| allfunmedia.com/img/flags/min/en.png |  172.64.154.102 | 200 OK | 481 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/en.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hash2b936acc8c146a32951e38be063165d3 c379684310743ece93501b7fcdf396359f577cdb 1b959a0f3a63cc646af532327035df4c4ebc6b91ac86fc5384fe60283e26132a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/en.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 481
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-1e1"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59663a1bb4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/ar.png | 172.64.154.102 | 200 OK | 318 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/ar.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hashb11bcada2c51b6e5e299245db87bec18 56dc40f41854e76cbdf12683721763b674fbef14 59fae4a2c45ab3f79b6e012c3bc435bad3d83de43cd8b5cb9ec792bbdc71e034
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/ar.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 318
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-13e"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59665a32b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/es.png | 172.64.154.102 | 200 OK | 365 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/es.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hash9790f666586897cf09b4e2ff5e11f674 bbeedd0fd9332b6534a259e71a6b871b7dea16e0 52f9f4b06302262227ccfcbd5bc1f1a8be31b554167a48e8b90bb8b569743bfc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/es.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 365
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-16d"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59665a39b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/de.png | 172.64.154.102 | 200 OK | 464 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/de.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hash3babff7961e39e8cd594b9678f7ce728 ea40638d6af4722c8b0e4314e95d64ae059a3ae0 7319b0ebaea7239bf208e9bbf05c5756659be88767ad0424eca017aacf7940eb
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/de.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 464
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-1d0"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59665a38b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/da.png | 172.64.154.102 | 200 OK | 298 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/da.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hashc34a7583b5e01b331ee79386d8cebf95 fd0d1f826a6619d278fe962292b63ae91bf61170 5c80542e1988370b38fae869c8adc6edbb449b91e87d0544b4c5074e191d6916
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/da.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 298
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-12a"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59665a35b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/cs.png | 172.64.154.102 | 200 OK | 355 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/cs.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hash1dce874aa08b4056fcbea8bed2bc0a5f 71d96821168f0f67bfe9ca168db09373d99e57bc 4df39f91b4133cc13f1248a5583917f8841afa615d9dd605aa3b15ccdff23245
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/cs.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 355
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-163"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59665a33b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/fr.png | 172.64.154.102 | 200 OK | 369 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/fr.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hash83d2595ea3031de73b98f2c57ad88949 32bd0c5b029e8b75bef13eeb532917d9a56f61c9 0ec28fba482645dc252afe2be19282beebab6162300c9291c16a31138694cca0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/fr.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 369
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-171"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59665a3cb4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/it.png | 172.64.154.102 | 200 OK | 316 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/it.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hashacab890d6d5eb20e38f22aba425c3d34 ec0be0f24e663759356e817bd73a7e7569663bb6 f6f0eb8b370c334ab172fa69fb55ec7b72c6bd3d137c0bbd750d0fc788f433b0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/it.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 316
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-13c"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59665a41b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/hu.png | 172.64.154.102 | 200 OK | 303 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/hu.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hash70006a59a0a303c96b772f500a287f70 d7afc45fa97725ebaac57726d5d45f602ac7bfef 940b53ff3a42a200817ce9c4d1c8c4d1563853486b628d199b2d4b1f12fd255f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/hu.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 303
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-12f"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59665a40b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/nl.png | 172.64.154.102 | 200 OK | 328 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/nl.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hashc055c14b8f44b006b32261e71be3324f 34ccf4e9f9d0f18b86fabafe477d5cc76d6ca725 ad2583d30cae6dfdba4e48dedbdb623305fb0e5a310cf84deedb75cb8e7214a2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/nl.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 328
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-148"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59666a4fb4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/pl.png | 172.64.154.102 | 200 OK | 256 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/pl.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hash0bf391411c6f06bef68cc4c369b9eba0 7773847a6c110241864cdb7760fc80c76011978b 51f29fd11cad81a8cbe246c0ee8d4f97fd8a04859fbf6a4517b7cce931e8ba34
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/pl.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 256
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-100"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59667a51b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/ja.png | 172.64.154.102 | 200 OK | 266 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/ja.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hashf8d5d965c5ac8014d2e0293d67f893a4 476ddbaaa32dc435e1c1aa04104c88c9771c5fbe f8876ab39504d02b6fb905eef77c4ad8d181a563105609bed0b57fc279352ef0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/ja.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 266
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-10a"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59666a4eb4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/no.png | 172.64.154.102 | 200 OK | 334 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/no.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hashc48ab8c65139f9647fee8710c4b3b66c df412e417270d78833a1efacdc61529abb7ad03c 79ca4cda3faf0379f6fb2df3f82b896393291eede7c9c7e09b5199572de06d5c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/no.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 334
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-14e"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59667a50b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/sv.png | 172.64.154.102 | 200 OK | 342 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/sv.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hash0f13dc11fccbdd9a587353905c836b16 dbf9faf4f7d227c11a5ba77fd3ae09af52763b8c ebd9138caa9f44e33b54636bdf819ae6ece1f72a1405e58f37724273f187adc4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/sv.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 342
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-156"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d5966aa75b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/pt.png | 172.64.154.102 | 200 OK | 427 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/pt.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hash86b64a6009b9fda3f62281760c1dd4f0 c536dff21701618654328b21773e69a7508c4c85 28d682eed12d0786c32613e2c4c54c144975c7160f2584380d1839d9dc04f824
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/pt.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 427
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-1ab"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d5966aa74b4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/flags/min/zh.png | 172.64.154.102 | 200 OK | 290 B |
URL GET HTTP/2allfunmedia.com/img/flags/min/zh.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 16 x 11, 8-bit colormap, non-interlaced Hash329cca45f3a4c46ec249638ca4f8d6e0 98b23617ef88d3a4cd632839fe4180b0ee05a697 9c70b1a563b14ee447b6fc9c00532a73a1e09c500660ce8063d6b3fbce48ae47
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/flags/min/zh.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 290
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-122"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d5966ba7fb4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/logos/entertainment/min/proplayrewind.png | 172.64.154.102 | 200 OK | 989 B |
URL GET HTTP/2allfunmedia.com/img/logos/entertainment/min/proplayrewind.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 250 x 60, 8-bit colormap, non-interlaced Hash9729fdf8428404d578e46252162121dd 0375ed9a7b388e064e06d4718e28fa5db81f598a 90b2f2c53da1260e06c3c5fccd1c2cb892a9aa661eac8e6766ab5ae66020f51e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/logos/entertainment/min/proplayrewind.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 989
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-3dd"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d5966ca85b4ee-OSL
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css |  104.17.24.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.24.14:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 20662
expires: Mon, 28 Apr 2025 23:49:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXxDl2R2YunUIjH5K0onz3sDFWOCyv8rX3YjquTZ62oW%2FA0epTjZheVEcRgJ6aZix4niYsqbdDOKVHbx2igFhfmhiVQ958i4eBQSQE2q4ujAdwkUuZa4Nt5ZSZjPYS3ih5Y%2BJBAg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880d5966e82d56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/img/logos/custom/min/bytereads.png | 172.64.154.102 | 200 OK | 112 kB |
URL GET HTTP/2allfunmedia.com/img/logos/custom/min/bytereads.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 1024 x 1024, 8-bit colormap, non-interlaced Size112 kB (111818 bytes) Hash41e745d999c6e746318d32a7f24c3fba b120bf261944c35eab41579faa45da555b1a36c7 7c68eac4055e0e348bda8b3d850b616a87e68dc814fdb141157eb3ba01cc5667
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /img/logos/custom/min/bytereads.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: image/png
content-length: 111818
last-modified: Tue, 07 May 2024 17:29:53 GMT
etag: "663a6511-1b4ca"
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d59663a1ab4ee-OSL
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/theme/Master/SubscriptionPages/img/sprites/connsmythe-sprites.png | 172.64.154.102 | 200 OK | 15 kB |
URL GET HTTP/2allfunmedia.com/theme/Master/SubscriptionPages/img/sprites/connsmythe-sprites.png IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typePNG image data, 300 x 213, 8-bit/color RGBA, non-interlaced Hash8f6f69116ce39f0b56b9c9f7aa080d9b 2db6c7f5747315867afe28e0204fb59fd849bcef 5ca26ee807f7e5c6cb1a3e716efbe1ae68acc0a389fb78f2e525bb589db8726c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /theme/Master/SubscriptionPages/img/sprites/connsmythe-sprites.png HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/theme/Master/SubscriptionPages/css/subscriptions/theme/panther-basic.42fc4b7a.css
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:57 GMT
content-type: image/png
content-length: 14990
last-modified: Tue, 07 May 2024 17:29:51 GMT
etag: "663a650f-3a8e"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d596c2e7eb4ee-OSL
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.17.24.14 | 200 OK | 77 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.17.24.14:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://allfunmedia.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 23:49:57 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 24930
expires: Mon, 28 Apr 2025 23:49:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EIRrZjUBJXxYvj3yISoPn7hWhXvpDGD5Brd%2FBMgF0PvCUIwwetJyIo7qrO9xtbI43p9h31bCQbQdMGU657zdt3%2FhrWH3gF9D%2FV94P%2BGy%2F2pWdsMZodq%2FHQacOX75VQaA3FrUc4ng"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880d596c5b88b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 | 216.58.207.227 | 200 OK | 19 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 IP216.58.207.227:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18668, version 1.0 Hash8655d20bbcc8cdbfab17b6be6cf55df3 90edbfa9a7dabb185487b4774076f82eb6412270 e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://allfunmedia.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:49:21 GMT
expires: Fri, 02 May 2025 01:49:21 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
age: 597636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 25 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP104.18.10.207:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (65325) Hash450fc463b8b1a349df717056fbb3e078 895125a4522a3b10ee7ada06ee6503587cbf95c5 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://allfunmedia.com
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:51:41
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b2b1fd5c26c4194ae6b26442a7ef00df
cdn-cache: HIT
cf-cache-status: HIT
age: 709499
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880d5966d9f7b4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Noto+Sans | 142.250.74.106 | 200 OK | 3.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Noto+Sans IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (3088), with no line terminators Hashf75c277ea3504309940d1141ebcaa35c 642b80f26b8eb2eb26342a26aceeb7e3b2a6d652 588354aac33e2201e95502c089f18b1c9438c4f5d650f926996ef36955235959
GET /css?family=Noto+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans | 142.250.74.106 | 200 OK | 5.8 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (5866), with no line terminators Hash9a9a7fec0410c78b8c7601306b9fa182 7d736470060c2cbab18d2a59c043202c2d3dbaac 6a2126bd16491c04d2f664d8acb3a7ad24ec144e02bffd62db7254bee91567f0
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/theme/Master/SubscriptionPages/js/subscriptions/min/scripts.min.e076a388.js | 172.64.154.102 | 200 OK | 448 kB |
URL GET HTTP/2allfunmedia.com/theme/Master/SubscriptionPages/js/subscriptions/min/scripts.min.e076a388.js IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
Size448 kB (448539 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /theme/Master/SubscriptionPages/js/subscriptions/min/scripts.min.e076a388.js HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 17:29:51 GMT
etag: W/"663a650f-6d81b"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 5607
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d5966ca83b4ee-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb | 172.64.154.102 | 200 OK | 43 kB |
URL User Request GET HTTP/2allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb IP172.64.154.102:443
CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: text/html
cf-ray: 880d59622ff9b4ee-OSL
cf-cache-status: DYNAMIC
cache-control: max-age=604800
expires: Mon, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
cache-tag: 1982,allfunmedia.com,/registration,NO,m-2-pantherBKFX,eng,,turnhub.net
set-cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; Path=/; Secure; Max-Age=9999999
CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; Path=/; Secure; Max-Age=9999999
CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; Path=/; Secure; Max-Age=9999999
CakeCookie[entityId]=Mg%3D%3D; Path=/; Secure; Max-Age=9999999
CakeCookie[lang]=eng; Path=/; Secure; Max-Age=9999999
CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; Path=/; Secure; Max-Age=9999999
CakeCookie[st_region]=MDM%3D; Path=/; Secure; Max-Age=9999999
CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; Path=/; Secure; Max-Age=9999999
CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true; Path=/; Secure; Max-Age=3600
x-cache-url: https://allfunmedia.com/registration?lang=eng&theme=m-2-pantherBKFX&cacheHash=MTk4MixhbGxmdW5tZWRpYS5jb20sL3JlZ2lzdHJhdGlvbixOTyxtLTItcGFudGhlckJLRlgsZW5nLCx0dXJuaHViLm5ldA==
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Abel | 142.250.74.106 | 200 OK | 380 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Abel IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (388), with no line terminators Hashf41ae1e191bbcf142c9dcda8392fc5b8 740ab624fa5ccaf2950469b0ccdf0ef395212bdb 9f562f4c727d55920faab9289a829289506e4a77dc80014d1a50c87f8fb00beb
GET /css?family=Abel HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.0.13/css/all.css | 172.67.142.245 | 200 OK | 41 kB |
URL GET HTTP/2use.fontawesome.com/releases/v5.0.13/css/all.css IP172.67.142.245:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (40884) Hashd61bfe9b56c13ecff5313ee3abb45e8b ecb7caed8f169c4ae226d85b82cfec19fc50d4ac 43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
GET /releases/v5.0.13/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://allfunmedia.com
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:57 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"d61bfe9b56c13ecff5313ee3abb45e8b"
last-modified: Fri, 22 Sep 2023 01:44:09 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 709857
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXE2WF9YwfVTVhnt5GZYa6nGp%2FLIoNBFooLXzNJdr0zxVqj4XvdixKPGXZYq%2BknvdRBdBxTa6u9fpS13NIanLhoMWI0ZpvXV03UosylIjd5FW2aDpJ%2FqEawK7G32RTiePuoUNEoR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880d59689ba65689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Yanone+Kaffeesatz | 142.250.74.106 | 200 OK | 4.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Yanone+Kaffeesatz IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (4770), with no line terminators Hash3f90b9d0443067b924f3f5ad2806eef0 2771493c7a95e1d1f4cf661b1d5b44b5ea56c4d2 48a2f822c8bcd665337bb9d6f83c261bd38122aeb93eb59d194e2f9311b064b4
GET /css?family=Yanone+Kaffeesatz HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Lato | 142.250.74.106 | 200 OK | 717 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Lato IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (733), with no line terminators Hashc9c62a38769c1a58126a2f8fa7f66d66 08590fc53991e4690ec26e433dcd606675acabad 2030b72bdbbd77f2a506d3860622158b427d727086ca5a4cf774830152fe64aa
GET /css?family=Lato HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Libre+Baskerville:400,400i&display=swap | 142.250.74.106 | 200 OK | 1.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Libre+Baskerville:400,400i&display=swap IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1733), with no line terminators Hashec70ae3a83e9faf6d4aa2b80edc914ea 250ae77abe759e7e24ed96ccb7e6e4d2018c6356 1a1aacf1019c07a10a596506374310784362d91b7cb6a0686a212c2328a116c1
GET /css?family=Libre+Baskerville:400,400i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/theme/Master/SubscriptionPages/css/subscriptions/theme/basic-main.71940dc3.css | 172.64.154.102 | 200 OK | 29 kB |
URL GET HTTP/2allfunmedia.com/theme/Master/SubscriptionPages/css/subscriptions/theme/basic-main.71940dc3.css IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typeASCII text, with very long lines (29083), with no line terminators Hash6a6e516cfbaef285aed82910f3261632 72c171458ff7eb7303ef591a2f3badd3dfb1a9cd 8f2436c004e1e3c866821e4570ff5564cccf8afa0a02734d5c706b8149891a79
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /theme/Master/SubscriptionPages/css/subscriptions/theme/basic-main.71940dc3.css HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: text/css
last-modified: Tue, 07 May 2024 17:29:52 GMT
vary: Accept-Encoding
etag: W/"663a6510-719b"
x-frame-options: SAMEORIGIN
content-encoding: gzip
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d596619fdb4ee-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat | 142.250.74.106 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1849), with no line terminators Hashf9bede8e0040dae7b773802d556ed574 3b54311abf21a8a22a7c39012bd4365561cd958e a431b718972726753c9f8bfc03334df3414b61b644f692c51673bfbe90164e4a
GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/theme/Master/SubscriptionPages/js/subscriptions/validation/min/regValidation.min.00040a27.js | 172.64.154.102 | 200 OK | 8.1 kB |
URL GET HTTP/2allfunmedia.com/theme/Master/SubscriptionPages/js/subscriptions/validation/min/regValidation.min.00040a27.js IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typeJavaScript source, ASCII text, with very long lines (8596), with no line terminators Hashd4878de0c62aa7f29c539c1eb65f92d6 b1e93fa4fd60a81827ce72341aba9dd7ee336446 6441a012177614c8a342fa0b25359f0071917182573e609de3167bb9d5ac16e4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /theme/Master/SubscriptionPages/js/subscriptions/validation/min/regValidation.min.00040a27.js HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 17:29:51 GMT
etag: W/"663a650f-1f92"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 5607
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d5966ca87b4ee-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Oswald:200,300,400 | 142.250.74.106 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Oswald:200,300,400 IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (5607), with no line terminators Hash238a5bf9df5444ec093cc4bf932663bc 9369bae15d8fcb9214765462073684c143152862 0e553f8fdda46bf73817be9b5978c6ddaff3946ff31ab5c0d4f178410b801ea1
GET /css?family=Oswald:200,300,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| allfunmedia.com/theme/Master/SubscriptionPages/css/subscriptions/theme/panther-basic.42fc4b7a.css | 172.64.154.102 | 200 OK | 53 kB |
URL GET HTTP/2allfunmedia.com/theme/Master/SubscriptionPages/css/subscriptions/theme/panther-basic.42fc4b7a.css IP172.64.154.102:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerLet's Encrypt Subjectallfunmedia.com FingerprintF9:11:1E:77:50:EA:AA:7A:A3:47:1D:AE:87:D0:C4:2E:CE:EB:0D:55 ValiditySat, 30 Mar 2024 17:32:49 GMT - Fri, 28 Jun 2024 17:32:48 GMT
File typeASCII text, with very long lines (52786), with no line terminators Hash7fac44ed16345f108a3229f17b85ae77 edf9f20f5f246c779c76fbdaa444623ce30317cc f8688533ff4ba17e4295163b2fc78ce91935cb243b1d23d81de6a5817d7986ae
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /theme/Master/SubscriptionPages/css/subscriptions/theme/panther-basic.42fc4b7a.css HTTP/1.1
Host: allfunmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb
Cookie: CakeCookie[a_aid]=MzYyamdmZGhwODg%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjYzYzBlZTZlMTI1MDQwMDAxNzg1NjEy; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=U1ZBMTY1UDE4ODlHTk9SMTEzNDhPODhYYXo%3D; CakeCookie[st_region]=MDM%3D; CakeCookie[v_id]=NmRlNzE0ZjUtYzY0Zi01ZmUzLTJhMjctZjM4MDM0MjE1M2Ji; CakeCookie[registrationaff_362jgfdhp88_SVA165P1889GNOR11348O88Xaz_fire_stats]=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 23:49:56 GMT
content-type: text/css
last-modified: Tue, 07 May 2024 17:29:52 GMT
vary: Accept-Encoding
etag: W/"663a6510-ce32"
x-frame-options: SAMEORIGIN
content-encoding: gzip
cf-cache-status: HIT
age: 4821
expires: Thu, 09 May 2024 03:49:56 GMT
cache-control: public, max-age=14400
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880d596619feb4ee-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900 | 142.250.74.106 | 200 OK | 13 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900 IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hasha2ba974c1b5419d50b52ea2dae73ed8b a6987c3dc65315875c6a5a4fc4913619d32fef67 4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d
GET /css?family=Roboto:100,200,300,400,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Raleway:400,400i&display=swap | 142.250.74.106 | 200 OK | 3.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Raleway:400,400i&display=swap IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (3839), with no line terminators Hash15dde69cbabf7f6917a1f00651197eb5 2c63ff08453668a81d6a2381bca65f83c04eb8c6 5614852f90b9c9d87e76701ee7a10bf7e1fc731fd359d19072e7e55a1a4aad09
GET /css?family=Raleway:400,400i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Candal | 142.250.74.106 | 200 OK | 386 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Candal IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (394), with no line terminators Hashc38a44eb976231c785e8c4fbddcd8d7c 081b12a59220a19e818ba8cd6e5553fe49efcc77 cd187243a42e186ff34a24e296b2170d0936a0bb6a163e6d0a2ac4cb4cc89a40
GET /css?family=Candal HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Anton | 142.250.74.106 | 200 OK | 1.1 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Anton IP142.250.74.106:443
Requested byhttps://allfunmedia.com/registration?a_aid=362jgfdhp88&capoUrl=turnhub.net&clickid=663c0ee6e125040001785612&entityId=2&page=m-2-pantherBK&pubid=SVA165P1889GNOR11348O88Xaz&st_region=03&theme=m-2-pantherBKFX&v_id=6de714f5-c64f-5fe3-2a27-f380342153bb CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1113), with no line terminators Hash3677d6ca2dcdda91ca2ead1496347666 16de6d2289fefa67931300707889e31129e47d10 555cce16ffe83ed4ee8716c73aa8b95b17f2d8e0afc150d18a4339af3bdbfd61
GET /css?family=Anton HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allfunmedia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 23:49:57 GMT
date: Wed, 08 May 2024 23:49:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|