| www.google.kz/amp/s/plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20= | 142.250.74.163 | 302 Found | 254 B |
URL User Request GET HTTP/2www.google.kz/amp/s/plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20= IP142.250.74.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.kz FingerprintB8:ED:1E:11:9C:D1:A7:8F:90:B8:8D:56:F9:5B:B6:A0:E4:D2:A3:5A ValidityMon, 26 Feb 2024 08:21:26 GMT - Mon, 20 May 2024 08:21:25 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash82bc8db7293a72dc5d80fcb8f84b460a 0ad65928023a726e85f45009000b1bbb5554a0ab b112355cdaa114caca1248af9b594e427cdd356b487166f64d9981d50112c79d
GET /amp/s/plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20= HTTP/1.1
Host: www.google.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20=
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-xboaFc15WhmxShZ02xMoLA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 28 Mar 2024 19:49:04 GMT
server: gws
content-length: 254
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: __Secure-ENID=18.SE=DFBddACPCBAcj1LLdt3c77bfWqWZjbq23MWCHQwbMp1qMXQ8BSrcImDCW0s4iNnSFVf3ooXbNxzHhDGpzj5wkIlZ64HYH-X1Zv7aIa9y4s7qNfmyFsb721LmTn7mD6toHKl8Wapf7iMoNG0o7VyoyQBCjP0xX-kdFHMQlMyoV0I; expires=Mon, 28-Apr-2025 12:07:21 GMT; path=/; domain=.google.kz; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| plugcr.com/cdn-cgi/styles/cf.errors.css | 172.67.129.113 | 200 OK | 5.0 kB |
URL GET HTTP/3plugcr.com/cdn-cgi/styles/cf.errors.css IP172.67.129.113:443
Requested byhttps://plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20= CertificateIssuerGoogle Trust Services LLC Subjectplugcr.com FingerprintDB:B8:46:9A:02:CC:26:55:B8:57:F7:7B:A0:C0:41:8A:0D:A4:DF:63 ValidityMon, 18 Mar 2024 10:25:03 GMT - Sun, 16 Jun 2024 10:25:02 GMT
File typegzip compressed data, from Unix Hash9b41725f5db500165951f5d3e2c0f49e b21aa483a42ebd4bd60722b75503cf5c47502181 f3152c78dac35b67e798503cb52c2b5014f0b20c674efbf8ea9246966486cbdd
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Sinkholed / Blocked |
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: plugcr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 19:49:04 GMT
content-type: text/css
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
etag: W/"65fd6d96-5e44"
server: cloudflare
cf-ray: 86ba242fc9b9b4fa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 28 Mar 2024 21:49:04 GMT
cache-control: max-age=7200, public
content-encoding: gzip
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 5.8 kB |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typegzip compressed data, max speed, from Unix Hash4f9d064ed130f33c665f77eec7ecf535 166630ee21d6f9ea9be41eabefb4026796860d36 5d4ad4b241d28f5ae8f0ef5b2d1feb6337b27d51c09c9e87dcdc334ffcfc556f
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 19:49:22 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-04-29-22-13-57.chain; p384ecdsa=OhzyN53T0t6ubK9W3OjVTnDS3SZ0gc-KK-nRY4OHxLTc-X07CBNQOFCkwpXkJ-qVtqaahsDzsn5VA-Ph0kQZEpiFIsSXHuxI7xitJ5pEJ6ZyJuzU-BFAuNB9eABT-ve3
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| plugcr.com/cdn-cgi/images/icon-exclamation.png?1376755637 | 172.67.129.113 | 200 OK | 452 B |
URL GET HTTP/3plugcr.com/cdn-cgi/images/icon-exclamation.png?1376755637 IP172.67.129.113:443
Requested byhttps://plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20= CertificateIssuerGoogle Trust Services LLC Subjectplugcr.com FingerprintDB:B8:46:9A:02:CC:26:55:B8:57:F7:7B:A0:C0:41:8A:0D:A4:DF:63 ValidityMon, 18 Mar 2024 10:25:03 GMT - Sun, 16 Jun 2024 10:25:02 GMT
File typePNG image data, 54 x 54, 8-bit colormap, non-interlaced Hashc33de66281e933259772399d10a6afe8 b9f9d500f8814381451011d4dcf59cd2d90ad94f f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Sinkholed / Blocked |
GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: plugcr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://plugcr.com/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 19:49:04 GMT
content-type: image/png
content-length: 452
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
etag: "65fd6d96-1c4"
server: cloudflare
cf-ray: 86ba243019edb4fa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 28 Mar 2024 21:49:04 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
|
|
| plugcr.com/favicon.ico | 172.67.129.113 | 200 OK | 4.7 kB |
IP172.67.129.113:443
Requested byhttps://plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20= CertificateIssuerGoogle Trust Services LLC Subjectplugcr.com FingerprintDB:B8:46:9A:02:CC:26:55:B8:57:F7:7B:A0:C0:41:8A:0D:A4:DF:63 ValidityMon, 18 Mar 2024 10:25:03 GMT - Sun, 16 Jun 2024 10:25:02 GMT
File typeHTML document, ASCII text, with very long lines (4977), with no line terminators Hasha1bf4a2b2ecdf64aeb7a8b049f2df309 ed2f25c2d5cde4f13a142a386b50673eaf5cec51 8a620a465faa5ec2b77f774e2838117175680312c46fb10db9e50013e9e77105
GET /favicon.ico HTTP/1.1
Host: plugcr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 19:49:04 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BuOrajXkmadfldBbpjDt0sBJ3effXLvUBQII6HkzMwKeHuOvncDhV%2FZ43r8Mw6H2A29OlJU%2F4IXMJ%2FD%2BhK9GosKAFaJMuiGK6GoYriDq1Ub%2FahhfRkTi7Mpqf2fi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86ba24306a42b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20= | 172.67.129.113 | 200 OK | 4.8 kB |
URL User Request GET HTTP/2plugcr.com/bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20= IP172.67.129.113:443
CertificateIssuerGoogle Trust Services LLC Subjectplugcr.com FingerprintDB:B8:46:9A:02:CC:26:55:B8:57:F7:7B:A0:C0:41:8A:0D:A4:DF:63 ValidityMon, 18 Mar 2024 10:25:03 GMT - Sun, 16 Jun 2024 10:25:02 GMT
File typeHTML document, ASCII text, with very long lines (5004), with no line terminators Hash8c59ec665c3b4b372a738130a27478cd 7d1d4313ba75810b103d831f56dedb0453813652 02f0c7ab8ddfb8812de725248d1a19115b06c96a9dced868882e74d8250af135
GET /bWbAe/ZnJhbmNvamJ1bG5lc0BlYXRvbi5jb20= HTTP/1.1
Host: plugcr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 19:49:04 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MmSiU9LpGg3I26d48LsFqJGQov%2BZ3rspuqi3lR8c2QCuewA8j0unoSgd7I%2FcGB7JvlQGu%2BE2vF7LlVYP%2FdgQ%2FvBgJDqk0W2nLE3yHMtkD4b3n2UYF0XJHb1w1zHK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86ba242c9d92712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|