| trk.americanteddy.com/?xtl=be7ylifo9xcu706zmclkuzs2tq45txqg890y3avvt1achbrwkmliniloxwqtr2v6ixhaq7l7v08buucnpnvbv2pdchma1o858cluoa7y4h0nwbfshuvzxvqps0bna4sknkjbq4uq6dia5tq35kproy5pfbkx44sarsqotuc1gyutxemi2s3f0drivt1w5exf701xumtv9m0amgm1rnmj9qlk2ir8nrglmrolf13q6a5d3by32otfaru3i6xizuc6lgxfb5us485aq2o15rea551pxxf32m3cxb&ei=tdk1@slurpmail.net&__stmp=sd4lvv&ocx_custom_hash=e9c74ff014261b01e9c3f9543ac02009&lead_source= |  18.214.55.247 | 302 Moved Temporarily | 0 B |
URL User Request GET HTTP/1.1trk.americanteddy.com/?xtl=be7ylifo9xcu706zmclkuzs2tq45txqg890y3avvt1achbrwkmliniloxwqtr2v6ixhaq7l7v08buucnpnvbv2pdchma1o858cluoa7y4h0nwbfshuvzxvqps0bna4sknkjbq4uq6dia5tq35kproy5pfbkx44sarsqotuc1gyutxemi2s3f0drivt1w5exf701xumtv9m0amgm1rnmj9qlk2ir8nrglmrolf13q6a5d3by32otfaru3i6xizuc6lgxfb5us485aq2o15rea551pxxf32m3cxb&ei=tdk1@slurpmail.net&__stmp=sd4lvv&ocx_custom_hash=e9c74ff014261b01e9c3f9543ac02009&lead_source= IP18.214.55.247:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?xtl=be7ylifo9xcu706zmclkuzs2tq45txqg890y3avvt1achbrwkmliniloxwqtr2v6ixhaq7l7v08buucnpnvbv2pdchma1o858cluoa7y4h0nwbfshuvzxvqps0bna4sknkjbq4uq6dia5tq35kproy5pfbkx44sarsqotuc1gyutxemi2s3f0drivt1w5exf701xumtv9m0amgm1rnmj9qlk2ir8nrglmrolf13q6a5d3by32otfaru3i6xizuc6lgxfb5us485aq2o15rea551pxxf32m3cxb&ei=tdk1@slurpmail.net&__stmp=sd4lvv&ocx_custom_hash=e9c74ff014261b01e9c3f9543ac02009&lead_source= HTTP/1.1
Host: trk.americanteddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Date: Tue, 07 May 2024 17:29:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Powered-By: PHP/5.6.40
Accept-Ch: Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
Accept-Ch-Lifetime: 86400
Critical-Ch: Sec-Ch-Ua-Platform-Version
Location: https://tap.americanteddy.com/venoplus0424/e9c74ff014261b01e9c3f9543ac02009/48//2150713728/136120/be3996880849316045a77eb905dbbc05/70942
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
|
|
| verifiedwebpage.com/cdn-cgi/images/browser-bar.png?1376755637 |  104.18.21.187 | 200 OK | 715 B |
URL GET HTTP/2verifiedwebpage.com/cdn-cgi/images/browser-bar.png?1376755637 IP104.18.21.187:443
Requested byhttps://verifiedwebpage.com/go?ehash=e9c74ff014261b01e9c3f9543ac02009&product=45923&ar=48&cid=2150713728&lid=136120&slhash=be3996880849316045a77eb905dbbc05&mtaid=70942&cid2=[s8]&nid=TG CertificateIssuerGoogle Trust Services LLC Subjectverifiedwebpage.com FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56 ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT
File typePNG image data, 960 x 53, 8-bit colormap, non-interlaced Hash226dcb8f6144bdaafdfbd8f2f354be64 3785cc5b3bf52f8e398177b0ff1020b24aa86b8c 8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Sinkholed / Blocked |
GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://verifiedwebpage.com/cdn-cgi/styles/cf.errors.css
Cookie: __cf_bm=XrP3d6OebIOaxhjJq6Evp67_hfYDe0qJiYFa1F9Ymfs-1715102966-1.0.1.1-Sw90NB5sZSp7t6Gzk5NfKtjicPS4ncrwbdaAsGwyucJVsnRYWLI0BdHTfVHatm57anUBcJS30FKunsKlbPddgA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 17:29:26 GMT
content-type: image/png
content-length: 715
last-modified: Fri, 03 May 2024 17:58:00 GMT
etag: "663525a8-2cb"
server: cloudflare
cf-ray: 8802eea64bc156bd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Tue, 07 May 2024 19:29:26 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tap.americanteddy.com/venoplus0424/e9c74ff014261b01e9c3f9543ac02009/48//2150713728/136120/be3996880849316045a77eb905dbbc05/70942 | 104.21.28.207 | 302 Found | 3.2 kB |
URL User Request GET HTTP/2tap.americanteddy.com/venoplus0424/e9c74ff014261b01e9c3f9543ac02009/48//2150713728/136120/be3996880849316045a77eb905dbbc05/70942 IP104.21.28.207:443
CertificateIssuerCloudflare, Inc. Subjectamericanteddy.com Fingerprint0A:D4:26:E3:54:AB:EE:7E:6F:17:35:71:1F:9E:07:EB:FE:97:27:C3 ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typePNG image data, 178 x 175, 8-bit colormap, non-interlaced Hash0d768cbc261841d3affc933b9ac3130e aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7 1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Sinkholed / Blocked |
GET /venoplus0424/e9c74ff014261b01e9c3f9543ac02009/48//2150713728/136120/be3996880849316045a77eb905dbbc05/70942 HTTP/1.1
Host: tap.americanteddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 07 May 2024 17:29:26 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=e9c74ff014261b01e9c3f9543ac02009&product=45923&ar=48&cid=2150713728&lid=136120&slhash=be3996880849316045a77eb905dbbc05&mtaid=70942&cid2=[s8]&nid=TG
cache-control: max-age=600
expires: Tue, 07 May 2024 17:39:25 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8bzkuovRHZdC2jCVf3e8hKaPxKnLAgyhB5AMTbTgFFe%2BEQ4tMbBxZuXdg1W2VVezxzLr6XJMyQ1X3IH1vOuBbWwKc3M2RHST6cvnI3cuV7cCax4DzOihRAkg7qrSppXBv93hwp6iesM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802eea25dca5696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| verifiedwebpage.com/cdn-cgi/styles/cf.errors.css | 104.18.21.187 | 200 OK | 6.4 kB |
URL GET HTTP/2verifiedwebpage.com/cdn-cgi/styles/cf.errors.css IP104.18.21.187:443
Requested byhttps://verifiedwebpage.com/go?ehash=e9c74ff014261b01e9c3f9543ac02009&product=45923&ar=48&cid=2150713728&lid=136120&slhash=be3996880849316045a77eb905dbbc05&mtaid=70942&cid2=[s8]&nid=TG CertificateIssuerGoogle Trust Services LLC Subjectverifiedwebpage.com FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56 ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT
Hash7874700732bb4b41327c711a017a07b5 2689e1e88d76d75adeed782e821f79320ed85827 f6e5665c4569dda29043a84cda91938a8c10ce950b9f666520ec9158e2a0f15a
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://verifiedwebpage.com/go?ehash=e9c74ff014261b01e9c3f9543ac02009&product=45923&ar=48&cid=2150713728&lid=136120&slhash=be3996880849316045a77eb905dbbc05&mtaid=70942&cid2=[s8]&nid=TG
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=XrP3d6OebIOaxhjJq6Evp67_hfYDe0qJiYFa1F9Ymfs-1715102966-1.0.1.1-Sw90NB5sZSp7t6Gzk5NfKtjicPS4ncrwbdaAsGwyucJVsnRYWLI0BdHTfVHatm57anUBcJS30FKunsKlbPddgA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 17:29:26 GMT
content-type: text/css
last-modified: Fri, 03 May 2024 17:58:00 GMT
etag: W/"663525a8-5df3"
server: cloudflare
cf-ray: 8802eea60b5556bd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Tue, 07 May 2024 19:29:26 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| verifiedwebpage.com/favicon.ico | 104.18.21.187 | 200 OK | 1.9 kB |
URL GET HTTP/2verifiedwebpage.com/favicon.ico IP104.18.21.187:443
Requested byhttps://verifiedwebpage.com/go?ehash=e9c74ff014261b01e9c3f9543ac02009&product=45923&ar=48&cid=2150713728&lid=136120&slhash=be3996880849316045a77eb905dbbc05&mtaid=70942&cid2=[s8]&nid=TG CertificateIssuerGoogle Trust Services LLC Subjectverifiedwebpage.com FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56 ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash72408223bd3692c3754f9e29f98aec6f b522b36b810aa31f0c5a9af2ba340a4df00aac12 d5aa2cf55e379566e6d50e661748d8c6882776e3329d5920aa0ca374d38b84cf
GET /favicon.ico HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://verifiedwebpage.com/go?ehash=e9c74ff014261b01e9c3f9543ac02009&product=45923&ar=48&cid=2150713728&lid=136120&slhash=be3996880849316045a77eb905dbbc05&mtaid=70942&cid2=[s8]&nid=TG
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=XrP3d6OebIOaxhjJq6Evp67_hfYDe0qJiYFa1F9Ymfs-1715102966-1.0.1.1-Sw90NB5sZSp7t6Gzk5NfKtjicPS4ncrwbdaAsGwyucJVsnRYWLI0BdHTfVHatm57anUBcJS30FKunsKlbPddgA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 17:29:26 GMT
content-type: image/x-icon
content-length: 1880
last-modified: Tue, 05 May 2020 11:51:58 GMT
cache-control: public, max-age=2592000
expires: Thu, 06 Jun 2024 17:29:26 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cf-cache-status: HIT
age: 607259
accept-ranges: bytes
server: cloudflare
cf-ray: 8802eea63bb156bd-OSL
X-Firefox-Spdy: h2
|
|
| verifiedwebpage.com/cdn-cgi/images/cf-no-screenshot-error.png | 104.18.21.187 | 200 OK | 3.2 kB |
URL GET HTTP/2verifiedwebpage.com/cdn-cgi/images/cf-no-screenshot-error.png IP104.18.21.187:443
Requested byhttps://verifiedwebpage.com/go?ehash=e9c74ff014261b01e9c3f9543ac02009&product=45923&ar=48&cid=2150713728&lid=136120&slhash=be3996880849316045a77eb905dbbc05&mtaid=70942&cid2=[s8]&nid=TG CertificateIssuerGoogle Trust Services LLC Subjectverifiedwebpage.com FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56 ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT
File typePNG image data, 178 x 175, 8-bit colormap, non-interlaced Hash0d768cbc261841d3affc933b9ac3130e aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7 1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Sinkholed / Blocked |
GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://verifiedwebpage.com/cdn-cgi/styles/cf.errors.css
Cookie: __cf_bm=XrP3d6OebIOaxhjJq6Evp67_hfYDe0qJiYFa1F9Ymfs-1715102966-1.0.1.1-Sw90NB5sZSp7t6Gzk5NfKtjicPS4ncrwbdaAsGwyucJVsnRYWLI0BdHTfVHatm57anUBcJS30FKunsKlbPddgA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 17:29:26 GMT
content-type: image/png
content-length: 3213
last-modified: Fri, 03 May 2024 17:58:00 GMT
etag: "663525a8-c8d"
server: cloudflare
cf-ray: 8802eea64bc556bd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Tue, 07 May 2024 19:29:26 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| verifiedwebpage.com/go?ehash=e9c74ff014261b01e9c3f9543ac02009&product=45923&ar=48&cid=2150713728&lid=136120&slhash=be3996880849316045a77eb905dbbc05&mtaid=70942&cid2=[s8]&nid=TG | 104.18.21.187 | 403 Forbidden | 4.5 kB |
URL User Request GET HTTP/2verifiedwebpage.com/go?ehash=e9c74ff014261b01e9c3f9543ac02009&product=45923&ar=48&cid=2150713728&lid=136120&slhash=be3996880849316045a77eb905dbbc05&mtaid=70942&cid2=[s8]&nid=TG IP104.18.21.187:443
CertificateIssuerGoogle Trust Services LLC Subjectverifiedwebpage.com FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56 ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT
File typeHTML document, ASCII text, with very long lines (4756), with no line terminators Hash0738133487f6db5d6dd42ba87b4cfc93 2e75e87e3346c1a76dd6fa01163880849ab919ea f9464e18bdcfbfae3be792a9cb75976beee18e6e6bc26760d27d0dd15e47bb8c
GET /go?ehash=e9c74ff014261b01e9c3f9543ac02009&product=45923&ar=48&cid=2150713728&lid=136120&slhash=be3996880849316045a77eb905dbbc05&mtaid=70942&cid2=[s8]&nid=TG HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 07 May 2024 17:29:26 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Tue, 07 May 2024 17:29:41 GMT
set-cookie: __cf_bm=XrP3d6OebIOaxhjJq6Evp67_hfYDe0qJiYFa1F9Ymfs-1715102966-1.0.1.1-Sw90NB5sZSp7t6Gzk5NfKtjicPS4ncrwbdaAsGwyucJVsnRYWLI0BdHTfVHatm57anUBcJS30FKunsKlbPddgA; path=/; expires=Tue, 07-May-24 17:59:26 GMT; domain=.verifiedwebpage.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802eea4a8b256bd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|