| www.angelfire.com/ill/hamad/...al.v5.0.142.rar | 209.202.252.105 | 302 Moved Temporarily | 3.6 kB |
URL User Request GET HTTP/1.1www.angelfire.com/ill/hamad/...al.v5.0.142.rar IP209.202.252.105:80
File typeHTML document, ASCII text, with very long lines (521), with CRLF, LF line terminators Hashba76b8667a33c695c71917abc7f03011 d758334c4b276d904b895005219cb3b357c35dc2 e3d51dfd44cfda46b1213b212dbc361cf2b34f50845faf91f28a0a717eb3355e
GET /ill/hamad/...al.v5.0.142.rar HTTP/1.1
Host: www.angelfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: nginx/1.18.0
date: Wed, 17 Apr 2024 14:34:35 GMT
content-type: text/html; charset=ISO-8859-1
vary: *
x-server-ip: 209.202.245.144
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
X-Firefox-Spdy: h2
|
|
| scripts.lycos.com/catman/init.js | 209.202.254.12 | 200 OK | 927 B |
URL GET HTTP/1.1scripts.lycos.com/catman/init.js IP209.202.254.12:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerLet's Encrypt Subject*.lycos.com Fingerprint4D:79:2B:FE:78:81:74:AA:DA:50:3D:D8:7C:19:87:09:51:56:76:73 ValiditySun, 14 Apr 2024 00:22:43 GMT - Sat, 13 Jul 2024 00:22:42 GMT
File typeASCII text, with very long lines (905) Hash66e54ed2b8eaa3b82ba27ff49c42e81d 79b8df00da71f4fe5526f855345059c7dcdecfe8 b1d4a753cf3cc25720fc2883a3e6c6be8c43637041c34aa376cf7428f7672520
GET /catman/init.js HTTP/1.1
Host: scripts.lycos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.angelfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 14:34:37 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2016 19:25:53 GMT
ETag: "9c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=21600
Expires: Wed, 17 Apr 2024 20:34:37 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 927
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ly.lygo.net/af/css/afstyle.css | 209.202.254.60 | 200 OK | 8.8 kB |
URL GET HTTP/1.1ly.lygo.net/af/css/afstyle.css IP209.202.254.60:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerLet's Encrypt Subjectlygo.net Fingerprint38:8E:CF:86:47:B9:D9:23:35:30:0D:C2:6E:DC:3C:C4:79:EF:AC:8B ValiditySat, 09 Mar 2024 00:19:19 GMT - Fri, 07 Jun 2024 00:19:18 GMT
File typeassembler source, ASCII text, with very long lines (332) Hash013deede4094080ba2a29163fe7000c2 30452864fb5436e0d1ef87e8f08036e7a9b18bd6 82fd148f0551bbb54b340c85cc65f06325c7c9137cde13a41e0e4def53b0ec07
GET /af/css/afstyle.css HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.angelfire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 14:34:37 GMT
Server: Apache
Last-Modified: Wed, 11 Dec 2019 11:40:53 GMT
ETag: "829f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=43200
Expires: Thu, 18 Apr 2024 02:34:37 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 8782
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| ly.lygo.net/af/js/angelfire-main.js | 209.202.254.60 | 200 OK | 2.4 kB |
URL GET HTTP/1.1ly.lygo.net/af/js/angelfire-main.js IP209.202.254.60:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerLet's Encrypt Subjectlygo.net Fingerprint38:8E:CF:86:47:B9:D9:23:35:30:0D:C2:6E:DC:3C:C4:79:EF:AC:8B ValiditySat, 09 Mar 2024 00:19:19 GMT - Fri, 07 Jun 2024 00:19:18 GMT
File typeJavaScript source, ASCII text Hash4cccd683bc371c3b06e5e73490f9ed8a 14835cf4ea8f663f1919909c1d414ba1309c2cd5 651a7019d5b819f57ae83aa317abd5efe8fb55c32a3e1466fa3c1334f6485d08
GET /af/js/angelfire-main.js HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.angelfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 14:34:37 GMT
Server: Apache
Last-Modified: Tue, 21 Jan 2020 14:45:02 GMT
ETag: "1ae5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=43200
Expires: Thu, 18 Apr 2024 02:34:37 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 2442
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ly.lygo.net/af/js/jquery-1.4.2.min.js | 209.202.254.60 | 200 OK | 25 kB |
URL GET HTTP/1.1ly.lygo.net/af/js/jquery-1.4.2.min.js IP209.202.254.60:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerLet's Encrypt Subjectlygo.net Fingerprint38:8E:CF:86:47:B9:D9:23:35:30:0D:C2:6E:DC:3C:C4:79:EF:AC:8B ValiditySat, 09 Mar 2024 00:19:19 GMT - Fri, 07 Jun 2024 00:19:18 GMT
File typeJavaScript source, ASCII text, with very long lines (820) Hash10092eee563dec2dca82b77d2cf5a1ae 65cbff4e9d95d47a6f31d96ab4ea361c1f538a7b e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
GET /af/js/jquery-1.4.2.min.js HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.angelfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 14:34:37 GMT
Server: Apache
Last-Modified: Mon, 30 Oct 2017 14:28:09 GMT
ETag: "119ee-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=43200
Expires: Thu, 18 Apr 2024 02:34:37 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 24555
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| scripts.lycos.com/catman3/code/angelfire.lycos.com/error.js | 209.202.254.12 | 200 OK | 873 B |
URL GET HTTP/1.1scripts.lycos.com/catman3/code/angelfire.lycos.com/error.js IP209.202.254.12:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerLet's Encrypt Subject*.lycos.com Fingerprint4D:79:2B:FE:78:81:74:AA:DA:50:3D:D8:7C:19:87:09:51:56:76:73 ValiditySun, 14 Apr 2024 00:22:43 GMT - Sat, 13 Jul 2024 00:22:42 GMT
File typeHTML document, ASCII text, with very long lines (583) Hash27d2cdc3157251f6e64c0369ef120eba 04fdc756ef8f2ac58d67124069bb74f752a483a3 eb8c7a8c87ea660485c9c3c7fd689d2969ab88511a9920762edc5cad73d3a75c
GET /catman3/code/angelfire.lycos.com/error.js HTTP/1.1
Host: scripts.lycos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.angelfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 14:34:38 GMT
Server: Apache
Last-Modified: Wed, 21 Oct 2020 11:05:02 GMT
ETag: "7eb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=21600
Expires: Wed, 17 Apr 2024 20:34:38 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 873
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| status.geotrust.com/ | 192.229.221.95 | | 471 B |
IP192.229.221.95:0
Hashf3eff4826eefa2a67ca541c1bcd4bb0b 354ab0d07ec55791cc5903ad86b6ebeced6629ae 518a482148eaa85bd9361644827af8e51c9700612cc4061d5eefa9b411cf6c49
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3982
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Wed, 17 Apr 2024 14:34:38 GMT
Last-Modified: Wed, 17 Apr 2024 13:28:16 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
|
|
| ly.lygo.net/af/images/angelfireLogo.png | 209.202.254.60 | 200 OK | 16 kB |
URL GET HTTP/1.1ly.lygo.net/af/images/angelfireLogo.png IP209.202.254.60:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerLet's Encrypt Subjectlygo.net Fingerprint38:8E:CF:86:47:B9:D9:23:35:30:0D:C2:6E:DC:3C:C4:79:EF:AC:8B ValiditySat, 09 Mar 2024 00:19:19 GMT - Fri, 07 Jun 2024 00:19:18 GMT
File typePNG image data, 396 x 99, 8-bit/color RGBA, non-interlaced Hashc9929c52d384c4ae50e812c95daefcae bb7193b5c30d3c3ab033e48ca37bd61f7a324025 7808f8ce2a51e51437a8b047b9c0e73b75ea8e5c2408a3015019d0bd23355a38
GET /af/images/angelfireLogo.png HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ly.lygo.net/af/css/afstyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 14:34:38 GMT
Server: Apache
Last-Modified: Mon, 30 Oct 2017 14:25:41 GMT
ETag: "3ca9"
Accept-Ranges: bytes
Content-Length: 15529
Cache-Control: max-age=43200
Expires: Thu, 18 Apr 2024 02:34:38 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| ly.lygo.net/af/images/sprite.png | 209.202.254.60 | 200 OK | 34 kB |
URL GET HTTP/1.1ly.lygo.net/af/images/sprite.png IP209.202.254.60:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerLet's Encrypt Subjectlygo.net Fingerprint38:8E:CF:86:47:B9:D9:23:35:30:0D:C2:6E:DC:3C:C4:79:EF:AC:8B ValiditySat, 09 Mar 2024 00:19:19 GMT - Fri, 07 Jun 2024 00:19:18 GMT
File typePNG image data, 285 x 225, 8-bit/color RGBA, non-interlaced Hash7e963492761ba257f81c8d18c59837ff 7f78e990bd5925a8a6ea5f4dc8c253166d4445cd dca3d1152035732edb45d6e42c65989e57a87d0dd78def912dc8644d91e06972
GET /af/images/sprite.png HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ly.lygo.net/af/css/afstyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 14:34:38 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2016 19:24:55 GMT
ETag: "82e3"
Accept-Ranges: bytes
Content-Length: 33507
Cache-Control: max-age=43200
Expires: Thu, 18 Apr 2024 02:34:38 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| ly.lygo.net/af/images/404.jpg | 209.202.254.60 | 200 OK | 116 kB |
URL GET HTTP/1.1ly.lygo.net/af/images/404.jpg IP209.202.254.60:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerLet's Encrypt Subjectlygo.net Fingerprint38:8E:CF:86:47:B9:D9:23:35:30:0D:C2:6E:DC:3C:C4:79:EF:AC:8B ValiditySat, 09 Mar 2024 00:19:19 GMT - Fri, 07 Jun 2024 00:19:18 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x879, components 3 Size116 kB (115812 bytes) Hashe3adf697224c4289e8973de7bf32a32e b851cde21b984732d31cfc4880e33e9b2616d41e dec1c841a1f7e57a8b52c01b45d280f1097bf5853b704faf31d852b97a944c2d
GET /af/images/404.jpg HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ly.lygo.net/af/css/afstyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 14:34:38 GMT
Server: Apache
Last-Modified: Mon, 30 Oct 2017 14:28:09 GMT
ETag: "1c464"
Accept-Ranges: bytes
Content-Length: 115812
Cache-Control: max-age=43200
Expires: Thu, 18 Apr 2024 02:34:38 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| widgets.kiosked.com/sniffer/get-script/sign/07c864a5d6ed2f13591069294f0c3c93/albumid/10566/co/10927.js | 143.204.55.26 | 200 OK | 187 kB |
URL GET HTTP/1.1widgets.kiosked.com/sniffer/get-script/sign/07c864a5d6ed2f13591069294f0c3c93/albumid/10566/co/10927.js IP143.204.55.26:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerDigiCert Inc Subject*.kiosked.com Fingerprint0D:7F:80:AB:78:51:65:B5:30:1D:1B:DE:98:14:DB:73:1E:2A:40:B9 ValidityWed, 27 Sep 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65432) Size187 kB (186961 bytes) Hashe54a006eb26e9d354e5e772f5a3118c5 0ed154c4d7cab1d2e519b89afdd2e0936333d126 39600b80fdec4db320efdc46fb0ab60e715b388dd1f35fa4ae0b4196bceabc98
GET /sniffer/get-script/sign/07c864a5d6ed2f13591069294f0c3c93/albumid/10566/co/10927.js HTTP/1.1
Host: widgets.kiosked.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.angelfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="KIOSKED"
Server: nginx/1.14.2
Timing-Allow-Origin: *
Cache-Control: public, max-age=1200
Date: Wed, 17 Apr 2024 14:34:38 GMT
ETag: W/"39600b80fdec4db320efdc46fb0ab60e715b388dd1f35fa4ae0b4196bceabc98"
X-Cache: RefreshHit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1dgAOadbvasm26OUqWS0k-bss8gkIR9GxuAEju9HSlli_Qc9MH4cwA==
|
|
| sp-log.lycos.com/af_cm.gif | 209.202.254.90 | 200 OK | 45 B |
URL GET HTTP/1.1sp-log.lycos.com/af_cm.gif IP209.202.254.90:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerLet's Encrypt Subject*.lycos.com Fingerprint4D:79:2B:FE:78:81:74:AA:DA:50:3D:D8:7C:19:87:09:51:56:76:73 ValiditySun, 14 Apr 2024 00:22:43 GMT - Sat, 13 Jul 2024 00:22:42 GMT
File typeGIF image data, version 89a, 5 x 5 Hashc4e3e106fbcc28e9c5b2be2a78018886 fe87fba9c2a6384dfe3827cf6608b0692cb79872 e0f8dceb516151e70891cb4ed02aac4b5800b37c13d8328a35919472efe0f93e
GET /af_cm.gif HTTP/1.1
Host: sp-log.lycos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.angelfire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 14:34:38 GMT
Server: Apache
Last-Modified: Mon, 06 Aug 2018 18:05:44 GMT
ETag: "2d-572c8204a63ec"
Accept-Ranges: bytes
Content-Length: 45
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
|
|
| ly.lygo.net/af/i/favicon.ico | 209.202.254.60 | 200 OK | 12 kB |
URL GET HTTP/1.1ly.lygo.net/af/i/favicon.ico IP209.202.254.60:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerLet's Encrypt Subjectlygo.net Fingerprint38:8E:CF:86:47:B9:D9:23:35:30:0D:C2:6E:DC:3C:C4:79:EF:AC:8B ValiditySat, 09 Mar 2024 00:19:19 GMT - Fri, 07 Jun 2024 00:19:18 GMT
File typeMS Windows icon resource - 3 icons, 48x48, 24 bits/pixel, 32x32, 24 bits/pixel Hash9460a636f7d5f633ffae345c7676fc6b 52a6889d803bca43f42589d7a15133fcf09b5044 d3f79977b14f1baf447eece79811ac79257aabcdcaa70786a7b573973743c2a7
GET /af/i/favicon.ico HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.angelfire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 14:34:38 GMT
Server: Apache
Last-Modified: Mon, 30 Oct 2017 14:28:09 GMT
ETag: "2cee"
Accept-Ranges: bytes
Content-Length: 11502
Cache-Control: max-age=43200
Expires: Thu, 18 Apr 2024 02:34:38 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
|
|
| ib.adnxs.com/ut/v3/prebid | 37.252.171.52 | 200 OK | 137 B |
URL POST HTTP/2ib.adnxs.com/ut/v3/prebid IP37.252.171.52:443
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar CertificateIssuerDigiCert Inc Subject*.adnxs.com Fingerprint67:2D:49:EE:1E:AF:D8:2B:B2:85:1A:C5:39:29:91:05:8E:5E:6F:AA ValidityWed, 14 Feb 2024 00:00:00 GMT - Sun, 16 Mar 2025 23:59:59 GMT
Hashe75c6d42cd542f5a6b5278df03bf4409 2f93a849b34739efc1541e085266d8de51a1dc01 e1b31ed8130ee64ccac0e62bc62600fb09a3c0bf75458739627df6aa7a729358
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1640
Origin: https://www.angelfire.com
DNT: 1
Connection: keep-alive
Referer: https://www.angelfire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.23.4
date: Wed, 17 Apr 2024 14:34:39 GMT
content-type: application/json; charset=utf-8
content-length: 137
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.angelfire.com
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: 5f8b2335-2cf1-4853-a818-60fa6dcd77f1
x-proxy-origin: 91.90.42.154; 91.90.42.154; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-Firefox-Spdy: h2
|
|
| www.angelfire.com/ill/hamad/...al.v5.0.142.rar | 209.202.252.105 | 302 Moved Temporarily | 9.7 kB |
URL User Request GET HTTP/1.1www.angelfire.com/ill/hamad/...al.v5.0.142.rar IP209.202.252.105:80
Hash43e9fad65de3bc2134918e45f630c4ef fd7bab31dd89435fa60e2ef6f9fd1f546755194b 1fe6b53c3a49ea2ecfcbfcb3159482f38e8fc74658408b4395d37660117d74fa
GET /ill/hamad/...al.v5.0.142.rar HTTP/1.1
Host: www.angelfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
server: nginx/1.18.0
date: Wed, 17 Apr 2024 14:34:36 GMT
content-type: text/html; charset=ISO-8859-1
vary: *
x-server-ip: 209.202.245.160
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
X-Firefox-Spdy: h2
|
|
| t.tmdn2015x9.com/build/fd577adb/v1/ | 0.0.0.0 | | 0 B |
URL GET t.tmdn2015x9.com/build/fd577adb/v1/ IP0.0.0.0:0
Requested byhttps://www.angelfire.com/ill/hamad/...al.v5.0.142.rar
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /build/fd577adb/v1/ HTTP/1.1
Host: t.tmdn2015x9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.angelfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|