Report - www.gtaall.com/gta-san-andreas/mods/author:KiraTheGame0

Report Overview

Submitted URL
www.gtaall.com/gta-san-andreas/mods/author:KiraTheGame0
IP
104.26.15.74
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 11:25:45
Access
public
Website Title
Mods for GTA San Andreas
Final URL
www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-18	429 B	421 B	18.196.110.226
hailstonescramblegardening.com	unknown	2024-04-16	2024-04-16	2024-04-18	7.8 kB	22 kB	192.243.59.12
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-04-17	1.9 kB	436 kB	45.133.44.10
www.gtaall.com	317640	2011-03-16	2015-03-10	2024-03-03	12 kB	650 kB	172.67.74.54
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-18	862 B	326 kB	142.250.74.168
reedsbullyingpastel.com	unknown	2021-04-12	2021-04-12	2024-03-28	439 B	10 kB	192.243.59.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	hailstonescramblegardening.com	Sinkholed
2024-04-18	medium	hailstonescramblegardening.com	Sinkholed
2024-04-18	medium	hailstonescramblegardening.com	Sinkholed
2024-04-18	medium	hailstonescramblegardening.com	Sinkholed
2024-04-18	medium	hailstonescramblegardening.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/	202 B	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/ IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:25:32 Last Seen2024-04-18 13:25:49 Times Seen89 Hash 6e5faf6c34afb3ee7d3947569431531c 6d3812feabb0320060a8ccfbcefd35522fe7c046 5739472cce15c94c5aec1c1b4e829f44f930fc361e0c92b578ef9fceba5144ae Loading...

	www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/	52 B	2023-03-07	2024-04-30
Pretty URL www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/ IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-30 06:23:55 Times Seen6601 Hash 6d48f89cb998f3bd2608a2249a390a16 9fac7a2a545c24358ed42ac6619918191ff01b95 012266fd23d78b3e873c75c6fa647fd6d9d5f494f3697fd3e252f7b82dc26080 Loading...

	www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/	57 B	2023-03-07	2024-05-01
Pretty URL www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/ IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:59 Last Seen2024-05-01 00:06:21 Times Seen10900 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	www.gtaall.com/static/vendor/mmenu/js/mmenu.js	34 kB	2023-03-07	2024-04-18
Pretty URL www.gtaall.com/static/vendor/mmenu/js/mmenu.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:17 Last Seen2024-04-18 13:25:50 Times Seen209 Hash 04e773d776ba32f3e2e8735e50f63221 359a43ce11a8659ee7e533575a747d46823ed78a fdd06a293d1624005b066d3f14f3c78215458f5428c08d16c91885568cff6b76 Loading...

	www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/sandbox%20eval%20code	147 B	2023-04-11	2024-05-01
Pretty URL www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-01 00:51:24 Times Seen343635 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.gtaall.com/static/public/4dc09/js/charts.js	2.8 kB	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/static/public/4dc09/js/charts.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-18 13:25:49 Times Seen136 Hash 197848e710e44ea2502565a325371d78 bd2271f2dcc50262e8c08df05cb83ebc3d1f9e7d d36ab9229636b7b4dc99e0453ca13cbbbdabf20820b34ddd07bd765cb45b1416 Loading...

	www.googletagmanager.com/gtag/js?id=UA-43144070-1	202 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=UA-43144070-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 13:25:49 Last Seen2024-04-18 13:25:50 Times Seen2 Hash 71c9965cefe4c705e52cf91562fcf2db c8dcd9af7bed89385e58f3ee3088a2828877d5e4 a01cc4c7cf3e9b5733bdad40cb99a83daa9b523767eadb946d0c5144e3a0d924 Loading...

	www.gtaall.com/static/vendor/bootstrap/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-30
Pretty URL www.gtaall.com/static/vendor/bootstrap/js/bootstrap.min.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-30 23:52:00 Times Seen54911 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	www.gtaall.com/static/vendor/fancybox/js/fancybox-media.js	2.2 kB	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/static/vendor/fancybox/js/fancybox-media.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-18 13:25:49 Times Seen112 Hash 13cecc23fdafe27f004f4340c08ad63a 377f579f7a5ac38ec0fbb94d87e401e532080722 1a4e11fb3014e4230f954999b1df3dbcda26002f11d78c26cbae279196188c69 Loading...

	www.googletagmanager.com/gtag/js?id=G-6LDJRJB1XL&l=dataLayer&cx=c	252 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=G-6LDJRJB1XL&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 13:25:49 Last Seen2024-04-18 13:25:50 Times Seen2 Hash f8495e2d1665498cf428d1ec9e0dd683 1398db5a11eeb2a2a4e7de988befde7b5a77f715 910667722df3c8872ee85b13a0dd7adb9033397601b511b2281cd3a6c7d65b1a Loading...

	www.gtaall.com/static/public/4dc09/js/menu-mobile.js	2.7 kB	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/static/public/4dc09/js/menu-mobile.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-18 13:25:50 Times Seen139 Hash a5c570b115b9cbddcb8f563db9353c51 eb18b527f16ede63430a55bd3ade78ed09f86830 9820cafc194b84f9c68c47d7528071b495e9b731a8ac873bb1124f389446121e Loading...

	unknown	313 B	2023-07-06	2024-04-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-06 08:40:11 Last Seen2024-04-18 13:25:50 Times Seen88 Hash e3d59cbeacd6c4711ef228901d98f5d5 a1a11aa6f7cce9899cf9707ed79ef2aca14455ca c1e0b47c94e076039efcca9b521883784c365927ba65e3661eb8dd7e37fc6cde Loading...

	www.gtaall.com/static/vendor/tmpl/tmpl.min.js	1.0 kB	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/static/vendor/tmpl/tmpl.min.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-18 13:25:50 Times Seen139 Hash da5708b26a997e256d5912cb7faa7e22 98e48c509cbf939e0a2e80415b7e5560a2256365 480ab71e84984106b5a6beb6a7fe4c88caba1d2f1f6bc08c162f756738e4b1bd Loading...

	www.gtaall.com/static/public/4dc09/js/actions.js	2.3 kB	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/static/public/4dc09/js/actions.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-18 13:25:50 Times Seen108 Hash 9a98a79c91bfcba6193d4dcdf42c3138 fe1abd6c859e275177bcd8c9ed82830ccdc0b51b 9d303d6a9f0cc67d95a6e744cc0db440d1508278baef9e18b8514917e39a1dc9 Loading...

	www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/sandbox%20eval%20code	128 B	2023-05-06	2024-05-01
Pretty URL www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21:43 Last Seen2024-05-01 00:06:21 Times Seen21301 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-01
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-01 00:51:24 Times Seen343130 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.gtaall.com/static/vendor/jquery.cookie/jquery.cookie.js	2.0 kB	2023-03-07	2024-04-27
Pretty URL www.gtaall.com/static/vendor/jquery.cookie/jquery.cookie.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:51 Last Seen2024-04-27 06:26:06 Times Seen336 Hash aaa7ca61325b28ea8ea9a12809d65cb9 97184896aad9b79a44646ee6a92553d5d9f3ded3 0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c Loading...

	www.gtaall.com/static/public/4dc09/js/sorting.js	363 B	2023-09-20	2024-04-18
Pretty URL www.gtaall.com/static/public/4dc09/js/sorting.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 05:03:44 Last Seen2024-04-18 13:25:50 Times Seen70 Hash d2f98052c722fe1cc7a5da617d01bd48 a89d0a23e4c08f66f11e50c5e8fdd096edf3bfda 67ceba542441360ccc1bdd5feaca9cd77a3a1f50927f550faf883c30806bc093 Loading...

	www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/	512 B	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/ IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-18 13:25:50 Times Seen91 Hash ae879b7685512c48cae282354d088346 dbdf77725e8d14e2738d80869cde29610c743638 9375851dbed84dc36d052d2927ac69c7e665d53cbd5d7168e868c37f9b153951 Loading...

	www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/	522 B	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/ IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-18 13:25:50 Times Seen89 Hash 3a5e833528e12840454c9d8ce4d87dfb ac79df3b69cd4df80d633034a38672ac89a0624a adf9d198e72db3ade86ed6de73d790fbb40a5703274e1d8ec478fff0b1d9a63b Loading...

	www.gtaall.com/static/vendor/fancybox/js/fancybox.js	23 kB	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/static/vendor/fancybox/js/fancybox.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-18 13:25:50 Times Seen156 Hash b43d148fad7a66826db92aab2ca8fc04 7a9aa2cb6f5f2004ac58730192cf8ceea3648965 9e84048bbabc2060da8b3b805e96de23b0d39e9ecb5e0a341a971133364facc8 Loading...

	www.gtaall.com/static/public/4dc09/js/main.js	6.4 kB	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/static/public/4dc09/js/main.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-18 13:25:50 Times Seen134 Hash c0b1f48ba66a9bb403d3d38a75da7f00 5d158cf0dfb8147d784057a71c0955b06474c76d 8af4dcd54261a1a36fe6f54ea8a09cf92a4e690f12b749bf5ee2935405ad1e4f Loading...

	www.gtaall.com/static/vendor/jquery/jquery-3.1.1.min.js	87 kB	2023-03-08	2024-04-18
Pretty URL www.gtaall.com/static/vendor/jquery/jquery-3.1.1.min.js IP 172.67.74.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:36:55 Last Seen2024-04-18 13:25:50 Times Seen276 Hash 4c73d5ff91014f633d3e4bb028356968 5f3e98da83c173889fe9e2c1a1b6d95b13f1d83d e3481cfe6701c643f2cf14777554a8d82b65e3bb2af6a6e326b925726c4caeef Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	1.6 kB	2023-05-06	2024-05-01
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21:43 Last Seen2024-05-01 00:06:21 Times Seen21164 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	reedsbullyingpastel.com/795d201f1e2281f0533689360928b823/invoke.js	27 kB	2024-04-18	2024-04-18
Pretty URL reedsbullyingpastel.com/795d201f1e2281f0533689360928b823/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 13:25:50 Last Seen2024-04-18 13:25:50 Times Seen2 Hash 3a7102234406b6a0d7b4fb9e4c204940 9a6473b3a418121b9a6c011f27403adb717e8ed0 89bbe766d930cb3c221528dc3614138c8e8cf4ccb8d8f297ae6ae6716e0e18db Loading...

		Size	First Seen	Last Seen
	#1 Write - 92dfbc3c0acee43c23f5f1ab1e853646	368 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 13:25:50 Last Seen2024-04-18 13:25:50 Times Seen1 Hash 92dfbc3c0acee43c23f5f1ab1e853646 e102aea69ec29f8a70c5fd53d59ed4c69462849b 2d1fedac11a2ef6b06d2d9e8285cdf099f13f30c9ee2f955c1efdda000b398c2 Loading...

HTTP Transactions (37)

URL IP Response Size

www.gtaall.com/static/public/4dc09/images/layout/bg-top.png

172.67.74.54

200 OK

120 B

URL GET HTTP/2
www.gtaall.com/static/public/4dc09/images/layout/bg-top.png
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
PNG image data, 1 x 280, 8-bit/color RGB, non-interlaced
Size
120 B (120 bytes)
Hash
a6e346dff8d287c9f3a82f42863285ad
7f131ca0cc072b61e0a0b74816f7eff829e7cd14
10a9209c6b3363cc676436da7c4cd1c838801c3af2b426d07f0bc83e3400eb7f

HTTP Headers

GET /static/public/4dc09/images/layout/bg-top.png HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: image/png
content-length: 120
cache-control: public, max-age=86400
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5ce2a146-78"
expires: Thu, 18 Apr 2024 19:45:46 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
cf-cache-status: HIT
age: 56372
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ot%2Bhe4Hv2WHamv87w2poneMHn6cun7oCChMQQKv3kXs70vy3h7oCQaUPs2xvDIor7PwkXR%2BglLdl7P3UjpwpK8unrrW9f%2BBW38ZMI0c8oC3jh9yIMtdYjywR17PHlD1P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87644b212a2b56c7-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-43144070-1

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-43144070-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (72971 bytes)
Hash
71c9965cefe4c705e52cf91562fcf2db
c8dcd9af7bed89385e58f3ee3088a2828877d5e4
a01cc4c7cf3e9b5733bdad40cb99a83daa9b523767eadb946d0c5144e3a0d924

HTTP Headers

GET /gtag/js?id=UA-43144070-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 11:25:18 GMT
expires: Thu, 18 Apr 2024 11:25:18 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72971
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gtaall.com/static/public/4dc09/images/spritesheets/main.png

172.67.74.54

200 OK

46 kB

URL GET HTTP/2
www.gtaall.com/static/public/4dc09/images/spritesheets/main.png
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
PNG image data, 520 x 520, 8-bit colormap, non-interlaced
Size
46 kB (46101 bytes)
Hash
16a863fd40476abcd286dba91e585a45
791d571a4560b9d87449c63ad53b2d4d4e15f9e1
ae156bd8010700cea72d7ac11e39fcf2e029dcea267a10e5ee2736cd49bed133

HTTP Headers

GET /static/public/4dc09/images/spritesheets/main.png HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: image/png
content-length: 46101
cache-control: public, max-age=86400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=47860
etag: "5e4b9f86-baf4"
expires: Thu, 18 Apr 2024 19:45:45 GMT
last-modified: Tue, 18 Feb 2020 08:25:42 GMT
cf-cache-status: HIT
age: 56372
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JJfqfdgzB6TglBYo9yXhGjtU0wFvZRTeudIECp385WY%2BNyK6ztfbt5bhp9khbdpCYNrMfCMjAHhd1nFar0%2BrVGhZnbPWZL40Me04HuHY1R0kdY1pS6k0G4K4hPIW9G4a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87644b218ac956c7-OSL
X-Firefox-Spdy: h2

www.gtaall.com/static/public/4dc09/images/menu/separator.png

172.67.74.54

200 OK

80 B

URL GET HTTP/2
www.gtaall.com/static/public/4dc09/images/menu/separator.png
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
PNG image data, 6 x 23, 8-bit/color RGB, non-interlaced
Size
80 B (80 bytes)
Hash
00532a798a51370da39472b671fce2d9
5d3dae1f920d5bf74740741418ffa571a1d1bcd7
f2991ca50548bd37440ceb4f8918fdbbb706a863ede4735ed139ab6eacd03f44

HTTP Headers

GET /static/public/4dc09/images/menu/separator.png HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/static/public/4dc09/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:19 GMT
content-type: image/png
content-length: 80
cache-control: public, max-age=86400
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5ce2a146-50"
expires: Thu, 18 Apr 2024 19:45:46 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
cf-cache-status: HIT
age: 56373
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOSK9ZNcxp37OD90xgIoHieR86bKCpoh%2FIBRWxt0JLBq4a8WwCGBuXoZx8j79qxULesf3wh4bQXE9oDqO4H33FlFWPpWey0z4byRgauvRZYLNy4aX30gOvt8JmpMA6Ra"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87644b222bdc56c7-OSL
X-Firefox-Spdy: h2

www.gtaall.com/static/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2

172.67.74.54

200 OK

18 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

HTTP Headers

GET /static/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/static/vendor/bootstrap/css/bootstrap.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:19 GMT
content-type: application/octet-stream
content-length: 18028
last-modified: Mon, 20 May 2019 12:44:54 GMT
etag: "5ce2a146-466c"
expires: Fri, 19 Apr 2024 06:28:51 GMT
cache-control: public, max-age=86400
cf-cache-status: HIT
age: 17788
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElNJoXXx%2Ba49QKgJV9IPSw2TuRxgfjoM%2ButR0ybV6GGyQSzovStyVibxKuOeV9dQpa1HSgJ%2BsZEDHTI4e5y4OBcWAUD2dGCghmGqgVVH4%2FQRoREDwbEwSbMWbiFGvk%2BU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87644b223be656c7-OSL
X-Firefox-Spdy: h2

www.gtaall.com/static/public/4dc09/css/main.css

172.67.74.54

200 OK

93 kB

URL GET HTTP/2
www.gtaall.com/static/public/4dc09/css/main.css
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
ASCII text, with very long lines (14619), with no line terminators
Size
93 kB (92551 bytes)
Hash
b4703a4836e84e9a0dd930a00a12ee47
2094892fc21a7bb2c45226ed4b04e14c884d96a1
776db4bf8ef8184eb9866cba8763a5827db4ea4aade19b4e03761d7f2f7eaa71

HTTP Headers

GET /static/public/4dc09/css/main.css HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: text/css
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=16029
etag: W/"6006d0e7-3e9d"
expires: Thu, 18 Apr 2024 19:45:45 GMT
last-modified: Tue, 19 Jan 2021 12:30:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFkMeFdPCaRQyyd3MgbwD3ZQHmp9A7Ax5oX3LGYwNn6QtRSWGq7X5nmCefHvQ0Xg04xAUkSL2KXHs5R66Rrgu42ozrb7mCtBiJxEOdlkqOaEvXXCMyxX3ieNU6t57e%2Fo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b20f9e756c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

reedsbullyingpastel.com/795d201f1e2281f0533689360928b823/invoke.js

192.243.59.20

200 OK

9.8 kB

URL GET HTTP/1.1
reedsbullyingpastel.com/795d201f1e2281f0533689360928b823/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subject*.reedsbullyingpastel.com
FingerprintAC:C5:F5:2B:E0:2E:44:78:3F:95:F5:66:90:7D:B6:FB:14:1A:94:55
ValidityThu, 28 Mar 2024 08:13:35 GMT - Wed, 26 Jun 2024 08:13:34 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26663), with no line terminators
Size
9.8 kB (9809 bytes)
Hash
3a7102234406b6a0d7b4fb9e4c204940
9a6473b3a418121b9a6c011f27403adb717e8ed0
89bbe766d930cb3c221528dc3614138c8e8cf4ccb8d8f297ae6ae6716e0e18db

HTTP Headers

GET /795d201f1e2281f0533689360928b823/invoke.js HTTP/1.1
Host: reedsbullyingpastel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 11:25:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 10b5df1a671060515be8713d25c21989
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

18.196.110.226

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.196.110.226:443
ASN
#16509 AMAZON-02

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
b02a1703e9a9df4a367e6cb876cba053
fccdee6160ea775698862ed5628a4540a2d78697
210d4ab1b67ea96e5a28ba37140ee46b1daac4a4ea37fac35d46f7279e405a6e

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gtaall.com
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:19 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.gtaall.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f9625490-33fb-4e89-91f4-ec6f3b822c11:3:1; expires=Sun, 16 Apr 2034 11:25:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.gtaall.com/static/vendor/jquery.cookie/jquery.cookie.js

172.67.74.54

200 OK

19 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/jquery.cookie/jquery.cookie.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text
Size
19 kB (18601 bytes)
Hash
aaa7ca61325b28ea8ea9a12809d65cb9
97184896aad9b79a44646ee6a92553d5d9f3ded3
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

HTTP Headers

GET /static/vendor/jquery.cookie/jquery.cookie.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=3121
etag: W/"5ce2a146-c31"
expires: Thu, 18 Apr 2024 19:45:46 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xOtoqVApETF7zlWhCarU3aMcQqGXTkcokDT1%2BcVzpuCO9UyEIr0iUz%2BSmvprIxOyTXxDwf1sW9%2FsqFUDfDLfD6W2dp4O0g5nOTPr5Mo07Q79pBhBsUiQu2taXl3EnEW%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b2109ef56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/

172.67.74.54

200 OK

19 kB

URL User Request GET HTTP/2
www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2491), with CRLF, LF line terminators
Size
19 kB (19358 bytes)
Hash
3aa7191527e3e6433782165f33efbd19
eedd6834549ac46410c3d6ceb645ccf62bd8cd02
d67cd540400f5fa19b4ccb8602daa92bc59655e14f900c6bd988939ed9824e54

HTTP Headers

GET /gta-san-andreas/mods/author:kirathegame0/ HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=1800, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 18 Apr 2024 11:25:11 GMT
x-uri: /gta-san-andreas/mods/author:kirathegame0/
x-beta: 1
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5GzAuFqMuEcMNlzA2BCM5nxlg%2BM%2BKeuShLgNg9cStFgT43WVUCB52rHZHWe%2Bjgs5A4HvQD4km7Vk7xEcNEtYlmp4MQvaDndL0hYIhvfS09eansm8RyXEKRzG%2BX%2FspoQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b1ebe2d56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

hailstonescramblegardening.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSeLYYDnKjKiYu5QYWc3XW8tukBEUJQhNuUll83mN3ZdYbM7qxmdrxODiiiEurRleAAp8nnpBGlQvAHUKFNJYQqIdm3HJp%2FAlRx4IDWRBietO%2B9731vNd97M18cmDPiw9DT9atyjwtBVzott%2FnyR553pTngmRk3x73g42D1SlONXusHLfeV5ttxtCNXfNdzXc%2F1mhtcxYkcr9QkeH6%2F77X6bmvVb3mdVYzV%2F7E2DjR1wEZn5CI4mzceOpfAowpZ%2BsN6rHcKmb%2F6VmoELaTCiB2%2Fn%2B1kssyQLtNEOUiy4%2FNuSD3beACZHS3kQo7%2BbQz5nDi%2FPECYHZ%2BLRDg6XOgMBeIMIXsO5ahCLCpwWiGSt8DZjAARw7UtZOnda1KVdPcfltbsnDSe%2FA5ezknj8SVk6fdrgo%2BbN6UwBZeZxjix4OMKfFghNyco9i6AlyeIis%2FB2W9k5ckAWXq4pYUEZ3YxO%2BcVeFJBxBNQ7cDUH3dgEgcmd5Cy02bkeV7XZRF1e%2F0oarNuHAbM9Wg38ajnBj2YqJY3QZFPEIkJIrWPXO1jh9%2BZdS5CmZ%2Bhty00c6CLOXHe3ceIWZQxQakJSkpQcoKyIChH9ogJ7Wt7lwltQu88%2BuexbaeyGB7QI1kM44yAqgkUswf5GXl%2BsaI%2FPjvBTnza7PY7zHe9xIt9v%2BclbqfdDnr9duD2%2FV7Y89vQ3ILrC4up9%2Fhs9zFyPrvaRUhPoMUJIv4CqPFASwu6bbGX3RsWlArRimQKJi3yooFi1zkQZ%2BTFxdmDTyaIo0fk3BApi1xZfMofEgzF7ekNWZLDG7LU5MetvOAp36P11d0saBE%2Fc%2B%2BdeLeUim2u68m3b0Q1Uaf334t1MaAZ49lQk%2B%2FWOGOx2pAqislPm%2FrDOLxu9PaaUZnJB9ff3NhMcxVrzWVWgfLZ1p%2BI%2BJw8%2FddXizd5%2Bc4H4KqCMhapWSrlskKU70Pny5qWBEoscZg7KI2dKj9cFgUnEPES09BC%2FweHy3yqaP035fZA38ZQNUCLW8hSi5GyGAkLKibQ5tlpkatHr%2F%2F6dW3fIBSNaShU4zAUSny5WPKcDC6T2jm1uwDNT5vddtulQb%2Fjdbs07oarfi8JPEapvxr4QUDbKPQ8eemp5t8AAAD%2F%2FwEAAP%2F%2FbNxjJXcEAAA%3D

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
hailstonescramblegardening.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSeLYYDnKjKiYu5QYWc3XW8tukBEUJQhNuUll83mN3ZdYbM7qxmdrxODiiiEurRleAAp8nnpBGlQvAHUKFNJYQqIdm3HJp%2FAlRx4IDWRBietO%2B9731vNd97M18cmDPiw9DT9atyjwtBVzott%2FnyR553pTngmRk3x73g42D1SlONXusHLfeV5ttxtCNXfNdzXc%2F1mhtcxYkcr9QkeH6%2F77X6bmvVb3mdVYzV%2F7E2DjR1wEZn5CI4mzceOpfAowpZ%2BsN6rHcKmb%2F6VmoELaTCiB2%2Fn%2B1kssyQLtNEOUiy4%2FNuSD3beACZHS3kQo7%2BbQz5nDi%2FPECYHZ%2BLRDg6XOgMBeIMIXsO5ahCLCpwWiGSt8DZjAARw7UtZOnda1KVdPcfltbsnDSe%2FA5ezknj8SVk6fdrgo%2BbN6UwBZeZxjix4OMKfFghNyco9i6AlyeIis%2FB2W9k5ckAWXq4pYUEZ3YxO%2BcVeFJBxBNQ7cDUH3dgEgcmd5Cy02bkeV7XZRF1e%2F0oarNuHAbM9Wg38ajnBj2YqJY3QZFPEIkJIrWPXO1jh9%2BZdS5CmZ%2Bhty00c6CLOXHe3ceIWZQxQakJSkpQcoKyIChH9ogJ7Wt7lwltQu88%2BuexbaeyGB7QI1kM44yAqgkUswf5GXl%2BsaI%2FPjvBTnza7PY7zHe9xIt9v%2BclbqfdDnr9duD2%2FV7Y89vQ3ILrC4up9%2Fhs9zFyPrvaRUhPoMUJIv4CqPFASwu6bbGX3RsWlArRimQKJi3yooFi1zkQZ%2BTFxdmDTyaIo0fk3BApi1xZfMofEgzF7ekNWZLDG7LU5MetvOAp36P11d0saBE%2Fc%2B%2BdeLeUim2u68m3b0Q1Uaf334t1MaAZ49lQk%2B%2FWOGOx2pAqislPm%2FrDOLxu9PaaUZnJB9ff3NhMcxVrzWVWgfLZ1p%2BI%2BJw8%2FddXizd5%2Bc4H4KqCMhapWSrlskKU70Pny5qWBEoscZg7KI2dKj9cFgUnEPES09BC%2FweHy3yqaP035fZA38ZQNUCLW8hSi5GyGAkLKibQ5tlpkatHr%2F%2F6dW3fIBSNaShU4zAUSny5WPKcDC6T2jm1uwDNT5vddtulQb%2Fjdbs07oarfi8JPEapvxr4QUDbKPQ8eemp5t8AAAD%2F%2FwEAAP%2F%2FbNxjJXcEAAA%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjecthailstonescramblegardening.com
FingerprintBF:55:14:9C:D8:D3:5C:E9:52:C2:11:5F:54:FC:64:E3:88:61:BC:01
ValidityTue, 16 Apr 2024 10:11:47 GMT - Mon, 15 Jul 2024 10:11:46 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSeLYYDnKjKiYu5QYWc3XW8tukBEUJQhNuUll83mN3ZdYbM7qxmdrxODiiiEurRleAAp8nnpBGlQvAHUKFNJYQqIdm3HJp%2FAlRx4IDWRBietO%2B9731vNd97M18cmDPiw9DT9atyjwtBVzott%2FnyR553pTngmRk3x73g42D1SlONXusHLfeV5ttxtCNXfNdzXc%2F1mhtcxYkcr9QkeH6%2F77X6bmvVb3mdVYzV%2F7E2DjR1wEZn5CI4mzceOpfAowpZ%2BsN6rHcKmb%2F6VmoELaTCiB2%2Fn%2B1kssyQLtNEOUiy4%2FNuSD3beACZHS3kQo7%2BbQz5nDi%2FPECYHZ%2BLRDg6XOgMBeIMIXsO5ahCLCpwWiGSt8DZjAARw7UtZOnda1KVdPcfltbsnDSe%2FA5ezknj8SVk6fdrgo%2BbN6UwBZeZxjix4OMKfFghNyco9i6AlyeIis%2FB2W9k5ckAWXq4pYUEZ3YxO%2BcVeFJBxBNQ7cDUH3dgEgcmd5Cy02bkeV7XZRF1e%2F0oarNuHAbM9Wg38ajnBj2YqJY3QZFPEIkJIrWPXO1jh9%2BZdS5CmZ%2Bhty00c6CLOXHe3ceIWZQxQakJSkpQcoKyIChH9ogJ7Wt7lwltQu88%2BuexbaeyGB7QI1kM44yAqgkUswf5GXl%2BsaI%2FPjvBTnza7PY7zHe9xIt9v%2BclbqfdDnr9duD2%2FV7Y89vQ3ILrC4up9%2Fhs9zFyPrvaRUhPoMUJIv4CqPFASwu6bbGX3RsWlArRimQKJi3yooFi1zkQZ%2BTFxdmDTyaIo0fk3BApi1xZfMofEgzF7ekNWZLDG7LU5MetvOAp36P11d0saBE%2Fc%2B%2BdeLeUim2u68m3b0Q1Uaf334t1MaAZ49lQk%2B%2FWOGOx2pAqislPm%2FrDOLxu9PaaUZnJB9ff3NhMcxVrzWVWgfLZ1p%2BI%2BJw8%2FddXizd5%2Bc4H4KqCMhapWSrlskKU70Pny5qWBEoscZg7KI2dKj9cFgUnEPES09BC%2FweHy3yqaP035fZA38ZQNUCLW8hSi5GyGAkLKibQ5tlpkatHr%2F%2F6dW3fIBSNaShU4zAUSny5WPKcDC6T2jm1uwDNT5vddtulQb%2Fjdbs07oarfi8JPEapvxr4QUDbKPQ8eemp5t8AAAD%2F%2FwEAAP%2F%2FbNxjJXcEAAA%3D HTTP/1.1
Host: hailstonescramblegardening.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Cookie: u_pl=16023235; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec795d201f1e2281f0533689360928b823=[4991488,4991489,4991490]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 11:25:20 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e074c4f449b721ad87582878275663d6
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png

45.133.44.10

200 OK

105 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
105 kB (104949 bytes)
Hash
440d0ebcc9ae01aba77f74d9015ff0b3
9065b873ac93b45da1765682071eaaf6efe12e5c
7834596c29b94d74435163b3875c5042082912c1aff529986b0235cd9b7b27cc

HTTP Headers

GET /si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:20 GMT
content-type: image/png
content-length: 104949
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:37 GMT
etag: "65f9577d-199f5"
expires: Sat, 20 Apr 2024 11:25:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

hailstonescramblegardening.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSu3sxJQTCsJy%2FtTYPMdvfs9MyYQ3BdNyxOsjFR9KbVXd2z5VZ3NVVd07MjhMWA5CQjeNFT7ze7WYwh6A8wyExAZEHYue1hF%2FwNSs7Sk8UxD7rfe%2FV9RX3vq%2Fp635wTD4aert%2BQQy4EXWnWHfvNT133qt3lqRnYg7b%2Fmb961Vb9dzp%2B3XnLvh6FO3LFc1zHcR3X3uAqiuVgpQLBs0cdt95x6qte3W2uYqBe7LWxoKkF1j8nl8HZrPbUWgYPJ0iTn9cjvZPL7O33EyNoLhX67OjjdCeVRYpkUcbKQpweXbAh9cnGE8j0cC4Xsv8fMeAzYv3%2BBEF6dCESQf9grjMQiFIE7GUU%2FQkiMQGnE4TyHjg7IUDIcHMLafLgplQF3X2O0gqdkdqzv8GLGamdLSNNHq8JPrDvSGFyLlONQVyCDybgvQkyM0U%2BXAIvpgjzr8DZn2TlWRdpcrClhQRn5Xx2zifg8QQiGoFqC6b6uAUTWzCZhYSd2qHrui2HhdRpd8KwwVpR4DPHpa3Ypa7jt2HCSt4IeTZCKEYI1R4ytYcd%2Fu1J8zKU%2BQ16u4RmFnQ%2BI9aHe%2BizEkVEUGiCghIUnKDICYp%2BeciE9nT5gAltAvciexe5UY5l3tunhzLvRSkBVSMoVu5n5%2BTVuUX%2F3J1iJzq1W50m8xw3diPPa7ux02w0%2FHan4Tsdrx20vQY0L8H10nzqIT%2FZPUPGT260ENAptJgi5K%2BBGhe0KEG3SwzTh72cUiHqoUzAZIksryHftfbFOXl9fnb3yhKi8PhaPvzr%2BuPlLxGqEpkq8QV%2FStAT98e3ZUEObstCk1%2B2spwnfEirq7uT0zy69PCDaLeQim2u69GP74YVUJWPPop03qUp42lPk5%2FWOGOR2pAqjMivm%2FqTKLhl9PaaUanJurfe29hMMhVpzWU6AeUzUjveRchn5JWzu%2FNXecV8A64mUKZEYo7JRYDLKcJsDzpb6NeSQIkFJ8hqKEw5Vl6wWBScQESLngYl9P%2F6YFGPFa12U17u6%2FvoqRpofg9pUqKvSvRFCSpG0OalcZ6p42t%2FfF%2FFDwhEbRwIVTsIhBLfzUj381HlNal%2B1nPXNT%2B1W42GQ%2F1O0221aNQKVr127LuMUm%2FV93yfNpDrWfzGJftfAAAA%2F%2F8BAAD%2F%2F9R%2B6lp5BAAA

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
hailstonescramblegardening.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSu3sxJQTCsJy%2FtTYPMdvfs9MyYQ3BdNyxOsjFR9KbVXd2z5VZ3NVVd07MjhMWA5CQjeNFT7ze7WYwh6A8wyExAZEHYue1hF%2FwNSs7Sk8UxD7rfe%2FV9RX3vq%2Fp635wTD4aert%2BQQy4EXWnWHfvNT133qt3lqRnYg7b%2Fmb961Vb9dzp%2B3XnLvh6FO3LFc1zHcR3X3uAqiuVgpQLBs0cdt95x6qte3W2uYqBe7LWxoKkF1j8nl8HZrPbUWgYPJ0iTn9cjvZPL7O33EyNoLhX67OjjdCeVRYpkUcbKQpweXbAh9cnGE8j0cC4Xsv8fMeAzYv3%2BBEF6dCESQf9grjMQiFIE7GUU%2FQkiMQGnE4TyHjg7IUDIcHMLafLgplQF3X2O0gqdkdqzv8GLGamdLSNNHq8JPrDvSGFyLlONQVyCDybgvQkyM0U%2BXAIvpgjzr8DZn2TlWRdpcrClhQRn5Xx2zifg8QQiGoFqC6b6uAUTWzCZhYSd2qHrui2HhdRpd8KwwVpR4DPHpa3Ypa7jt2HCSt4IeTZCKEYI1R4ytYcd%2Fu1J8zKU%2BQ16u4RmFnQ%2BI9aHe%2BizEkVEUGiCghIUnKDICYp%2BeciE9nT5gAltAvciexe5UY5l3tunhzLvRSkBVSMoVu5n5%2BTVuUX%2F3J1iJzq1W50m8xw3diPPa7ux02w0%2FHan4Tsdrx20vQY0L8H10nzqIT%2FZPUPGT260ENAptJgi5K%2BBGhe0KEG3SwzTh72cUiHqoUzAZIksryHftfbFOXl9fnb3yhKi8PhaPvzr%2BuPlLxGqEpkq8QV%2FStAT98e3ZUEObstCk1%2B2spwnfEirq7uT0zy69PCDaLeQim2u69GP74YVUJWPPop03qUp42lPk5%2FWOGOR2pAqjMivm%2FqTKLhl9PaaUanJurfe29hMMhVpzWU6AeUzUjveRchn5JWzu%2FNXecV8A64mUKZEYo7JRYDLKcJsDzpb6NeSQIkFJ8hqKEw5Vl6wWBScQESLngYl9P%2F6YFGPFa12U17u6%2FvoqRpofg9pUqKvSvRFCSpG0OalcZ6p42t%2FfF%2FFDwhEbRwIVTsIhBLfzUj381HlNal%2B1nPXNT%2B1W42GQ%2F1O0221aNQKVr127LuMUm%2FV93yfNpDrWfzGJftfAAAA%2F%2F8BAAD%2F%2F9R%2B6lp5BAAA
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjecthailstonescramblegardening.com
FingerprintBF:55:14:9C:D8:D3:5C:E9:52:C2:11:5F:54:FC:64:E3:88:61:BC:01
ValidityTue, 16 Apr 2024 10:11:47 GMT - Mon, 15 Jul 2024 10:11:46 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSu3sxJQTCsJy%2FtTYPMdvfs9MyYQ3BdNyxOsjFR9KbVXd2z5VZ3NVVd07MjhMWA5CQjeNFT7ze7WYwh6A8wyExAZEHYue1hF%2FwNSs7Sk8UxD7rfe%2FV9RX3vq%2Fp635wTD4aert%2BQQy4EXWnWHfvNT133qt3lqRnYg7b%2Fmb961Vb9dzp%2B3XnLvh6FO3LFc1zHcR3X3uAqiuVgpQLBs0cdt95x6qte3W2uYqBe7LWxoKkF1j8nl8HZrPbUWgYPJ0iTn9cjvZPL7O33EyNoLhX67OjjdCeVRYpkUcbKQpweXbAh9cnGE8j0cC4Xsv8fMeAzYv3%2BBEF6dCESQf9grjMQiFIE7GUU%2FQkiMQGnE4TyHjg7IUDIcHMLafLgplQF3X2O0gqdkdqzv8GLGamdLSNNHq8JPrDvSGFyLlONQVyCDybgvQkyM0U%2BXAIvpgjzr8DZn2TlWRdpcrClhQRn5Xx2zifg8QQiGoFqC6b6uAUTWzCZhYSd2qHrui2HhdRpd8KwwVpR4DPHpa3Ypa7jt2HCSt4IeTZCKEYI1R4ytYcd%2Fu1J8zKU%2BQ16u4RmFnQ%2BI9aHe%2BizEkVEUGiCghIUnKDICYp%2BeciE9nT5gAltAvciexe5UY5l3tunhzLvRSkBVSMoVu5n5%2BTVuUX%2F3J1iJzq1W50m8xw3diPPa7ux02w0%2FHan4Tsdrx20vQY0L8H10nzqIT%2FZPUPGT260ENAptJgi5K%2BBGhe0KEG3SwzTh72cUiHqoUzAZIksryHftfbFOXl9fnb3yhKi8PhaPvzr%2BuPlLxGqEpkq8QV%2FStAT98e3ZUEObstCk1%2B2spwnfEirq7uT0zy69PCDaLeQim2u69GP74YVUJWPPop03qUp42lPk5%2FWOGOR2pAqjMivm%2FqTKLhl9PaaUanJurfe29hMMhVpzWU6AeUzUjveRchn5JWzu%2FNXecV8A64mUKZEYo7JRYDLKcJsDzpb6NeSQIkFJ8hqKEw5Vl6wWBScQESLngYl9P%2F6YFGPFa12U17u6%2FvoqRpofg9pUqKvSvRFCSpG0OalcZ6p42t%2FfF%2FFDwhEbRwIVTsIhBLfzUj381HlNal%2B1nPXNT%2B1W42GQ%2F1O0221aNQKVr127LuMUm%2FV93yfNpDrWfzGJftfAAAA%2F%2F8BAAD%2F%2F9R%2B6lp5BAAA HTTP/1.1
Host: hailstonescramblegardening.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Cookie: u_pl=16023235; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec795d201f1e2281f0533689360928b823=[4991488,4991489,4991490]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 11:25:20 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cbe7d880a724c4b7c081b4626d6a0b00
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/0c/d5/a4/0cd5a42cfa2a6badc4f9099c49f7124a/1708350060.jpeg

45.133.44.10

200 OK

26 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/0c/d5/a4/0cd5a42cfa2a6badc4f9099c49f7124a/1708350060.jpeg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3
Size
26 kB (26027 bytes)
Hash
d4279db470e65a2e6151ac81d3eee233
f9c0c79f8bd368f6584e3e7a2b2443b7d749f8f9
3f9f4feac1c8a8c4e9d3c82a4dba7a1bbbc683a935051c0cf946d34bdd4ecb90

HTTP Headers

GET /cti/0c/d5/a4/0cd5a42cfa2a6badc4f9099c49f7124a/1708350060.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:20 GMT
content-type: image/jpeg
content-length: 26027
server: nginx/1.21.6
last-modified: Mon, 19 Feb 2024 13:41:08 GMT
etag: "65d35a74-65ab"
expires: Sat, 20 Apr 2024 11:25:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png

45.133.44.10

200 OK

120 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
120 kB (119965 bytes)
Hash
c5a83c3079df6439410f74f3e8de6930
66dab231922cc92db7c41f49d7bdb7da1dfde08a
ee0745b5678c7e4277047ba8f87d53ee77e60a4985dace65c73b970521dbf1f8

HTTP Headers

GET /si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:20 GMT
content-type: image/png
content-length: 119965
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:15 GMT
etag: "65f95767-1d49d"
expires: Sat, 20 Apr 2024 11:25:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png

45.133.44.10

200 OK

184 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
184 kB (183812 bytes)
Hash
adc709f858c8b4ff4ce26a2757b75131
c91b170aba4aafdca5690d29e17f61b6505e15c1
ad475e95022da6d65aec3479ad3b4ff6d36dc85bbc634d750cdd575ea1a985ce

HTTP Headers

GET /si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:20 GMT
content-type: image/png
content-length: 183812
server: nginx/1.21.6
last-modified: Wed, 14 Feb 2024 19:50:20 GMT
etag: "65cd197c-2ce04"
expires: Sat, 20 Apr 2024 11:25:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

hailstonescramblegardening.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3sxJQTDEk5f2pkFmu3t2embMIbiuGxYn2ZgoetPqru7Zcqu7mqqu6dkRwmJAcvAwghc99X6zm8UYgv4BBpkJiCwIO7c97IJ%2Fg5Kz9Dg4%2BqDej%2Fq%2Bor73qr48MBfEg6FnGzflkAtBV5t1x379Y9e9Znd5agb2oO1%2F4q9ds1X%2FrY5fd96wb0Thrlz1HNdxXMe1N7mKYjlYrUDw7HHHrXec%2BppXd5trGKj%2F19pY0NQC61%2BQy%2BBsVntmXQEPJ0iTHzcivZvL7M13EyNoLhX67PjDdDeVRYpkmcbKQpweL9iQ%2BnTzKWR6NJcL2f%2BXGPAZsX59iiA9XohE0D%2Bc6wwEohQBexFFf4JITMDpBKG8D85OCRAy3NpGmjy8JVVB9%2F5BaYXOSO35n%2BDFjNTOryBNnqwLPrDvSmFyLlONQVyCDybgvQkyM0U%2BXAEvpgjzL8DZ72T1eRdpcrithQRn5bx3zifg8QQiGoFqC6Za3IKJLZjMQsLO7NB13ZbDQuq0O2HYYK0o8Jnj0lbsUtfx2zBhJW%2BEPBshFCOEah%2BZ2scu%2F%2Fq0eRnK%2FAK9U0IzCzqfEev9ffRZiSIiKDRBQQkKTlDkBEW%2FPGJCe7p8yIQ2gbuI3iI2yrHMewf0SOa9KCWgagTFyoPsgrw8H9Ff96bYjc7sVqfJPMeN3cjz2m7sNBsNv91p%2BE7HawdtrwHNS3C9Mu96yE%2F3zpHx05stBHQKLaYI%2BSugxgUtStCdEsP0US%2BnVIh6KBMwWSLLa8j3rANxQV6d3929ShCFJ9fz4R83nlz5HKEqkakSn%2FFnBD3xYHxHFuTwjiw0%2BWk7y3nCh7R6urs5zaNLj96L9gqp2NaGHn3%2FdlgBVfr4g0jnXZoynvY0%2BWGdMxapTanCiPy8pT%2BKgttG76wblZqse%2Fudza0kU5HWXKYTUD4jtZM9hHxGXjq%2FN%2F%2BVV81X4GoCZUok5oQsDFxOEWb70NlSv5YESiw5QbaCwpRj5QXLTcEJRLSsaVBC%2F6cOlvlY0eo05eWBfoCeqoHm95EmJfqqRF%2BUoGIEbV4Y55k6uf7bt5V9h0DUxoFQtcNAKPHNjHQ%2FHc1nXTmrcivQ%2FMxuNRoO9TtNt9WiUStY89qx7zJKvTXf833aQK5n8WuX7L8BAAD%2F%2FwEAAP%2F%2F0k9PAHkEAAA%3D

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
hailstonescramblegardening.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3sxJQTDEk5f2pkFmu3t2embMIbiuGxYn2ZgoetPqru7Zcqu7mqqu6dkRwmJAcvAwghc99X6zm8UYgv4BBpkJiCwIO7c97IJ%2Fg5Kz9Dg4%2BqDej%2Fq%2Bor73qr48MBfEg6FnGzflkAtBV5t1x379Y9e9Znd5agb2oO1%2F4q9ds1X%2FrY5fd96wb0Thrlz1HNdxXMe1N7mKYjlYrUDw7HHHrXec%2BppXd5trGKj%2F19pY0NQC61%2BQy%2BBsVntmXQEPJ0iTHzcivZvL7M13EyNoLhX67PjDdDeVRYpkmcbKQpweL9iQ%2BnTzKWR6NJcL2f%2BXGPAZsX59iiA9XohE0D%2Bc6wwEohQBexFFf4JITMDpBKG8D85OCRAy3NpGmjy8JVVB9%2F5BaYXOSO35n%2BDFjNTOryBNnqwLPrDvSmFyLlONQVyCDybgvQkyM0U%2BXAEvpgjzL8DZ72T1eRdpcrithQRn5bx3zifg8QQiGoFqC6Za3IKJLZjMQsLO7NB13ZbDQuq0O2HYYK0o8Jnj0lbsUtfx2zBhJW%2BEPBshFCOEah%2BZ2scu%2F%2Fq0eRnK%2FAK9U0IzCzqfEev9ffRZiSIiKDRBQQkKTlDkBEW%2FPGJCe7p8yIQ2gbuI3iI2yrHMewf0SOa9KCWgagTFyoPsgrw8H9Ff96bYjc7sVqfJPMeN3cjz2m7sNBsNv91p%2BE7HawdtrwHNS3C9Mu96yE%2F3zpHx05stBHQKLaYI%2BSugxgUtStCdEsP0US%2BnVIh6KBMwWSLLa8j3rANxQV6d3929ShCFJ9fz4R83nlz5HKEqkakSn%2FFnBD3xYHxHFuTwjiw0%2BWk7y3nCh7R6urs5zaNLj96L9gqp2NaGHn3%2FdlgBVfr4g0jnXZoynvY0%2BWGdMxapTanCiPy8pT%2BKgttG76wblZqse%2Fudza0kU5HWXKYTUD4jtZM9hHxGXjq%2FN%2F%2BVV81X4GoCZUok5oQsDFxOEWb70NlSv5YESiw5QbaCwpRj5QXLTcEJRLSsaVBC%2F6cOlvlY0eo05eWBfoCeqoHm95EmJfqqRF%2BUoGIEbV4Y55k6uf7bt5V9h0DUxoFQtcNAKPHNjHQ%2FHc1nXTmrcivQ%2FMxuNRoO9TtNt9WiUStY89qx7zJKvTXf833aQK5n8WuX7L8BAAD%2F%2FwEAAP%2F%2F0k9PAHkEAAA%3D
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjecthailstonescramblegardening.com
FingerprintBF:55:14:9C:D8:D3:5C:E9:52:C2:11:5F:54:FC:64:E3:88:61:BC:01
ValidityTue, 16 Apr 2024 10:11:47 GMT - Mon, 15 Jul 2024 10:11:46 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3sxJQTDEk5f2pkFmu3t2embMIbiuGxYn2ZgoetPqru7Zcqu7mqqu6dkRwmJAcvAwghc99X6zm8UYgv4BBpkJiCwIO7c97IJ%2Fg5Kz9Dg4%2BqDej%2Fq%2Bor73qr48MBfEg6FnGzflkAtBV5t1x379Y9e9Znd5agb2oO1%2F4q9ds1X%2FrY5fd96wb0Thrlz1HNdxXMe1N7mKYjlYrUDw7HHHrXec%2BppXd5trGKj%2F19pY0NQC61%2BQy%2BBsVntmXQEPJ0iTHzcivZvL7M13EyNoLhX67PjDdDeVRYpkmcbKQpweL9iQ%2BnTzKWR6NJcL2f%2BXGPAZsX59iiA9XohE0D%2Bc6wwEohQBexFFf4JITMDpBKG8D85OCRAy3NpGmjy8JVVB9%2F5BaYXOSO35n%2BDFjNTOryBNnqwLPrDvSmFyLlONQVyCDybgvQkyM0U%2BXAEvpgjzL8DZ72T1eRdpcrithQRn5bx3zifg8QQiGoFqC6Za3IKJLZjMQsLO7NB13ZbDQuq0O2HYYK0o8Jnj0lbsUtfx2zBhJW%2BEPBshFCOEah%2BZ2scu%2F%2Fq0eRnK%2FAK9U0IzCzqfEev9ffRZiSIiKDRBQQkKTlDkBEW%2FPGJCe7p8yIQ2gbuI3iI2yrHMewf0SOa9KCWgagTFyoPsgrw8H9Ff96bYjc7sVqfJPMeN3cjz2m7sNBsNv91p%2BE7HawdtrwHNS3C9Mu96yE%2F3zpHx05stBHQKLaYI%2BSugxgUtStCdEsP0US%2BnVIh6KBMwWSLLa8j3rANxQV6d3929ShCFJ9fz4R83nlz5HKEqkakSn%2FFnBD3xYHxHFuTwjiw0%2BWk7y3nCh7R6urs5zaNLj96L9gqp2NaGHn3%2FdlgBVfr4g0jnXZoynvY0%2BWGdMxapTanCiPy8pT%2BKgttG76wblZqse%2Fudza0kU5HWXKYTUD4jtZM9hHxGXjq%2FN%2F%2BVV81X4GoCZUok5oQsDFxOEWb70NlSv5YESiw5QbaCwpRj5QXLTcEJRLSsaVBC%2F6cOlvlY0eo05eWBfoCeqoHm95EmJfqqRF%2BUoGIEbV4Y55k6uf7bt5V9h0DUxoFQtcNAKPHNjHQ%2FHc1nXTmrcivQ%2FMxuNRoO9TtNt9WiUStY89qx7zJKvTXf833aQK5n8WuX7L8BAAD%2F%2FwEAAP%2F%2F0k9PAHkEAAA%3D HTTP/1.1
Host: hailstonescramblegardening.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Cookie: u_pl=16023235; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec795d201f1e2281f0533689360928b823=[4991488,4991489,4991490]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 11:25:20 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aaf8c74d18b20c20221be34097df9b39
Strict-Transport-Security: max-age=0; includeSubdomains

hailstonescramblegardening.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuTuakILjEk5f2potMunsyPTPuYTHGLMHZzbqr6E2ru7onZaq7mqqu6ckIS3BB9iKM4EVPnW%2BSDa7Loj%2FARWYWRAJC5pZDAv4GZc%2FSY3D0QdV73%2FteUd97VV8emAviwdCzjZtyyIWgq826Y7%2F%2Bsetes7s8NQN70PY%2F8deu2ar%2FVsevO2%2FYN6JwV656jus4ruPam1xFsRysViR49rjj1jtOfc2ru801DNT%2FsTYWNLXA%2BhfkCjib1Z5ZK%2BDhBGny40akd3OZvfluYgTNpUKfHX%2BY7qaySJEswlhZiNPjy2pIfbr5FDI9msuF7P9bGPAZsX59iiA9vhSJoH841xkIRCkC9iKK%2FgSRmIDTCUJ5H5ydEiBkuLWNNHl4S6qC7v3D0oqdkdrzP8GLGamdryBNnqwLPrDvSmFyLlONQVyCDybgvQkyM0U%2BXAIvpgjzL8DZ72T1eRdpcrithQRn5bx3zifg8QQiGoFqC6Za3IKJLZjMQsLO7NB13ZbDQuq0O2HYYK0o8Jnj0lbsUtfx2zBhJW%2BEPBshFCOEah%2BZ2scu%2F%2Fq0eQXK%2FAK9U0IzCzqfEev9ffRZiSIiKDRBQQkKTlDkBEW%2FPGJCe7p8yIQ2gXvpvUvfKMcy7x3QI5n3opSAqhEUKw%2ByC%2FLyfER%2F3ZtiNzqzW50m8xw3diPPa7ux02w0%2FHan4Tsdrx20vQY0L8H10rzrIT%2FdO0fGT2%2B2ENAptJgi5K%2BAGhe0KEF3SgzTR72cUiHqoUzAZIksryHfsw7EBXl1fnf3qoUoPLmeD%2F%2B48WTlc4SqRKZKfMafEfTEg%2FEdWZDDO7LQ5KftLOcJH9Lq6e7mNI%2BWH70X7RVSsa0NPfr%2B7bAiqvDxB5HOuzRlPO1p8sM6ZyxSm1KFEfl5S38UBbeN3lk3KjVZ9%2FY7m1tJpiKtuUwnoHxGaid7CPmMvHR%2Bb%2F4rr5qvwNUEypRIzAm5NHA5RZjtQ2eLnJYESixwkC2jMOVYecEiKTiBiBaYBiX0f3CwiMeKVqcpLw%2F0A%2FRUDTS%2FjzQp0Vcl%2BqIEFSNo88I4z9TJ9d%2B%2Brew7BKI2DoSqHQZCiW9mpPvpqJo1mQ%2B82pag%2BZndajQc6neabqtFo1aw5rVj32WUemu%2B5%2Fu0gVzP4teW7b8BAAD%2F%2FwEAAP%2F%2FHnrdQnkEAAA%3D

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
hailstonescramblegardening.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuTuakILjEk5f2potMunsyPTPuYTHGLMHZzbqr6E2ru7onZaq7mqqu6ckIS3BB9iKM4EVPnW%2BSDa7Loj%2FARWYWRAJC5pZDAv4GZc%2FSY3D0QdV73%2FteUd97VV8emAviwdCzjZtyyIWgq826Y7%2F%2Bsetes7s8NQN70PY%2F8deu2ar%2FVsevO2%2FYN6JwV656jus4ruPam1xFsRysViR49rjj1jtOfc2ru801DNT%2FsTYWNLXA%2BhfkCjib1Z5ZK%2BDhBGny40akd3OZvfluYgTNpUKfHX%2BY7qaySJEswlhZiNPjy2pIfbr5FDI9msuF7P9bGPAZsX59iiA9vhSJoH841xkIRCkC9iKK%2FgSRmIDTCUJ5H5ydEiBkuLWNNHl4S6qC7v3D0oqdkdrzP8GLGamdryBNnqwLPrDvSmFyLlONQVyCDybgvQkyM0U%2BXAIvpgjzL8DZ72T1eRdpcrithQRn5bx3zifg8QQiGoFqC6Za3IKJLZjMQsLO7NB13ZbDQuq0O2HYYK0o8Jnj0lbsUtfx2zBhJW%2BEPBshFCOEah%2BZ2scu%2F%2Fq0eQXK%2FAK9U0IzCzqfEev9ffRZiSIiKDRBQQkKTlDkBEW%2FPGJCe7p8yIQ2gXvpvUvfKMcy7x3QI5n3opSAqhEUKw%2ByC%2FLyfER%2F3ZtiNzqzW50m8xw3diPPa7ux02w0%2FHan4Tsdrx20vQY0L8H10rzrIT%2FdO0fGT2%2B2ENAptJgi5K%2BAGhe0KEF3SgzTR72cUiHqoUzAZIksryHfsw7EBXl1fnf3qoUoPLmeD%2F%2B48WTlc4SqRKZKfMafEfTEg%2FEdWZDDO7LQ5KftLOcJH9Lq6e7mNI%2BWH70X7RVSsa0NPfr%2B7bAiqvDxB5HOuzRlPO1p8sM6ZyxSm1KFEfl5S38UBbeN3lk3KjVZ9%2FY7m1tJpiKtuUwnoHxGaid7CPmMvHR%2Bb%2F4rr5qvwNUEypRIzAm5NHA5RZjtQ2eLnJYESixwkC2jMOVYecEiKTiBiBaYBiX0f3CwiMeKVqcpLw%2F0A%2FRUDTS%2FjzQp0Vcl%2BqIEFSNo88I4z9TJ9d%2B%2Brew7BKI2DoSqHQZCiW9mpPvpqJo1mQ%2B82pag%2BZndajQc6neabqtFo1aw5rVj32WUemu%2B5%2Fu0gVzP4teW7b8BAAD%2F%2FwEAAP%2F%2FHnrdQnkEAAA%3D
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjecthailstonescramblegardening.com
FingerprintBF:55:14:9C:D8:D3:5C:E9:52:C2:11:5F:54:FC:64:E3:88:61:BC:01
ValidityTue, 16 Apr 2024 10:11:47 GMT - Mon, 15 Jul 2024 10:11:46 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuTuakILjEk5f2potMunsyPTPuYTHGLMHZzbqr6E2ru7onZaq7mqqu6ckIS3BB9iKM4EVPnW%2BSDa7Loj%2FARWYWRAJC5pZDAv4GZc%2FSY3D0QdV73%2FteUd97VV8emAviwdCzjZtyyIWgq826Y7%2F%2Bsetes7s8NQN70PY%2F8deu2ar%2FVsevO2%2FYN6JwV656jus4ruPam1xFsRysViR49rjj1jtOfc2ru801DNT%2FsTYWNLXA%2BhfkCjib1Z5ZK%2BDhBGny40akd3OZvfluYgTNpUKfHX%2BY7qaySJEswlhZiNPjy2pIfbr5FDI9msuF7P9bGPAZsX59iiA9vhSJoH841xkIRCkC9iKK%2FgSRmIDTCUJ5H5ydEiBkuLWNNHl4S6qC7v3D0oqdkdrzP8GLGamdryBNnqwLPrDvSmFyLlONQVyCDybgvQkyM0U%2BXAIvpgjzL8DZ72T1eRdpcrithQRn5bx3zifg8QQiGoFqC6Za3IKJLZjMQsLO7NB13ZbDQuq0O2HYYK0o8Jnj0lbsUtfx2zBhJW%2BEPBshFCOEah%2BZ2scu%2F%2Fq0eQXK%2FAK9U0IzCzqfEev9ffRZiSIiKDRBQQkKTlDkBEW%2FPGJCe7p8yIQ2gXvpvUvfKMcy7x3QI5n3opSAqhEUKw%2ByC%2FLyfER%2F3ZtiNzqzW50m8xw3diPPa7ux02w0%2FHan4Tsdrx20vQY0L8H10rzrIT%2FdO0fGT2%2B2ENAptJgi5K%2BAGhe0KEF3SgzTR72cUiHqoUzAZIksryHfsw7EBXl1fnf3qoUoPLmeD%2F%2B48WTlc4SqRKZKfMafEfTEg%2FEdWZDDO7LQ5KftLOcJH9Lq6e7mNI%2BWH70X7RVSsa0NPfr%2B7bAiqvDxB5HOuzRlPO1p8sM6ZyxSm1KFEfl5S38UBbeN3lk3KjVZ9%2FY7m1tJpiKtuUwnoHxGaid7CPmMvHR%2Bb%2F4rr5qvwNUEypRIzAm5NHA5RZjtQ2eLnJYESixwkC2jMOVYecEiKTiBiBaYBiX0f3CwiMeKVqcpLw%2F0A%2FRUDTS%2FjzQp0Vcl%2BqIEFSNo88I4z9TJ9d%2B%2Brew7BKI2DoSqHQZCiW9mpPvpqJo1mQ%2B82pag%2BZndajQc6neabqtFo1aw5rVj32WUemu%2B5%2Fu0gVzP4teW7b8BAAD%2F%2FwEAAP%2F%2FHnrdQnkEAAA%3D HTTP/1.1
Host: hailstonescramblegardening.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Cookie: u_pl=16023235; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec795d201f1e2281f0533689360928b823=[4991488,4991489,4991490]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 11:25:20 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 340a78d5850e3d4fb4cf5025ba26c454
Strict-Transport-Security: max-age=0; includeSubdomains

www.gtaall.com/favicon.ico

172.67.74.54

200 OK

5.2 kB

URL GET HTTP/2
www.gtaall.com/favicon.ico
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
5.2 kB (5154 bytes)
Hash
588815616b92fc2ccaf93c4a9b072894
860d680bf30df6a633a801d832c938d4b21abcde
37750ce896fc6fb031010898ccbf40ccbaae624da17ab9a7c32b8279c40763e4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:19 GMT
content-type: image/x-icon
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
etag: W/"5ce2a146-47e"
expires: Fri, 19 Apr 2024 11:25:19 GMT
cache-control: public, max-age=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fHzTgdgybWkfaWPK2bXD%2BnJSMAr4nTafaAFme%2F5SHQnC5%2FbLoktwuc21lIfGcB7fKmcPYCuY5zrla4AKNpalFXVXa%2FKCoOoNTC6TnPbfjm8uOafGRGPkrO2awGheXpz9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b232d8656c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

hailstonescramblegardening.com/ntv.json?key=795d201f1e2281f0533689360928b823&vstc=4

192.243.59.12

200 OK

18 kB

URL GET HTTP/1.1
hailstonescramblegardening.com/ntv.json?key=795d201f1e2281f0533689360928b823&vstc=4
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjecthailstonescramblegardening.com
FingerprintBF:55:14:9C:D8:D3:5C:E9:52:C2:11:5F:54:FC:64:E3:88:61:BC:01
ValidityTue, 16 Apr 2024 10:11:47 GMT - Mon, 15 Jul 2024 10:11:46 GMT

File type
JSON text data
Size
18 kB (17712 bytes)
Hash
1621b761184a5d89af0b8a9519283750
c7e7da37ccc7a96d45c4ae9e061c80baf5454a6d
2a25b82e2f8b24edc8ca81bd4270159135e903af207d5ed792c348a7d39b2d10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=795d201f1e2281f0533689360928b823&vstc=4 HTTP/1.1
Host: hailstonescramblegardening.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gtaall.com
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 11:25:20 GMT
Content-Type: application/json
Content-Length: 17712
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.gtaall.com
Access-Control-Allow-Origin: https://www.gtaall.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16023235; expires=Fri, 19 Apr 2024 11:25:20 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 19 Apr 2024 11:25:20 GMT; secure; SameSite=None
uncs=1; expires=Fri, 19 Apr 2024 11:25:20 GMT; secure; SameSite=None
pdhtkv49=true; expires=Fri, 19 Apr 2024 11:25:20 GMT; secure; SameSite=None
uncs49=1; expires=Fri, 19 Apr 2024 11:25:20 GMT; secure; SameSite=None
nlec795d201f1e2281f0533689360928b823=[4991488,4991489,4991490]; expires=Thu, 18 Apr 2024 11:25:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 101cd3c1f1571c7392575a42384a201b
Strict-Transport-Security: max-age=0; includeSubdomains

www.gtaall.com/static/public/4dc09/js/actions.js

172.67.74.54

200 OK

2.3 kB

URL GET HTTP/2
www.gtaall.com/static/public/4dc09/js/actions.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (2429), with no line terminators
Size
2.3 kB (2298 bytes)
Hash
70b31770787e19f11c880fc356c2109c
c27beac1919551b4d58b954ecd0e7d2c035d9398
e79ba639c9414587107dd6c710416772d2e3a2613244754e0026e1b95730e301

HTTP Headers

GET /static/public/4dc09/js/actions.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=3954
etag: W/"5ce2a146-f72"
expires: Thu, 18 Apr 2024 19:45:46 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOU7s%2B3Fmz9FDNoTnURiUSj%2FIq9td413WW40uTuNBob1Z%2FRN5ol0skHg3Di2lKLrZMnz29BhodNz0d2xLpCiPmcLs3M0hbX0rA9eQVyqNm4yVDdBD%2Bsuv8fJqtDZunhj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b2109fd56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/public/4dc09/js/sorting.js

172.67.74.54

200 OK

363 B

URL GET HTTP/2
www.gtaall.com/static/public/4dc09/js/sorting.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (379), with no line terminators
Size
363 B (363 bytes)
Hash
74b372071e5963f4d36e3f9edb6e5ec6
05f4f215b3d7c368b97391556d176d43e92733c7
602dc0036c3da4934b055cdafa12cd4866d509d56cce1393e8d5920d9e0c3d0f

HTTP Headers

GET /static/public/4dc09/js/sorting.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=476
etag: W/"5ce2a146-1dc"
expires: Thu, 18 Apr 2024 19:45:45 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lavAUMjhGEWOKu3iMANZODzP%2Bd36tR8mRx4I4i8x%2BBYI0Pim%2B9v41JQMseXSO46D%2BL773kVQmu2ydBnfeeUjykaXpw7YtprjgOiBwEz8LSqVlqz9nX04t9ednoOXHcXt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b211a1256c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/public/4dc09/js/menu-mobile.js

172.67.74.54

200 OK

2.7 kB

URL GET HTTP/2
www.gtaall.com/static/public/4dc09/js/menu-mobile.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (2861), with no line terminators
Size
2.7 kB (2683 bytes)
Hash
29d917e5a055ab485e0ced20539841a1
912dfd0523cbd430e49543f248213da589a27c36
ab275603aab4c6ab17c7c0243cf4bddeaefaa8591fb63e1cce79229ec79679aa

HTTP Headers

GET /static/public/4dc09/js/menu-mobile.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=3435
etag: W/"5cf4dfbe-d6b"
expires: Thu, 18 Apr 2024 19:45:45 GMT
last-modified: Mon, 03 Jun 2019 08:52:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqLrWfb6XvQ47AsTZHt9gB%2B1dFmT9ucMjd2oJ4%2BU2%2FtdRu%2BPZ7Xq%2FefZqIuSjwFXAJZzaYYXJ9csp5hPa7VKP5sHFF%2FXHZ2iaPIatE2aNoQBNHD5R6UayrOc%2BgmjbsRR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b211a1b56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/vendor/mmenu/js/mmenu.js

172.67.74.54

200 OK

34 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/mmenu/js/mmenu.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (33820), with no line terminators
Size
34 kB (33820 bytes)
Hash
04e773d776ba32f3e2e8735e50f63221
359a43ce11a8659ee7e533575a747d46823ed78a
fdd06a293d1624005b066d3f14f3c78215458f5428c08d16c91885568cff6b76

HTTP Headers

GET /static/vendor/mmenu/js/mmenu.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=35868
etag: W/"5ce2a146-8c1c"
expires: Thu, 18 Apr 2024 19:45:45 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZK2gPsWXWTwdWBH%2BPnnMEFOgD2dNQPsYgCHBgwC8%2BXnZPiTo9SEfkGVjd7EQJeIh2B1ElI0YhwtIViHQFJqBVtJJYBJpTzx6xuSSjWYvpW9jN6RIFQvpdKWrj%2BRhfcD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b211a1856c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/vendor/jquery/jquery-3.1.1.min.js

172.67.74.54

200 OK

87 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/jquery/jquery-3.1.1.min.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (32030)
Size
87 kB (86716 bytes)
Hash
4c73d5ff91014f633d3e4bb028356968
5f3e98da83c173889fe9e2c1a1b6d95b13f1d83d
e3481cfe6701c643f2cf14777554a8d82b65e3bb2af6a6e326b925726c4caeef

HTTP Headers

GET /static/vendor/jquery/jquery-3.1.1.min.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
last-modified: Tue, 08 Sep 2020 13:54:32 GMT
vary: Accept-Encoding
etag: W/"5f578d18-152bc"
expires: Thu, 18 Apr 2024 19:45:46 GMT
cache-control: public, max-age=86400
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rb74MfxF0Ng7vUwBvRn0GMTvUHkDxjhCGmgW0RgzQgwlVO%2FmPjEUA3EOdBVozpYgBEHJJzd9LAucFMpP331yk45MLUxmk9%2BUTowTPPwfN%2FYNXJqmhZK49rsbE0XszNl0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b20f9ec56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/gta-san-andreas/mods/author:KiraTheGame0

172.67.74.54

301 Moved Permanently

65 kB

URL User Request GET HTTP/2
www.gtaall.com/gta-san-andreas/mods/author:KiraTheGame0
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type

Size
65 kB (64765 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gta-san-andreas/mods/author:KiraTheGame0 HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: text/html; charset=UTF-8
location: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
x-powered-by: Pinky2/Frontend/0.9
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: no-cache
cache-control: max-age=1800, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 +0000
x-uri: /gta-san-andreas/mods/author:KiraTheGame0
x-beta: 1
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yUrcjTaZeIuZODR7BP7yXbtRBHLSLODPj9%2BevlINhX5aVb4oOeuGyDILHvPIOqnxUWxhcywOyRQgVjiAmGl2q6c%2BnNYF4VmrUvLl%2FJsR%2Bxa9MyFMymvO7njNsdO9zVn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87644b1ded0e56c7-OSL
X-Firefox-Spdy: h2

www.gtaall.com/static/vendor/fancybox/css/fancybox.css

172.67.74.54

200 OK

4.4 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/fancybox/css/fancybox.css
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
ASCII text, with very long lines (4444), with no line terminators
Size
4.4 kB (4440 bytes)
Hash
4725c0180362b1adec455dcd71d76502
2b78afcb1afb5a84531d2f38bff58ec01c9aaf5f
2eb3da5f6aebb7f4508dc9bd6f8b48430148e95f77e1587f14352a84fa1edf25

HTTP Headers

GET /static/vendor/fancybox/css/fancybox.css HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: text/css
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=4515
etag: W/"5ce2a146-11a3"
expires: Thu, 18 Apr 2024 19:45:46 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BJDImHEWeaYTSZLHNSWjmCfwRECC5RAE%2F%2BZ5pLza7Mst0o47d4Ze%2Bhh9rD1kqHMMihuQe8Ul6H6ag9a7d8Ih0ZqhXYdQFlNy9VupxuQ6kzVSRb05rIo%2F0DItiLCBF3wl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b20f9e656c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/vendor/mmenu/css/mmenu.css

172.67.74.54

200 OK

38 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/mmenu/css/mmenu.css
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
ASCII text, with very long lines (38057), with no line terminators
Size
38 kB (38057 bytes)
Hash
c340868a3470674c540063deacf28d5a
31dd23d908095b2299403be8aeca40b11541e4d6
260e708ea94ad307187e77771e84923c56d71d8d47e2fed0850d516899ad6e9d

HTTP Headers

GET /static/vendor/mmenu/css/mmenu.css HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: text/css
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=46947
etag: W/"5ce2a146-b763"
expires: Thu, 18 Apr 2024 19:45:46 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spzULeaGX3DLbPO2VA5KuWYt0fCIjPmGWAySIPRueQNPo3JMrgVVXTbvNR%2BetvmUeAj8l%2F9rt03GoTiYEqr1OS%2Fash1JTgmxKhV%2Fv2mp1BSGwyl9qSg%2F5g7anztars83"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b20f9e956c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-6LDJRJB1XL&l=dataLayer&cx=c

142.250.74.168

200 OK

252 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-6LDJRJB1XL&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
252 kB (251535 bytes)
Hash
f8495e2d1665498cf428d1ec9e0dd683
1398db5a11eeb2a2a4e7de988befde7b5a77f715
910667722df3c8872ee85b13a0dd7adb9033397601b511b2281cd3a6c7d65b1a

HTTP Headers

GET /gtag/js?id=G-6LDJRJB1XL&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 11:25:19 GMT
expires: Thu, 18 Apr 2024 11:25:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88803
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gtaall.com/static/vendor/tmpl/tmpl.min.js

172.67.74.54

200 OK

1.0 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/tmpl/tmpl.min.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (1139), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
aefadaede020a1caa1f971d15468dd80
93af5729026fc338b922afe05331951bd6d01d36
cb6e5949dcf848a66822d1ed53bf95cdd0d713b7d8044ff98ed406c529842eaf

HTTP Headers

GET /static/vendor/tmpl/tmpl.min.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
etag: W/"5ce2a146-40b"
expires: Thu, 18 Apr 2024 19:45:45 GMT
cache-control: public, max-age=86400
cf-cache-status: HIT
age: 56373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5KTpZaLwVJhvp1WY6dEngiVvZqZ9kYJDMWHq2CUdaW1hfcHKsEh7ATIkc3DysO1oV70JB34c6osUcM417ln1B5c6mMbSGOs4UEJKvOeAwcsqtE9tJOEcOI4vn1fulf6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b2109fa56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/vendor/fancybox/js/fancybox.js

172.67.74.54

200 OK

23 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/fancybox/js/fancybox.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (23080), with no line terminators
Size
23 kB (23080 bytes)
Hash
b43d148fad7a66826db92aab2ca8fc04
7a9aa2cb6f5f2004ac58730192cf8ceea3648965
9e84048bbabc2060da8b3b805e96de23b0d39e9ecb5e0a341a971133364facc8

HTTP Headers

GET /static/vendor/fancybox/js/fancybox.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=23083
etag: W/"5ce2a146-5a2b"
expires: Thu, 18 Apr 2024 19:45:46 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hptyw%2FDxCiTlRc%2FAWcxmm3j77hnUHtqBUQJclP03lmMVnEOeohYZzOUrJDRk3C5pHcREjxqGXaVgBEFsJo1Q%2FPUg9C%2B%2BFUBBTMD07V5NJxqRrHily5N3pq2W%2BgM7RDFQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b210a0256c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/vendor/fancybox/js/fancybox-media.js

172.67.74.54

200 OK

2.2 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/fancybox/js/fancybox-media.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (2275), with no line terminators
Size
2.2 kB (2223 bytes)
Hash
9cd7d6513857f9fe6aff7f2fd297fa4e
52bd48dbaef9de58eee7c58d9e995764d5916229
0b839fde05a09584db83a07bfd48ae46dc4d0c501aad02c9ead1552b653d42b6

HTTP Headers

GET /static/vendor/fancybox/js/fancybox-media.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=2235
etag: W/"5ce2a146-8bb"
expires: Thu, 18 Apr 2024 19:45:46 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmQftwsxu8oHR5jgJCgwVHNyMrsG%2FNyi%2FDvZzP%2BvQ9RkrdO1DSfoB650LI3deI4ViRnw3Ft03tlzV4e65cQ8EEnx7Z5SlvdzRSZj5LePquFHw9o1HatFl6yHlYkz14Iz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b211a0f56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/public/4dc09/js/main.js

172.67.74.54

200 OK

6.4 kB

URL GET HTTP/2
www.gtaall.com/static/public/4dc09/js/main.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (6680), with no line terminators
Size
6.4 kB (6405 bytes)
Hash
15e1bc0a4afa50e7396a9d20d90b35fb
9273ffb178f54eb5555e2d2b23f091493728ffc1
d062e60d7cd7e493271e79fca3a8e2d358b790a79e80fef8b8c4ddc4fa22c77d

HTTP Headers

GET /static/public/4dc09/js/main.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=10026
etag: W/"6006d0e7-272a"
expires: Thu, 18 Apr 2024 19:45:45 GMT
last-modified: Tue, 19 Jan 2021 12:30:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dyc4p%2BYREDjho0mZGRXC7Kd%2BXJylR7aFRlWxG28J5PMOtLJWdzT%2Bc26TFg5NXlLjfnNi4%2FvHwteR9b8EhyDG4mTmL3Cwflj0CpdEidvplUOamfVqrAwfdcPwWZTmqr5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b211a1456c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/vendor/bootstrap/css/bootstrap.min.css

172.67.74.54

200 OK

121 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/bootstrap/css/bootstrap.min.css
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
ASCII text, with very long lines (65371)
Size
121 kB (121154 bytes)
Hash
5d5deb4b681ac224054b99f39c9b2a0d
852626624dcbbba48549724b9a856aac38fc5d64
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978

HTTP Headers

GET /static/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: text/css
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
etag: W/"5ce2a146-1d942"
expires: Thu, 18 Apr 2024 19:45:45 GMT
cache-control: public, max-age=86400
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GH21iOUVshHyZWyC%2BrOdhhxIGG3NWWcMvEytmYVDH8Q%2Fh7HFxx03f858LHQGOOsDmdSwmSnZZEiobO%2FEFHxp87Mn6IB5jzSFGsOykfXPt47frv5pE9wzkelwPHcGDwjW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b20f9e056c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/public/4dc09/css/menu-mobile.css

172.67.74.54

200 OK

4.6 kB

URL GET HTTP/2
www.gtaall.com/static/public/4dc09/css/menu-mobile.css
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
ASCII text, with very long lines (4617), with no line terminators
Size
4.6 kB (4615 bytes)
Hash
6648c8eddf04ebee9d2e9b3c583cb67b
bba9a06193c0e3f4aa6dc2b94062a29aef99b5c7
b0ca12f18cd917401dd76182c5c91f0d791ad1266c5b6e022ecd96baf5ea862e

HTTP Headers

GET /static/public/4dc09/css/menu-mobile.css HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: text/css
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=5185
etag: W/"5cf4dfbe-1441"
expires: Thu, 18 Apr 2024 19:45:46 GMT
last-modified: Mon, 03 Jun 2019 08:52:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntu0NLb3WXBtJobsZ6ov%2BgylMn6pOxj6KY4fRnhC64h0%2FpWCjtL9d1Bxl4kZVe9eUTp7Y4tWIzn6u6DKBb39EnR05hHA6kPG0sZdGfANezMCy4gkTXPO%2BU%2FzoKwidfuU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b20f9eb56c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/vendor/bootstrap/js/bootstrap.min.js

172.67.74.54

200 OK

37 kB

URL GET HTTP/2
www.gtaall.com/static/vendor/bootstrap/js/bootstrap.min.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (32033)
Size
37 kB (37045 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

HTTP Headers

GET /static/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
etag: W/"5ce2a146-90b5"
expires: Thu, 18 Apr 2024 19:45:46 GMT
cache-control: public, max-age=86400
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c4vgMD58lVp7zJT5ywYOJOq4Fix5GWfripkaU3Gm1jEqGkNVljv3v3PnfZNpjynCUzG%2Ft0V2EHGZZcJM5cUhUe3nNe9w%2B00KNKTqunr%2BLB5P9bQ5x9y8%2FACygut%2BzK37"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b2109f256c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gtaall.com/static/public/4dc09/js/charts.js

172.67.74.54

200 OK

2.8 kB

URL GET HTTP/2
www.gtaall.com/static/public/4dc09/js/charts.js
IP
172.67.74.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Certificate
IssuerLet's Encrypt
Subjectgtaall.com
Fingerprint2A:38:57:70:DE:1E:21:1A:3D:D9:FD:9E:8D:50:04:2A:68:15:49:9D
ValidityTue, 09 Apr 2024 01:30:17 GMT - Mon, 08 Jul 2024 01:30:16 GMT

File type
JavaScript source, ASCII text, with very long lines (2988), with no line terminators
Size
2.8 kB (2844 bytes)
Hash
83dc78c6e12edcce05ef1fd43827e3d5
e6b2bb1e313dbb069824346144736a8ff75828c6
59ae346f98891dc5996e59f5b27dd29a970c5f895ee2a27ac31f1b3a9c20221c

HTTP Headers

GET /static/public/4dc09/js/charts.js HTTP/1.1
Host: www.gtaall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gtaall.com/gta-san-andreas/mods/author:kirathegame0/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:25:18 GMT
content-type: application/javascript
cache-control: public, max-age=86400
cf-bgj: minify
cf-polished: origSize=4401
etag: W/"5ce2a146-1131"
expires: Thu, 18 Apr 2024 19:45:46 GMT
last-modified: Mon, 20 May 2019 12:44:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ry1NzL9FS36uhmCC0s1aSQi%2FSd41rYq82csxHVCbF8dM1jSPkASI0OxDyti0tZVpQ%2FwVaNtlu7Wr3JeP9zu6ZB2Ip9fC%2BQ1GeO6NLZzeB11sorTMa0xA7SekxM3Gs9gs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87644b211a1356c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML