57
04ca7e137e1e9feead96a7df45bb67d5ab3de190
99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Cookie: pp_show_on_511a5b14f9f9525cf33f9e93d660853b=1; pp_main_511a5b14f9f9525cf33f9e93d660853b=1; pp_exp_511a5b14f9f9525cf33f9e93d660853b=1716637254576; dom3ic8zudi28v8lr6fgphwffqoz0j6c=62d7f51c-008c-46ad-92c8-b6242432a6f4%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 25 May 2024 09:40:55 GMT
content-type: text/plain
content-length: 18
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvD8Z%2BiSkjMJzwsIqKsUhLB5Szh3R32s%2FkSsIvnsxNnIGNQbvbugT5O%2FLTr6FsDtFDK1UcprZAz6FE9NToUo2OjssCKQzqCnqXCEFzo0QL0kpxLL6Z8FJDctpQJP2Fnv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88949117dbe85695-OSL
alt-svc: h3=":443"; ma=86400

i.guardstorage.net/previews/QYdqA3WOmbdV25Kkz4BR.preview.jpg

188.114.96.1

200 OK

999 kB

URL GET HTTP/3
i.guardstorage.net/previews/QYdqA3WOmbdV25Kkz4BR.preview.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjecti.guardstorage.net
Fingerprint04:03:23:15:78:06:68:60:E6:22:9F:F4:EF:79:DC:D8:DA:79:11:7B
ValidityTue, 16 Apr 2024 11:01:27 GMT - Mon, 15 Jul 2024 11:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 765x4080, components 3
Size
999 kB (999361 bytes)
Hash
363aa6ddecf19c2966474a317e79631a
aa6dfddf492e9f36124147f9dcba2c8384777051
bf92e4d2cd90ee74054596f3bccb2ccbccb71636d2ddc9c1a61d065204669142

HTTP Headers

GET /previews/QYdqA3WOmbdV25Kkz4BR.preview.jpg HTTP/1.1
Host: i.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 25 May 2024 09:40:55 GMT
content-type: image/jpeg
content-length: 999361
last-modified: Sun, 03 Dec 2023 12:25:32 GMT
etag: "656c73bc-f3fc1"
access-control-allow-origin: *
x-server: cdn1
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esmZ2kDv96AlsTkVdojYlM6lhydBjBfY0pM%2BYbclh0CoQtwRjHOR90mRu0AWwu%2BTqs%2BAn9u10zneuEOq6BiI9KDEBH1LkzUairKgCupDybr%2B9d1YuJR1g28TLrmqyTdeHUjr%2FXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88949111ef14b50c-OSL
alt-svc: h3=":443"; ma=86400

jnm9bocres.guardstorage.net/hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/index-f2-v1-a1.m3u8?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052

37.59.30.235

200 OK

2.1 MB

URL GET HTTP/2
jnm9bocres.guardstorage.net/hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/index-f2-v1-a1.m3u8?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052
IP
37.59.30.235:443
ASN
#16276 OVH SAS

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerSectigo Limited
Subject*.guardstorage.net
FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1
ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
2.1 MB (2064475 bytes)
Hash
481320a6f256b5fba692be320966eacf
479189ebcc953aa7e0d82476b2970175a978c962
ab2f7b535af6d29f2e2a54476f396e008ade6595278a031826cdfa13e1fab967

HTTP Headers

GET /hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/index-f2-v1-a1.m3u8?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052 HTTP/1.1
Host: jnm9bocres.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.21.4.3
date: Sat, 25 May 2024 09:40:55 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Sat, 25 May 2024 09:40:55 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=62d7f51c-008c-46ad-92c8-b6242432a6f4&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=62d7f51c-008c-46ad-92c8-b6242432a6f4&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintF5:95:0F:2B:01:D6:36:49:AB:2E:61:76:F7:EC:A5:45:3D:F1:0E:59
ValidityTue, 21 May 2024 07:36:27 GMT - Mon, 19 Aug 2024 07:36:26 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=62d7f51c-008c-46ad-92c8-b6242432a6f4&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 25 May 2024 09:40:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 10a33e942a2b0feda6366550e57cec74
Strict-Transport-Security: max-age=0; includeSubdomains

oaphoace.net/impression/WlRUTDt5zL6A0pp8dNetaTQSBKyQrVZKk_voQDNoxgOb1T5uR1WE5cj82bMswyXBbiIqDammu2N9aKXwesBZJUEHpsX6bvYeCwQc2SMUT4ICBjQzm6m35caAlg0Qoepj9qPWBcA9uwvh9p5IOEm-mr0o0c3XJHILX6mRpGC9WSFZdzHW6eNzGcRUUhJHdNFotrlcjkichdqqDo4E-KMZ0SZ-QrqBUu6207BsqjumOD4tW6KveKt25otL11BLhdq2yW6hPI32NlK5Cc_cn616x_jh1Pd4BVP-RwB6D-8yj-BwWowMG2YA1qhVRHqDK7tVIKZlMrN2f3vB5yXgyeaXNsZgj0uSAmwcUPG9R6W8O68-wX99DX42jUQrIFI-M3f0s5vvEDt12xE41BJSi33lwrIp_m-4-zmYF35BPxQBhVE3FlBA6zEG6qP4YZnHyeObhIyB6YgmWy59WVlTF_JZF3dqTs0c-nZtYcUc6hTs3uS9Wyb_AetcLkZpvvxwJFgXoUPqYtifie4I1HClibWaeeddFNMdBwBjQHSnTATXsePLmcW0Eg20myCjZ-G6WIXlbliIpZqiVZoAZ3LLtGBSFVKyl9iXUYZa?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fe%2FqA3WOmbdV25Kkz4%2FShangri-LaFrontier_Ep_10_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0

139.45.197.239

200 OK

43 B

URL GET HTTP/2
oaphoace.net/impression/WlRUTDt5zL6A0pp8dNetaTQSBKyQrVZKk_voQDNoxgOb1T5uR1WE5cj82bMswyXBbiIqDammu2N9aKXwesBZJUEHpsX6bvYeCwQc2SMUT4ICBjQzm6m35caAlg0Qoepj9qPWBcA9uwvh9p5IOEm-mr0o0c3XJHILX6mRpGC9WSFZdzHW6eNzGcRUUhJHdNFotrlcjkichdqqDo4E-KMZ0SZ-QrqBUu6207BsqjumOD4tW6KveKt25otL11BLhdq2yW6hPI32NlK5Cc_cn616x_jh1Pd4BVP-RwB6D-8yj-BwWowMG2YA1qhVRHqDK7tVIKZlMrN2f3vB5yXgyeaXNsZgj0uSAmwcUPG9R6W8O68-wX99DX42jUQrIFI-M3f0s5vvEDt12xE41BJSi33lwrIp_m-4-zmYF35BPxQBhVE3FlBA6zEG6qP4YZnHyeObhIyB6YgmWy59WVlTF_JZF3dqTs0c-nZtYcUc6hTs3uS9Wyb_AetcLkZpvvxwJFgXoUPqYtifie4I1HClibWaeeddFNMdBwBjQHSnTATXsePLmcW0Eg20myCjZ-G6WIXlbliIpZqiVZoAZ3LLtGBSFVKyl9iXUYZa?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fe%2FqA3WOmbdV25Kkz4%2FShangri-LaFrontier_Ep_10_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectoaphoace.net
Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4
ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/WlRUTDt5zL6A0pp8dNetaTQSBKyQrVZKk_voQDNoxgOb1T5uR1WE5cj82bMswyXBbiIqDammu2N9aKXwesBZJUEHpsX6bvYeCwQc2SMUT4ICBjQzm6m35caAlg0Qoepj9qPWBcA9uwvh9p5IOEm-mr0o0c3XJHILX6mRpGC9WSFZdzHW6eNzGcRUUhJHdNFotrlcjkichdqqDo4E-KMZ0SZ-QrqBUu6207BsqjumOD4tW6KveKt25otL11BLhdq2yW6hPI32NlK5Cc_cn616x_jh1Pd4BVP-RwB6D-8yj-BwWowMG2YA1qhVRHqDK7tVIKZlMrN2f3vB5yXgyeaXNsZgj0uSAmwcUPG9R6W8O68-wX99DX42jUQrIFI-M3f0s5vvEDt12xE41BJSi33lwrIp_m-4-zmYF35BPxQBhVE3FlBA6zEG6qP4YZnHyeObhIyB6YgmWy59WVlTF_JZF3dqTs0c-nZtYcUc6hTs3uS9Wyb_AetcLkZpvvxwJFgXoUPqYtifie4I1HClibWaeeddFNMdBwBjQHSnTATXsePLmcW0Eg20myCjZ-G6WIXlbliIpZqiVZoAZ3LLtGBSFVKyl9iXUYZa?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Flisteamed.net%2Fe%2FqA3WOmbdV25Kkz4%2FShangri-LaFrontier_Ep_10_SUB_ITA.mp4&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.344.0 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Cookie: OAID=08006742083a45c0e3e039e7026e9b70
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 May 2024 09:40:59 GMT
content-type: image/gif
content-length: 43
x-trace-id: f5a8a53df7c44913b726d281cc2683da
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/3f69e1877801cf3e6e161bb2114c915f.jpg

172.67.22.216

200 OK

10 kB

URL GET HTTP/2
offerimage.com/www/images/3f69e1877801cf3e6e161bb2114c915f.jpg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
10 kB (10224 bytes)
Hash
3f69e1877801cf3e6e161bb2114c915f
e5bd65573fc9d952cbd63fb097395eed8f3f7a3c
34312eeb95acf67ca8d3e63a8bbfb9e067f61550f19e606ab244dab69c78ef5f

HTTP Headers

GET /www/images/3f69e1877801cf3e6e161bb2114c915f.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 25 May 2024 09:40:59 GMT
content-type: image/jpeg
content-length: 10224
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63fdb2cf-27f0"
expires: Sat, 25 May 2024 11:03:43 GMT
last-modified: Tue, 28 Feb 2023 07:52:47 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 81436
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 889491306abe1c12-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.106

200 OK

1.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint58:16:76:D3:35:A7:C7:1B:68:67:E2:F5:33:04:0E:E9:CB:56:BD:77
ValidityMon, 06 May 2024 14:43:20 GMT - Mon, 29 Jul 2024 14:43:19 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1291 bytes)
Hash
4313179f3ecc35e5fa8adaa3e5fe46e8
c4ab8e18d81cb3a81836ad7c337818735068312d
fc5164f4ce71e3409a6b1a903011c22014452e45560a028d8a17dfc2fabf9ac6

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 May 2024 09:40:59 GMT
date: Sat, 25 May 2024 09:40:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 May 2024 08:28:58 GMT
expires: Sun, 25 May 2025 08:28:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 4321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 May 2024 08:27:17 GMT
expires: Sun, 25 May 2025 08:27:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 4422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.193.52

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1
ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT

File type
JavaScript source, ASCII text, with very long lines (18486)
Size
19 kB (19136 bytes)
Hash
70ebd404c2e1e7bad13998538b56887c
86e57af8ba3cfc2c004da3311835f6b54ba6d848
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 25 May 2024 09:40:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 89
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oDmSCw8LoGhTM1rZNpftyYs2rpX7g3wR8nF%2FHl0JJ0413PyHs%2F3rfEjFAYCQqgg%2F4KhYnwIzmuW6b1O4jd5L0EOgpIxtPuNRv191gCj417DLDGLGLpnvyK%2BYXXm9UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 889491123f6956c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

recordedthereby.com/sfp.js

188.114.97.1

200 OK

85 kB

URL GET HTTP/2
recordedthereby.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectrecordedthereby.com
FingerprintA3:3F:9B:AE:CF:C6:1B:C3:8B:FC:65:01:2F:06:6A:22:60:3C:8E:AF
ValidityWed, 08 May 2024 14:16:18 GMT - Tue, 06 Aug 2024 14:16:17 GMT

File type

Size
85 kB (85378 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 25 May 2024 09:40:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: dfcd901edac0cced8dc33eec83b2b531
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 25 May 2024 09:40:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jB5JgnYEGaFCoEYRNEgOncqvhPwd7CC1r80%2FRH%2F9a4NKkRyyg2e059qge6fuhY67%2FEKfH%2BfajckNWd0Mdkk6q68c5mWqiNxjqqL2zE1yWsnPA3Iy3uRANU5NF6LCKinC92aN5TFb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8894910e6e2b56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

listeamed.net/assets/jwplayer/8.28.1/jwplayer.core.controls.js

188.114.97.1

200 OK

325 kB

URL GET HTTP/3
listeamed.net/assets/jwplayer/8.28.1/jwplayer.core.controls.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
325 kB (325119 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/jwplayer/8.28.1/jwplayer.core.controls.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Cookie: pp_show_on_511a5b14f9f9525cf33f9e93d660853b=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 25 May 2024 09:40:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2RgfMgMErz2o6Z4rn8%2BY7Gx548hotuJSk1SLu0Dqkks6GW02FdzbGpDCe7f5jRdGX88KodQoyMCE1Ag2AJdhhnjnICavrpNvatckh40gA0bvyRqSCQOtcVErGmeBTu8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8894910e4c3e5695-OSL
alt-svc: h3=":443"; ma=86400

jnm9bocres.guardstorage.net/hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/seg-1-f1-v1-a1.ts?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052

37.59.30.235

200 OK

656 kB

URL GET HTTP/2
jnm9bocres.guardstorage.net/hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/seg-1-f1-v1-a1.ts?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052
IP
37.59.30.235:443
ASN
#16276 OVH SAS

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerSectigo Limited
Subject*.guardstorage.net
FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1
ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
656 kB (656120 bytes)
Hash
0510546f29b4d1b818e3d7ad2162a332
e6ed2dbe85186ec98a84eb14f60fd84230d42127
735bc5eb1341200c1629e363bcc261668d8cbd5c7d67d16676fddbfc3ba58419

HTTP Headers

GET /hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/seg-1-f1-v1-a1.ts?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052 HTTP/1.1
Host: jnm9bocres.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.3
date: Sat, 25 May 2024 09:40:55 GMT
content-type: video/MP2T
content-length: 656120
etag: "3a1794b0-a02f8"
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
expires: Mon, 02 Sep 2024 09:40:55 GMT
cache-control: max-age=8640000
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

jnm9bocres.guardstorage.net/hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/seg-2-f2-v1-a1.ts?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052

37.59.30.235

200 OK

2.1 MB

URL GET HTTP/2
jnm9bocres.guardstorage.net/hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/seg-2-f2-v1-a1.ts?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052
IP
37.59.30.235:443
ASN
#16276 OVH SAS

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerSectigo Limited
Subject*.guardstorage.net
FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1
ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type

Size
2.1 MB (2063864 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/seg-2-f2-v1-a1.ts?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052 HTTP/1.1
Host: jnm9bocres.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.3
date: Sat, 25 May 2024 09:40:55 GMT
content-type: video/MP2T
content-length: 2063864
etag: "3a1794b0-1f7df8"
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
expires: Mon, 02 Sep 2024 09:40:55 GMT
cache-control: max-age=8640000
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

listeamed.net/assets/jwplayer/8.28.1/provider.hlsjs.js

188.114.97.1

200 OK

423 kB

URL GET HTTP/3
listeamed.net/assets/jwplayer/8.28.1/provider.hlsjs.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
423 kB (423017 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/jwplayer/8.28.1/provider.hlsjs.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Cookie: pp_show_on_511a5b14f9f9525cf33f9e93d660853b=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 25 May 2024 09:40:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfAuk6qG5B%2BvABiYomOsXRaxqb1L6hrGC2VGZFObCc2FugZPg09hHxphCt8l4ThSw%2B9nBC9CVrhwZlnyckpPj8QyWa5o%2BlWJJlcwUYsApP5y%2FIFbwgf3ErmIWNIIVli4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8894910e4c425695-OSL
alt-svc: h3=":443"; ma=86400

listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4

188.114.97.1

200 OK

68 kB

URL User Request GET HTTP/2
listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
68 kB (68035 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 25 May 2024 09:40:53 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sat, 25 May 2024 09:40:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKNdtBnjzdgW62ZAaqrc0nRnANDd5phf42WuYi7Ulmg%2B6co0PL5mTglGPA3DYyzqkG3BWOZwlF8EjxEGNtiHeMvTEWnkRgE%2Bcqjw3arlg%2B4XHB%2Fd67kWA8HCvPZ7O3pB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88949102db740b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

oaphoace.net/401/6424058

139.45.197.239

200 OK

91 kB

URL GET HTTP/2
oaphoace.net/401/6424058
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerLet's Encrypt
Subjectoaphoace.net
Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4
ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
91 kB (91002 bytes)
Hash
b028a10c1ef82954150835d8d2d50095
f2becb2e22f0620e34f2ce5955126ac3ebb38db9
10aa83b65ec063aff8be99364f9039074a8300f97f68e7eeb5aa08ec78e93f75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/6424058 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 May 2024 09:40:54 GMT
content-type: application/javascript
x-trace-id: 977303630d268b8ef6fa3aa6cf238ed6
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=030067c41643474ce48af1485377d429; expires=Sun, 25 May 2025 09:40:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

listeamed.net/assets/js/main.js?id=8fdfd78f6de7386e3162347efd9a6be4

188.114.97.1

200 OK

105 kB

URL GET HTTP/3
listeamed.net/assets/js/main.js?id=8fdfd78f6de7386e3162347efd9a6be4
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
105 kB (104880 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/js/main.js?id=8fdfd78f6de7386e3162347efd9a6be4 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 25 May 2024 09:40:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 24 May 2024 00:26:52 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 3160
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FlSpIeNGXQGOW%2BuXy9xMftwfeRHN3VZconJpPqJYq4Hxgmr7dXmGyWkB6LkTsT3F4IFQ9XL8O2ossPpeXE5OX9Oix9PfVoeV6%2FbxJznfHKsyRgMI1S%2B6TNiHf3DWc0q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8894910a798e5695-OSL
alt-svc: h3=":443"; ma=86400

listeamed.net/assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6

188.114.97.1

200 OK

109 kB

URL GET HTTP/3
listeamed.net/assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type

Size
109 kB (109142 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 25 May 2024 09:40:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4226
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2pbfzu%2FMX1sanj6C%2BVMLY%2BUHpOvpNp%2FQ%2FEHbHCIArE4UyLTYgDy0fJV%2BmOAKJtzRfPlXsgn%2FwhiEuX6KSxgV7n%2FlSoOWsaaH%2FHaqSzN8UniF0eYyYyLMVT%2FUJJI1qAF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8894910a69835695-OSL
alt-svc: h3=":443"; ma=86400

listeamed.net/assets/jwplayer/8.28.1/jwpsrv.js

188.114.97.1

200 OK

65 kB

URL GET HTTP/3
listeamed.net/assets/jwplayer/8.28.1/jwpsrv.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectlisteamed.net
FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1
ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT

File type
JavaScript source, ASCII text, with very long lines (65100), with no line terminators
Size
65 kB (65100 bytes)
Hash
8035032c7bcdff774adfcf60e84b450d
1eb7f0268ef459954dea51343ef96720ed370566
b676f19bfd6bc7f2d07cdf0d00beb0c75ad04d1a8e4268df0f10ddbffb7313bf

HTTP Headers

GET /assets/jwplayer/8.28.1/jwpsrv.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Cookie: pp_show_on_511a5b14f9f9525cf33f9e93d660853b=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 25 May 2024 09:40:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4161
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJ0zg2b7nKMbRs%2BP3iboq4N%2BQoeFGZy7HbD2T5h%2B06gqLwimdJxbS0wDNOp0igzuX8qgECb%2BNN68q%2B4GVlE4Ohh%2BL4zETQf724BP1MNgHAIxeVF59OEkcGl9iXfV%2B7JR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8894910e2c2e5695-OSL
alt-svc: h3=":443"; ma=86400

jnm9bocres.guardstorage.net/hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/master.m3u8?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052

37.59.30.235

200 OK

1.8 kB

URL GET HTTP/2
jnm9bocres.guardstorage.net/hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/master.m3u8?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052
IP
37.59.30.235:443
ASN
#16276 OVH SAS

Requested by
https://listeamed.net/e/qA3WOmbdV25Kkz4/Shangri-LaFrontier_Ep_10_SUB_ITA.mp4
Certificate
IssuerSectigo Limited
Subject*.guardstorage.net
FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1
ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (1801), with no line terminators
Size
1.8 kB (1781 bytes)
Hash
2eb6d474958d4c23145b0053aa503460
c31c91603c7ebbd5e80dd7ab0e502c4ee48226f2
5853fd6ebeec04eeaadfe527b1c5adfc5968de3e1ce93f854dd0300433c4c576

HTTP Headers

GET /hls_3/fvoLN3o39thVGcqj3CCpu8Q67KUKPN1F9Ts7J49Vu3L87khY2M01ySXzJHMQhNOmFvp07Q7fgufsnuTdIJVUySckQItAy5epj7qKUTBYzmjS5AUgqECiTA7nJpqUIsGv7Hs8Fr8uDEkbuNOvnv8B66Rp5hc4Mk-XVUOvkMtJSs5IWvftQsL-Cm2SYO5CooXFt5U9XRY91B3WmfrOFwB1sg/master.m3u8?sig=Qy0twh2O3khO6ld0eePGeQ&expires=1716639052 HTTP/1.1
Host: jnm9bocres.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.3
date: Sat, 25 May 2024 09:40:55 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Sat, 25 May 2024 09:40:55 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash