Report - 149.202.9.9/

Report Overview

Submitted URL
149.202.9.9/
IP
149.202.9.9
ASN
#16276 OVH SAS
Submitted
2024-05-08 22:18:14
Access
public
Website Title
OFFSET | SEASON 2 - discord.offset.gg / Cfx.re
Final URL
cfx.re/join/5ploa6
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-08	1.1 kB	153 kB	216.58.207.227
privacyportal.onetrust.com	2831	2004-01-12	2018-05-24	2024-05-08	462 B	425 B	172.64.155.119
servers-live.fivem.net	231636	2014-08-13	2018-01-05	2024-03-22	456 B	97 kB	104.18.39.159
geolocation.onetrust.com	802	2004-01-12	2018-02-07	2024-05-07	457 B	468 B	104.18.32.137
cfx.re	102294	2019-07-18	2019-07-18	2024-04-17	474 B	5.4 kB	104.18.34.171
149.202.9.9	unknown	unknown	No data	No data	382 B	208 B	149.202.9.9
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-08	412 B	74 kB	142.250.74.168
forum.cfx.re	277231	2019-07-18	2019-12-15	2024-04-25	499 B	1.8 kB	104.18.34.171
s.rsg.sc	93009	2015-10-09	2018-10-22	2024-04-20	420 B	464 B	104.110.30.179
cdn.cookielaw.org	502	2011-06-20	2013-12-28	2024-05-08	4.7 kB	232 kB	104.19.178.52
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	448 B	25 kB	216.58.207.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	149.202.9.9	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js	458 kB	2024-05-03	2024-05-19
Pretty URL cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js IP 104.19.178.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 19:11:33 Last Seen2024-05-19 23:28:11 Times Seen146 Hash c44006abc4b9cbeabc46ece8c79aa638 53fe22fc5f03229e51f46324ab7cfae18a6c71f5 49cfbb9c8b20fbaab3a11bcecb48fb8448e617a746fa578baca0dc71a7e06540 Loading...

	cfx.re/join/5ploa6	362 B	2024-04-29	2024-05-15
Pretty URL cfx.re/join/5ploa6 IP 104.18.34.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-29 00:19:05 Last Seen2024-05-15 00:20:10 Times Seen3 Hash b3048ee2f848966aeb58cea1cc3d26b9 99af5e604eecaa493474b338d403195b7f7f92a1 e730b7fd8de83a13cd20a240a5d223161d29a1215d576f096d96fbfc7092b70a Loading...

	cdn.cookielaw.org/scripttemplates/otSDKStub.js	21 kB	2024-05-07	2024-05-19
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.19.178.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 23:39:37 Last Seen2024-05-19 23:28:11 Times Seen2162 Hash 0b240efaa8d49be60806096ca5b0ca04 6c0b504ace45134621201b82f0f53d77b0354678 6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88 Loading...

	cfx.re/join/5ploa6	0 B	2023-03-07	2024-05-20
Pretty URL cfx.re/join/5ploa6 IP 104.18.34.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 00:05:16 Times Seen37847016 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cfx.re/join/5ploa6	0 B	2023-03-07	2024-05-20
Pretty URL cfx.re/join/5ploa6 IP 104.18.34.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 00:05:16 Times Seen37847016 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MQH9XXRZ	211 kB	2024-05-09	2024-05-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MQH9XXRZ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 00:18:20 Last Seen2024-05-09 00:18:20 Times Seen2 Hash fa45bddfa4723da18da2438283c847d7 59dcdcaa402feab9f676652f0146586dd08bc8d8 52f4ff1ae4f2a60e7c61dcc72b95d8585c6a3d10d81e3bad24dcf0f794d06eac Loading...

HTTP Transactions (21)

URL IP Response Size

149.202.9.9/

149.202.9.9

302 Found

14 B

URL User Request GET HTTP/1.1
149.202.9.9/
IP
149.202.9.9:80
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
14 B (14 bytes)
Hash
2ea624d388b73c5ad7976bbb9d758a4f
a7e1d420aec892c6e2d9ea786a9b2533417cc1d1
cd23991b4e02a17e5a224a1f8265c5a187ab366b40b8f8a14608371feb8f6e25

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 149.202.9.9
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: Evolution Host multi-point mitigation
Date: Wed, 08 May 2024 22:17:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cfx.re/join/5ploa6

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.19.178.52

200 OK

6.9 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21229)
Size
6.9 kB (6881 bytes)
Hash
0b240efaa8d49be60806096ca5b0ca04
6c0b504ace45134621201b82f0f53d77b0354678
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:47 GMT
content-type: application/javascript
content-length: 6881
content-encoding: gzip
content-md5: Dw6K+rTuf8kOuPIEBw1QQA==
last-modified: Mon, 06 May 2024 19:45:11 GMT
etag: 0x8DC6E050A941AA8
x-ms-request-id: 7cb9e583-301e-002a-5b98-a0342c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 27985
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880cd267982d56bb-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-MQH9XXRZ

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MQH9XXRZ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5648)
Size
73 kB (73188 bytes)
Hash
fa45bddfa4723da18da2438283c847d7
59dcdcaa402feab9f676652f0146586dd08bc8d8
52f4ff1ae4f2a60e7c61dcc72b95d8585c6a3d10d81e3bad24dcf0f794d06eac

HTTP Headers

GET /gtm.js?id=GTM-MQH9XXRZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 22:17:47 GMT
expires: Wed, 08 May 2024 22:17:47 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/018ddcc0-8784-723d-8905-940fa3cc3ec4/018ddcc0-8784-723d-8905-940fa3cc3ec4.json

104.19.178.52

200 OK

1.8 kB

URL GET HTTP/2
cdn.cookielaw.org/consent/018ddcc0-8784-723d-8905-940fa3cc3ec4/018ddcc0-8784-723d-8905-940fa3cc3ec4.json
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
1.8 kB (1800 bytes)
Hash
5b7702ead0e76df8940860ed1f812836
260bcfc617df7cfd3468d0ba1177ffc5b94b3244
ba03422ada3246c309f20ae927f2df815f836f53bdb3d4e358bd144e22d91179

HTTP Headers

GET /consent/018ddcc0-8784-723d-8905-940fa3cc3ec4/018ddcc0-8784-723d-8905-940fa3cc3ec4.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cfx.re
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:47 GMT
content-type: application/x-javascript
content-length: 1800
cf-ray: 880cd26909e756a8-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 12723
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC6EA3771637DC
expires: Thu, 09 May 2024 22:17:47 GMT
last-modified: Tue, 07 May 2024 14:39:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: d6f7iZxPn6YedKfVmjJEbQ==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: b2ca48e0-a01e-000d-198c-a0ae65000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Fira+Code|Material+Icons&display=swap

216.58.207.234

200 OK

24 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Fira+Code|Material+Icons&display=swap
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
24 kB (24084 bytes)
Hash
bf3d8fb0fa018d1a3178c0ace71c26dc
bd367224049fea7096e7774335f9aa77fcf83d36
bd396e2cdd7a70fa33e8092e45b5b76adfa91e46f2d45b3d12547a10c2e0a9e1

HTTP Headers

GET /css?family=Fira+Code|Material+Icons&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 22:17:47 GMT
date: Wed, 08 May 2024 22:17:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

128 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cfx.re
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:43:48 GMT
expires: Sat, 03 May 2025 03:43:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
age: 498839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js

104.19.178.52

200 OK

111 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
111 kB (111087 bytes)
Hash
c44006abc4b9cbeabc46ece8c79aa638
53fe22fc5f03229e51f46324ab7cfae18a6c71f5
49cfbb9c8b20fbaab3a11bcecb48fb8448e617a746fa578baca0dc71a7e06540

HTTP Headers

GET /scripttemplates/202404.1.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:47 GMT
content-type: application/javascript
content-length: 111087
content-encoding: gzip
content-md5: lAa4newgeifCObgQn9TUrg==
last-modified: Mon, 06 May 2024 02:33:25 GMT
etag: 0x8DC6D74E83907A1
x-ms-request-id: 5e38c958-a01e-00a7-58be-9f788a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 29343
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880cd26a4aaa56bb-OSL
X-Firefox-Spdy: h2

forum.cfx.re/uploads/default/optimized/4X/3/8/7/38769c61a46ed86700c737079f043c5ae89673a0_2_32x32.png

104.18.34.171

200 OK

1.4 kB

URL GET HTTP/2
forum.cfx.re/uploads/default/optimized/4X/3/8/7/38769c61a46ed86700c737079f043c5ae89673a0_2_32x32.png
IP
104.18.34.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerLet's Encrypt
Subjectcfx.re
FingerprintF1:5C:8B:F0:6D:D4:6C:1B:19:44:A6:F2:69:EB:BB:BA:BB:69:51:00
ValiditySun, 31 Mar 2024 23:40:33 GMT - Sat, 29 Jun 2024 23:40:32 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
1.4 kB (1372 bytes)
Hash
e66dbe6f19b4fb5cf6c72f65d40bc926
dcf235b2415f2e302b5b880389cd75da8c9afefe
6dda1aa0ce59cfb8e5563d597c38424b3e22201a2c4f93cd8d9de4b0f3720b71

HTTP Headers

GET /uploads/default/optimized/4X/3/8/7/38769c61a46ed86700c737079f043c5ae89673a0_2_32x32.png HTTP/1.1
Host: forum.cfx.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:47 GMT
content-type: image/png
content-length: 1372
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 22:17:47 GMT
last-modified: Mon, 19 Aug 2019 11:15:49 GMT
cf-cache-status: HIT
age: 19647
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cd26a6f800afa-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/018ddcc0-8784-723d-8905-940fa3cc3ec4/724c0a61-8423-4ed8-9602-8e3c1b42b04d/en.json

104.19.178.52

200 OK

14 kB

URL GET HTTP/2
cdn.cookielaw.org/consent/018ddcc0-8784-723d-8905-940fa3cc3ec4/724c0a61-8423-4ed8-9602-8e3c1b42b04d/en.json
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
14 kB (14427 bytes)
Hash
15adebffc85edaf640d2c17c17c523ec
523d30120dcc544fdc5df2a397208d182a99677b
3ce6f60443f9f9a6269001f750dd148a7af8d22f57e0e0c85c96f07e94b3971c

HTTP Headers

GET /consent/018ddcc0-8784-723d-8905-940fa3cc3ec4/724c0a61-8423-4ed8-9602-8e3c1b42b04d/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cfx.re/
Origin: https://cfx.re
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:47 GMT
content-type: application/x-javascript
content-length: 14427
cf-ray: 880cd26acb4256a8-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 24989
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC6EA37AFFB110
expires: Thu, 09 May 2024 22:17:47 GMT
last-modified: Tue, 07 May 2024 14:39:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: 2rntxMpUyCdQra23d4DUpA==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 064c252b-701e-008c-658c-a00c32000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otFloatingRoundedCorner.json

104.19.178.52

200 OK

2.6 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otFloatingRoundedCorner.json
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
2.6 kB (2627 bytes)
Hash
692b31f88ff93c52af07298994f1fa52
55bf1a25255e92ed29c7a8b5c5b3a17defc991c3
e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501

HTTP Headers

GET /scripttemplates/202404.1.0/assets/otFloatingRoundedCorner.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cfx.re/
Origin: https://cfx.re
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:48 GMT
content-type: application/json
content-length: 2627
content-encoding: gzip
content-md5: THlui2y8bB3JUMmxNLOc4g==
last-modified: Mon, 06 May 2024 02:33:21 GMT
etag: 0x8DC6D74E56BF8A1
x-ms-request-id: 5d838a9f-f01e-001e-018c-a09b84000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 24989
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880cd26b1b8256a8-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202404.1.0/assets/v2/otPcCenter.json

104.19.178.52

200 OK

13 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/v2/otPcCenter.json
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
13 kB (12755 bytes)
Hash
40c632ebf19bf0790b9ec14a792680d6
bafc1969046ea24c3368a14464cc3242c767e2cb
3acd5c9271c2cd33f5135df43ae4c574e4d524282e5322137b77cdb4a5524bb4

HTTP Headers

GET /scripttemplates/202404.1.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cfx.re/
Origin: https://cfx.re
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:48 GMT
content-type: application/json
content-length: 12755
content-encoding: gzip
content-md5: Uk7SEJlbISSu9jHcSH0bhA==
last-modified: Mon, 06 May 2024 02:33:21 GMT
etag: 0x8DC6D74E5D49631
x-ms-request-id: 194a8f80-901e-0005-578c-a0b516000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 24989
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880cd26b1b8956a8-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/logos/3efb95b4-aed7-4aa8-85d8-488eb074fa8c/8d9316c1-2ab6-4a2f-9582-ad18d8bfede6/4439df62-7489-4d15-b892-f1b5b6dd029d/Rockstar_Games_Logo.png

104.19.178.52

200 OK

51 kB

URL GET HTTP/2
cdn.cookielaw.org/logos/3efb95b4-aed7-4aa8-85d8-488eb074fa8c/8d9316c1-2ab6-4a2f-9582-ad18d8bfede6/4439df62-7489-4d15-b892-f1b5b6dd029d/Rockstar_Games_Logo.png
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 1113 x 1024, 8-bit/color RGBA, non-interlaced
Size
51 kB (50950 bytes)
Hash
fb6e2549bfadef5bcdf6140a73f6d107
b348ec50f55363873b060099c006097f9ae5f9f1
b33e4f51a9c57fa7a76dae7899000b35c5f4e413c7b8d40a1c3a9a2540d3b5aa

HTTP Headers

GET /logos/3efb95b4-aed7-4aa8-85d8-488eb074fa8c/8d9316c1-2ab6-4a2f-9582-ad18d8bfede6/4439df62-7489-4d15-b892-f1b5b6dd029d/Rockstar_Games_Logo.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:48 GMT
content-type: image/png
content-length: 50950
content-md5: +24lSb+t71vN9hQKc/bRBw==
last-modified: Tue, 12 Jul 2022 15:20:30 GMT
etag: 0x8DA641A0ECEBC32
x-ms-request-id: a06e2310-d01e-0013-1683-131d8f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 7490
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880cd26b6bf156bb-OSL
X-Firefox-Spdy: h2

s.rsg.sc/shared/onetrust/cross.png

104.110.30.179

200 OK

160 B

URL GET HTTP/2
s.rsg.sc/shared/onetrust/cross.png
IP
104.110.30.179:443
ASN
#16625 AKAMAI-AS

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerDigiCert Inc
Subjectwww.rockstargames.com
Fingerprint8F:29:A3:A1:BA:94:85:9E:3E:8A:0F:BE:BA:1F:21:AD:5E:E1:2C:BC
ValidityMon, 07 Aug 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit grayscale, non-interlaced
Size
160 B (160 bytes)
Hash
01bfae86e3b07a832169438e1339b981
0c2d570bf4f2c0e39c51ac96921b31406803f739
45fbca727817c5a7d1bfad453f5113d7ab0013e2d873126213604644c1226635

HTTP Headers

GET /shared/onetrust/cross.png HTTP/1.1
Host: s.rsg.sc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-length: 160
content-type: image/png
etag: "01bfae86e3b07a832169438e1339b981:1661417810.897867"
last-modified: Wed, 24 Aug 2022 11:54:15 GMT
server: AkamaiNetStorage
date: Wed, 08 May 2024 22:17:48 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

privacyportal.onetrust.com/request/v1/consentreceipts

172.64.155.119

201 Created

0 B

URL POST HTTP/2
privacyportal.onetrust.com/request/v1/consentreceipts
IP
172.64.155.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerLet's Encrypt
Subjectonetrust.com
FingerprintCD:4F:E2:0E:95:98:54:16:D5:0E:9B:55:49:00:D8:3D:12:52:62:53
ValidityThu, 18 Apr 2024 23:14:46 GMT - Wed, 17 Jul 2024 23:14:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /request/v1/consentreceipts HTTP/1.1
Host: privacyportal.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 11047
Origin: https://cfx.re
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 201 Created
date: Wed, 08 May 2024 22:17:48 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cd26d8ebd0afe-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/logos/static/ot_guard_logo.svg

104.19.178.52

200 OK

844 B

URL GET HTTP/2
cdn.cookielaw.org/logos/static/ot_guard_logo.svg
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
844 B (844 bytes)
Hash
ecc3ca5148c898550622cf9c8fd0c6f8
e14dc8199f61f7a93e63759284b8407cd12a8524
2506003c42913667e9fa2b99795d1e4eab49654472a060e0a0b7b274624b17a3

HTTP Headers

GET /logos/static/ot_guard_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cfx.re/
Origin: https://cfx.re
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:48 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Mon, 06 May 2024 19:45:13 GMT
x-ms-request-id: 3644b21d-f01e-005a-7885-a047e8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 59980
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880cd26b7bd056a8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

servers-live.fivem.net/servers/icon/5ploa6/503844325.png

104.18.39.159

200 OK

96 kB

URL GET HTTP/2
servers-live.fivem.net/servers/icon/5ploa6/503844325.png
IP
104.18.39.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectfivem.net
FingerprintDD:40:45:5D:93:42:CD:46:22:5F:F7:7B:6A:77:6F:F1:AE:F3:BE:F7
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 96 x 96, 8-bit colormap, non-interlaced
Size
96 kB (96344 bytes)
Hash
7a17ce5fadbb63be2a58c2783014f313
938837f4202dd372042012ae2fa9579c64d3553b
86ce04aefdfc6f1ba16033811ec3df51afd45bde6f6dfa1556c2921addd0727c

HTTP Headers

GET /servers/icon/5ploa6/503844325.png HTTP/1.1
Host: servers-live.fivem.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:47 GMT
content-type: image/png
cache-control: public, max-age=1382400
etag: "5ploa6_503844325"
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 369181
expires: Fri, 24 May 2024 22:17:47 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880cd2679b2d0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otCommonStyles.css

104.19.178.52

200 OK

17 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otCommonStyles.css
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
17 kB (17041 bytes)
Hash
fd14b4881357f5a1be082bc4029df765
45dfbb6f7573649d72b1808d5d71b9491aaac07f
d66e3fa354ef9f98abc81926de353cc20c4badee696c58bc974e1df9d6052154

HTTP Headers

GET /scripttemplates/202404.1.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cfx.re/
Origin: https://cfx.re
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:48 GMT
content-type: text/css
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
last-modified: Mon, 06 May 2024 02:33:30 GMT
x-ms-request-id: 84b7c33f-601e-0032-038c-a019b9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 24989
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880cd26b1b8a56a8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

geolocation.onetrust.com/cookieconsentpub/v1/geo/location

104.18.32.137

200 OK

72 B

URL GET HTTP/2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP
104.18.32.137:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectonetrust.com
Fingerprint9B:BC:B4:A8:C7:6C:6C:02:0F:FD:9F:06:F2:67:FB:DD:A1:E0:3F:47
ValidityMon, 13 Nov 2023 00:00:00 GMT - Tue, 12 Nov 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
adf75b99dbbf416c627dfc5de30f9ad1
699f3845f7dfb3fa9968c2117b44c3f3eb728fff
a0e4a8f457272bd17d07ae2e1e09731df6cc6fdc3ea9e32e713ef4a8a012fc27

HTTP Headers

GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cfx.re
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:47 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cd269cdd356ba-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.cookielaw.org/logos/static/powered_by_logo.svg

104.19.178.52

200 OK

5.2 kB

URL GET HTTP/2
cdn.cookielaw.org/logos/static/powered_by_logo.svg
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
5.2 kB (5194 bytes)
Hash
38b5388f36f8f885deb26afdac0e3116
112eccab1891a3a7cab1c5602ba72c9e127136e0
a8562f11c5a80a5c1c4ab388cfa2a69598203a57a5c67d1f80512bddd80d09ef

HTTP Headers

GET /logos/static/powered_by_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfx.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:48 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Mon, 06 May 2024 19:45:14 GMT
x-ms-request-id: 3874c187-b01e-0074-08b1-a0c72f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 13172
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880cd26b6bf456bb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cfx.re/join/5ploa6

104.18.34.171

200 OK

5.0 kB

URL User Request GET HTTP/2
cfx.re/join/5ploa6
IP
104.18.34.171:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcfx.re
FingerprintF1:5C:8B:F0:6D:D4:6C:1B:19:44:A6:F2:69:EB:BB:BA:BB:69:51:00
ValiditySun, 31 Mar 2024 23:40:33 GMT - Sat, 29 Jun 2024 23:40:32 GMT

File type
HTML document, ASCII text, with very long lines (5278), with no line terminators
Size
5.0 kB (5039 bytes)
Hash
a68a38951df6058af59e5676474b0fc0
4843838ff16962a851b43573ddbc273b57b4a7d3
bc7035ca2f0d2fce46708a4f6292b1f1b20cf5761a4ba2e18780ed49524dd605

HTTP Headers

GET /join/5ploa6 HTTP/1.1
Host: cfx.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 22:17:47 GMT
content-type: text/html; charset=utf-8
etag: W/"sa8jat3zu"
last-modified: Tue, 12 Mar 2024 12:42:29 GMT
x-citizenfx-join-token: 5ploa6
x-citizenfx-url: https://ojlkdo4n.filter.evo-filter.com/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 880cd2659c0d0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/firacode/v22/uU9eCBsR6Z2vfE9aq3bL0fxyUs4tcw4W_D1sJVD7Ng.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/firacode/v22/uU9eCBsR6Z2vfE9aq3bL0fxyUs4tcw4W_D1sJVD7Ng.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cfx.re/join/5ploa6
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23352, version 1.0
Size
23 kB (23352 bytes)
Hash
95236674c9162f0db8adb97f346cca28
a6270be12e588da2c6b2d67275875350916df5da
5246d691e3e54f6c2367c96f2d011cf4c10b9765b48a2e3af97335008b41b06e

HTTP Headers

GET /s/firacode/v22/uU9eCBsR6Z2vfE9aq3bL0fxyUs4tcw4W_D1sJVD7Ng.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cfx.re
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:32:26 GMT
expires: Sat, 03 May 2025 16:32:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:22:30 GMT
content-type: font/woff2
age: 452721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN