| dfdgfruitie.xyz/adserver/yzfdmoan.js | 172.67.132.206 | 200 OK | 0 B |
URL GET HTTP/2dfdgfruitie.xyz/adserver/yzfdmoan.js IP172.67.132.206:443
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerGoogle Trust Services LLC Subjectdfdgfruitie.xyz Fingerprint9B:73:95:36:E6:2A:E8:AE:DA:A0:BE:44:07:A2:37:71:C9:26:70:46 ValidityFri, 29 Mar 2024 21:30:02 GMT - Thu, 27 Jun 2024 21:30:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adserver/yzfdmoan.js HTTP/1.1
Host: dfdgfruitie.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iedprivatedqu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:15:33 GMT
content-type: application/x-javascript
content-length: 0
last-modified: Fri, 03 Feb 2023 19:26:28 GMT
etag: "63dd5fe4-0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4954
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CGnnRp04S90rg3dZttkiM7ApUUd8rIsEEyCghdLe4A3gy%2F9p1uEnjKTv2wZE9vnepkRNby%2B3f6eJOoXrs1oc6ltG7s3eliTmDDGet8SxUDBqf59Rs2ATiVWiLg3cAcRzUcc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881823887c2256aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| d31uxzurj3z4fa.cloudfront.net/?tid=1034363 | 143.204.42.67 | 200 OK | 90 kB |
URL GET HTTP/2d31uxzurj3z4fa.cloudfront.net/?tid=1034363 IP143.204.42.67:443
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (891) Hashbae6e93f2d99bd94a859cd19f1430d3c b85d3279a9c0bed18f8272d8393753a12b27a246 e674aacbe57c84d47a54bb827328469c76f824e81b697e77b9f55414e3164e4a
GET /?tid=1034363 HTTP/1.1
Host: d31uxzurj3z4fa.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iedprivatedqu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 90184
date: Fri, 10 May 2024 07:15:34 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: opfsfukIiq2qZWt0tN3c0oIhCWrlHFeQ99Fbkxe6cv54VDgdWcmPOA==
X-Firefox-Spdy: h2
|
|
| forhavingartistic.info/MHlEaFUfRicbaFMVNB0baCMFMTkIPBUtIUIuFS4RY0s0ChcAPGIcPFREdVhmBEpyW3NAECBVZgVfNxw0RAw3VWQWECoOOg1fMlVlHkxqXnsCXzFVZBYNNAkyDUhiGCFEFXlZYgFMd1pgA0pwWmQJ | 188.114.97.1 | 204 No Content | 0 B |
URL GET HTTP/2forhavingartistic.info/MHlEaFUfRicbaFMVNB0baCMFMTkIPBUtIUIuFS4RY0s0ChcAPGIcPFREdVhmBEpyW3NAECBVZgVfNxw0RAw3VWQWECoOOg1fMlVlHkxqXnsCXzFVZBYNNAkyDUhiGCFEFXlZYgFMd1pgA0pwWmQJ IP188.114.97.1:443
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerGoogle Trust Services LLC Subjectforhavingartistic.info Fingerprint99:C4:40:7A:4F:8D:B3:1C:81:58:9B:CB:06:76:D8:05:9B:30:0E:F6 ValidityMon, 01 Apr 2024 07:04:42 GMT - Sun, 30 Jun 2024 07:04:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MHlEaFUfRicbaFMVNB0baCMFMTkIPBUtIUIuFS4RY0s0ChcAPGIcPFREdVhmBEpyW3NAECBVZgVfNxw0RAw3VWQWECoOOg1fMlVlHkxqXnsCXzFVZBYNNAkyDUhiGCFEFXlZYgFMd1pgA0pwWmQJ HTTP/1.1
Host: forhavingartistic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iedprivatedqu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 10 May 2024 07:15:34 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWzSq2AlUhwBmBBgoxDwdSSL7SC1XoWtAdRyhE5VBiNzZPU4pOA2eO1J9LOLCIrCTc%2FfKkRb2kTv52vAfAKAwM0uagg%2Fr6VUyQ8WlRX%2FuZTCKX6P3MekwqLE2to33ItpaPXIwafPZAob"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818238b4fc456b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/asd100.bin | 188.114.96.1 | 200 OK | 102 kB |
IP188.114.96.1:443
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
Size102 kB (102458 bytes) Hash2e96d549342dbddc6004b6ea9e0819ab 4645c882a026a788884794cb0353cea0be82ac75 e3d71be6a7a2321afc5ec18a13286b8c2bfe6559baba29212c593da483d7c81d
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iedprivatedqu.com/
Origin: https://iedprivatedqu.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:15:34 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://iedprivatedqu.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3077
last-modified: Fri, 10 May 2024 06:24:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Wy%2FbxSISt%2Bhjvu34rQCt0rKLdgxQXcj4aQYkYyltp%2BNMY2ocuzBGEf0UvWrahqpw1KBVUJuc4UhKORXFDAxV9GGJIHd0PWPH0nWjyugdYLts0zz9vQc%2Bhnr0fw1a3jN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818238b4a925687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gforanopportu.info/tc | 104.21.25.241 | 200 OK | 0 B |
IP104.21.25.241:443
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerGoogle Trust Services LLC Subjectgforanopportu.info Fingerprint48:92:F7:78:56:FE:2F:3B:D3:E4:F3:00:68:41:17:58:CB:7C:AE:C9 ValiditySat, 27 Apr 2024 09:51:20 GMT - Fri, 26 Jul 2024 09:51:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /tc HTTP/1.1
Host: gforanopportu.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://iedprivatedqu.com/
Origin: https://iedprivatedqu.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 10 May 2024 07:15:35 GMT
set-cookie: ci=178161190889122; Max-Age=86400; Secure; SameSite=None
access-control-allow-origin: https://iedprivatedqu.com
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6K7iLADL5Vei7YmVTgUZaLODTVh6kzcIzZqMbJT9Zw1IzNTrJ7FbWH0kp2UnqLlmQ6hROVfuNxGX%2B43zNYg08C%2BwltaK2dWM18DCsjym7cRsWeRkUz54FHG2eootxEMo4UDqh6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818238e4e9eb4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.99 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.99:443
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iedprivatedqu.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:33:12 GMT
expires: Fri, 09 May 2025 01:33:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 106943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| iedprivatedqu.com/favicon.ico | 104.21.9.215 | 404 Not Found | 159 B |
URL GET HTTP/3iedprivatedqu.com/favicon.ico IP104.21.9.215:443
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerLet's Encrypt Subjectiedprivatedqu.com Fingerprint8F:E8:C5:8C:5B:F8:00:5D:90:48:EA:CA:6F:C7:92:35:25:27:15:62 ValiditySun, 31 Mar 2024 09:06:51 GMT - Sat, 29 Jun 2024 09:06:50 GMT
File typeHTML document, ASCII text, with no line terminators Hash047df4239d5e57f4c78db606a5859d7b 6f2a5da57c2a02837e19f8ac1158db728f3ad62c 45eda3cf633f023269cef5c11cf1c1d5dde3345afdc28610589ef3682ae5130a
GET /favicon.ico HTTP/1.1
Host: iedprivatedqu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iedprivatedqu.com/s?BTbw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:15:34 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKs5GjjgKaReurK2NRlio5KLKxHwi2Bv0%2BM%2B2T3jtiiMeVwicmWgi5gi9R0ws1TeDMjxbuWSc23%2BX1hWr5sKcrub0JWTQK1THKJ6yogehKL0GHCgm8HHZqpsITqtU5fQaLCGgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881823880d3c5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| pogothere.xyz/ | 188.114.96.1 | 200 OK | 26 B |
IP188.114.96.1:443
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
File typeASCII text, with no line terminators Hash636492b931dd798083c52fbf59ab5f72 f8e31924a6a35f13a61ea52100b88712facfa85a 9021469ddd32c7ff6a917b89bbb3df650c7c11861a7ab2b3916aee9356541521
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iedprivatedqu.com/
Origin: https://iedprivatedqu.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:15:34 GMT
content-type: text/plain
set-cookie: csu=456710914045961@1@1715325334; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://iedprivatedqu.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bVxVtiDdjssshz%2BDAwv5%2FMSd82BP9f7ZSIYmHVvAuIs%2BVqmaa1%2BkwPTzVV5TDU%2FsrXMjQ5S62XtqZVl0ZcLgag%2FtVGexgFxRGLW8Axoqmcz0EUdC8DI7mRLzmQVmRDGG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818238b4a945687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| forhavingartistic.info/popunder.gif | 0.0.0.0 | | 0 B |
URL GET forhavingartistic.info/popunder.gif IP0.0.0.0:0
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerGoogle Trust Services LLC Subjectforhavingartistic.info Fingerprint99:C4:40:7A:4F:8D:B3:1C:81:58:9B:CB:06:76:D8:05:9B:30:0E:F6 ValidityMon, 01 Apr 2024 07:04:42 GMT - Sun, 30 Jun 2024 07:04:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: forhavingartistic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iedprivatedqu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:15:34 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 50763
last-modified: Thu, 09 May 2024 17:09:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8f2enI6isL3S4N5fESgiUiAkMtOd8%2FBpNUAapO0AQRYfK4QZP4UkePCRKUWdynWvpsyd6VRTm8FhV0iqBg7a%2BsVxkxpLvyYrQYaCNd%2BzbUi1cL4Vnx6%2Fk1%2BkIu5VDVP8dHatNFPPWoaG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818238d8f0e5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.9.215 | 200 OK | 95 kB |
URL User Request GET HTTP/2IP104.21.9.215:443
CertificateIssuerLet's Encrypt Subjectiedprivatedqu.com Fingerprint8F:E8:C5:8C:5B:F8:00:5D:90:48:EA:CA:6F:C7:92:35:25:27:15:62 ValiditySun, 31 Mar 2024 09:06:51 GMT - Sat, 29 Jun 2024 09:06:50 GMT
File typeHTML document, ASCII text, with very long lines (61305) Hash6f82b8455ea9fc7eb96b1798cdc73120 f2db4045d56e1d5962a7dd4899d19f85860b6419 7df01382b38acebb2ab834d4586bd1ffb520a6913574af5f3e4e86396a033a78
GET /s?BTbw HTTP/1.1
Host: iedprivatedqu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:15:33 GMT
content-type: text/html
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yiikeF4%2FeDBI7RxPMwga1oqWO1HJpXPCXWrQOUDxgGDxtMO8tz4wsyw9xHN%2BgbnE1LMjQ%2FzqkokiJrT9vuVL139EqK8R0wuGnMm1y1GjNqxtfhWvdBYNUg5JUDNfkSFzlsq0Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881823826f18712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap | 142.250.74.106 | 200 OK | 14 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap IP142.250.74.106:443
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash9c12b57a25710853b762d48b28545b5c 57a79d40792f42232b317bd9529c98efa29fc315 35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iedprivatedqu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 07:15:33 GMT
date: Fri, 10 May 2024 07:15:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| undefined/UXhiTWwwGgEgUzBFAGsZIxRfaF4XXVALCGJJFzUWJAoIfhZlHgNjDz0XFykKIxcMOUI/HRZoXhchAwoqAiE0GCAVEhUFDTkPKwMAKRM1CyY8LQ8DDgMBKxkhEE0BAhsAACUPIWY+GBwPEzw7HCUUISEdPSkCIyUlaDwbGzoXFS85IwBIUAo6Nk0mCws4OgsAGhAwMxsgJgABFAcyTSEcVGAgKgAiFQIkLjYUTCMDCx8XOggPPD02IigJOwEdIQBIKgIbaQ8mCA8/OSUqKhURBQQjACkjKV0cLDoYVTgqJSk1AisSHDYUSTEIKQMWNQxcZjwbDD0DP08PPh0uIBUoBxwKGToYKTAKCAg9Gx8pCxEOFDYUQQ4cOQMfNxklHzkIJiMyPg0jNRc+CRoqFxI3Gj4fLVAEJAE6DQgiEEwWGTocLTUKIhYtOhw5MD4JawYiFww9USZJLiEJBjNbIQhoCAU7KzA | 0.0.0.0 | | 0 B |
URL GET undefined/UXhiTWwwGgEgUzBFAGsZIxRfaF4XXVALCGJJFzUWJAoIfhZlHgNjDz0XFykKIxcMOUI/HRZoXhchAwoqAiE0GCAVEhUFDTkPKwMAKRM1CyY8LQ8DDgMBKxkhEE0BAhsAACUPIWY+GBwPEzw7HCUUISEdPSkCIyUlaDwbGzoXFS85IwBIUAo6Nk0mCws4OgsAGhAwMxsgJgABFAcyTSEcVGAgKgAiFQIkLjYUTCMDCx8XOggPPD02IigJOwEdIQBIKgIbaQ8mCA8/OSUqKhURBQQjACkjKV0cLDoYVTgqJSk1AisSHDYUSTEIKQMWNQxcZjwbDD0DP08PPh0uIBUoBxwKGToYKTAKCAg9Gx8pCxEOFDYUQQ4cOQMfNxklHzkIJiMyPg0jNRc+CRoqFxI3Gj4fLVAEJAE6DQgiEEwWGTocLTUKIhYtOhw5MD4JawYiFww9USZJLiEJBjNbIQhoCAU7KzA IP0.0.0.0:0
Requested byhttps://iedprivatedqu.com/s?BTbw
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /UXhiTWwwGgEgUzBFAGsZIxRfaF4XXVALCGJJFzUWJAoIfhZlHgNjDz0XFykKIxcMOUI/HRZoXhchAwoqAiE0GCAVEhUFDTkPKwMAKRM1CyY8LQ8DDgMBKxkhEE0BAhsAACUPIWY+GBwPEzw7HCUUISEdPSkCIyUlaDwbGzoXFS85IwBIUAo6Nk0mCws4OgsAGhAwMxsgJgABFAcyTSEcVGAgKgAiFQIkLjYUTCMDCx8XOggPPD02IigJOwEdIQBIKgIbaQ8mCA8/OSUqKhURBQQjACkjKV0cLDoYVTgqJSk1AisSHDYUSTEIKQMWNQxcZjwbDD0DP08PPh0uIBUoBxwKGToYKTAKCAg9Gx8pCxEOFDYUQQ4cOQMfNxklHzkIJiMyPg0jNRc+CRoqFxI3Gj4fLVAEJAE6DQgiEEwWGTocLTUKIhYtOhw5MD4JawYiFww9USZJLiEJBjNbIQhoCAU7KzA HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iedprivatedqu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap | 142.250.74.106 | 200 OK | 781 B |
URL GET HTTP/3fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap IP142.250.74.106:443
Requested byhttps://iedprivatedqu.com/s?BTbw CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (799), with no line terminators Hashf2734c367eb54d2729867445e0ea79a8 18f8b32901dae48bedc55cc12baca116e56e6bb7 d5f6fe55368116052648d76167ba4c103db2e0e52680340cd0cb014d3f6cf1d4
GET /css?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iedprivatedqu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 07:15:34 GMT
date: Fri, 10 May 2024 07:15:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|