Report - iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction

Report Overview

Submitted URL
iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
IP
172.67.68.37
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 21:16:20
Access
public
Website Title
(1) Alerta de premio!!! Programa de fidelización
Final URL
iwanttogetmore.com/page
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2024-05-06	1.0 kB	1.1 kB	139.45.197.250
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	460 B	4.0 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-06	1.8 kB	101 kB	104.17.24.14
iwanttogetmore.com	unknown	2023-07-10	2023-08-05	2024-01-19	5.5 kB	91 kB	104.26.2.21
woudaufe.net	unknown	2022-10-03	2022-10-03	2024-04-30	1.1 kB	18 kB	139.45.197.251
jouteetu.net	260109	2021-07-08	2021-07-15	2024-05-07	1.4 kB	1.9 kB	139.45.197.251

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	woudaufe.net	Sinkholed
2024-05-07	medium	woudaufe.net	Sinkholed
2024-05-07	medium	amunfezanttor.com	Sinkholed
2024-05-07	medium	amunfezanttor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/box_o.js?v=1.14	4.2 kB	2024-04-24	2024-05-09
Pretty URL iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/box_o.js?v=1.14 IP 104.26.2.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 01:24:08 Last Seen2024-05-09 22:24:07 Times Seen14 Hash ab4a9bc2c2681107a38e0f82e0d6508d 6936769e72f22df7bbc6d30495ddbdd6fe314fe5 361ee89ad0d7a524dc000e4dd95b8f9b07361860882b56c25c82f309f542f5cc Loading...

	woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js	37 kB	2024-04-25	2024-05-15
Pretty URL woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 13:01:48 Last Seen2024-05-15 20:42:51 Times Seen2522 Hash 32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de Loading...

	iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432	1.3 kB	2024-04-28	2024-05-07
Pretty URL iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 IP 104.26.2.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 21:55:59 Last Seen2024-05-07 23:16:21 Times Seen3 Hash c392c5681435add85338867808049bc7 893ec26fbae1334f95ae41a5796059ce8fd365ba 29adc66004bfb1b69c6d05910f323d36f1dc2b7645c5cb7be65d1d3ee16a63f8 Loading...

	iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432	183 B	2024-04-27	2024-05-09
Pretty URL iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 IP 104.26.2.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:14:22 Last Seen2024-05-09 22:24:07 Times Seen11 Hash a11d55ede9e0cdafd23f3475077e08bb 5a3afb8d28a2ae5b4a985df9aca0f2fa18cd9b00 7ef16a078d4d4185948aa37a85570f540759fd83a3c2fbb5c81b3de68e94e324 Loading...

	iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432	638 B	2023-03-07	2024-05-19
Pretty URL iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 IP 104.26.2.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:40:57 Last Seen2024-05-19 15:09:26 Times Seen27 Hash d33e088291f168e501e8fce777703da4 54e662e52cb4ffc32bf2c0bc4856defdc88b5107 1fdf9d0ff650012045283b3da64c5a1ed35d063352025829de464ad1529d7c87 Loading...

	iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432	756 B	2023-04-02	2024-05-19
Pretty URL iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 IP 104.26.2.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-02 21:23:16 Last Seen2024-05-19 15:09:26 Times Seen25 Hash 5c9f496ec02d2fa3997d222fcc2b6208 4ca72ccf9434db34764ddb98850bbcadf7a0d59e 26edda7aed58f8a6cfaa5836fb5927048ac028d055b57e6446df4cd1acc5bb20 Loading...

	iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/preload_o.min.js?v=1.14	18 kB	2024-04-24	2024-05-19
Pretty URL iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/preload_o.min.js?v=1.14 IP 104.26.2.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 01:24:08 Last Seen2024-05-19 15:09:27 Times Seen30 Hash a32d40b2f01f5a74c8077e46a4a8a73d 7abaeaf47545c71abc18c731d7bdfcbabcda087f b55e30ce0e6f42daacd35842c1edfc675673aa5d436a26ff8d8b796932ceda6c Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js	88 kB	2023-08-31	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03:19 Last Seen2024-05-19 17:40:04 Times Seen9820 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js	208 kB	2024-02-29	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-29 23:15:34 Last Seen2024-05-19 15:09:26 Times Seen58 Hash 4d456e43291a691699c12a9027f1f13a e2e691b338e64a94e68be7f4d2aded08fcca0759 9a4a11a15db88d5fab08f59c1c34796b03f1f15bb3cc928dd226e1c59f7f59a3 Loading...

HTTP Transactions (21)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
27 kB (27446 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8022
expires: Sun, 27 Apr 2025 21:15:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SZ5j15VPkD%2BmlGRXEFLolexaew%2BbQURFcfhBNu7jdICVLSqRHxUin8ZYceDnksHznZS5lJxsOaTopYNHeiYSfCHEznnw1%2FnNo%2B7%2Fw7mNKS4kX73abgFsC9YXI2IWXFg6DyYSsNj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88043a6a6b4c0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css

104.17.24.14

200 OK

23 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65342)
Size
23 kB (22709 bytes)
Hash
a549af2a81cd9900ee897d8bc9c4b5e9
c5ac1dee961cb59a045256ec203f69e317872f7c
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8

HTTP Headers

GET /ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: text/css; charset=utf-8
content-length: 22709
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65d4c5f6-58b5"
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 608615
expires: Sun, 27 Apr 2025 21:15:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ad8KMPWtJl79bCOHfYajMFjskFMPODh7%2BAZTpFh6GnlopGcdupDVq7x0hM1DPaHoVnAn0xBnJi4dcIJkCC47jXO%2BE1AMHDYUr5YMNa2KCsI150TuTKdTzMb9iidpMCd4vMzLa83A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88043a6a7b540b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

104.17.24.14

200 OK

10 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (59119)
Size
10 kB (10462 bytes)
Hash
ecd507b3125edc4d2a03aa6ae5d07da9
a57ee68d11601b0fd8e5037fc241ff65a754473c
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

HTTP Headers

GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: text/css; charset=utf-8
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 614257
expires: Sun, 27 Apr 2025 21:15:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbK6s%2FPdOqjUFJLsHXFBXfpEd5TIP2UV0vyNxQvxbRoG7tUJj3gWNiZ%2FSW5hJq6WgpA%2ByE7U8UQkZkbbAgdPBEgb5F%2FVCPcWEplfrppjFF0sTNwPpTzAFHxY4bTJI%2Fe%2FJchuJmVj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88043a6a8b630b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js

104.17.24.14

200 OK

36 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (620)
Size
36 kB (36257 bytes)
Hash
4d456e43291a691699c12a9027f1f13a
e2e691b338e64a94e68be7f4d2aded08fcca0759
9a4a11a15db88d5fab08f59c1c34796b03f1f15bb3cc928dd226e1c59f7f59a3

HTTP Headers

GET /ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 36257
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65d4c5f6-8da1"
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 622470
expires: Sun, 27 Apr 2025 21:15:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlGxoAttWchKgW1xkjf4EkLGtv2MASSmFaz7yZbffJu1Ggtfk6wD6drvmulNliuzXn1azx3MoHvdx7K4We8DSmD7iKqmqYoaeqCgmt5P7iZFg%2B6SkGK4LcjX66%2Fk4XPJBDybB1qE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88043a6a8b660b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/seasons/162/letter-00.png

104.26.2.21

200 OK

25 kB

URL GET HTTP/2
iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/seasons/162/letter-00.png
IP
104.26.2.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerGoogle Trust Services LLC
Subjectiwanttogetmore.com
Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8
ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT

File type
PNG image data, 258 x 184, 8-bit/color RGBA, non-interlaced
Size
25 kB (25236 bytes)
Hash
e45d217d96fcfdecd2f0d236e06b6b30
82ece521c195148c117d760e536fc17b9a0e4801
084e31c469393993b821513561acd20fd163fd41836affac626b5c868ec06720

HTTP Headers

GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/seasons/162/letter-00.png HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:56 GMT
content-type: image/png
content-length: 25236
last-modified: Mon, 06 May 2024 09:54:20 GMT
etag: "6638a8cc-6294"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5018
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKMIWAXT8nvIQ2tLDoKX1p0tor9hw7SOhCAlmaq9Pr2zSUgK4BnpwNX1fcPF%2F61k8MQb5y%2Bxxe87FAfF8XrIaLPVm5E53VXn34kkvisyH%2Bn659XDEvPpIdsyWavFk3f7llesTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6c3831b511-OSL
X-Firefox-Spdy: h2

woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js

139.45.197.251

200 OK

17 kB

URL GET HTTP/2
woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerLet's Encrypt
Subjectwoudaufe.net
Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5
ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT

File type
gzip compressed data, max speed, from Unix
Size
17 kB (17191 bytes)
Hash
d88919695b00582685c99d414f28f6db
44c2929293dfe5d7cd0757d1d7e76b08e9de919d
b7c8255c01c7666304393288a644b40d1b3cce9b9075424913f47109eae2aebf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
etag: W/"662a3513-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

woudaufe.net/zone?&pub=0&zone_id=5759770&is_mobile=false&domain=iwanttogetmore.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=4d9b05c9-516c-48fa-9965-f65272e4ecae&action=prerequest

139.45.197.251

200 OK

0 B

URL POST HTTP/2
woudaufe.net/zone?&pub=0&zone_id=5759770&is_mobile=false&domain=iwanttogetmore.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=4d9b05c9-516c-48fa-9965-f65272e4ecae&action=prerequest
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerLet's Encrypt
Subjectwoudaufe.net
Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5
ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5759770&is_mobile=false&domain=iwanttogetmore.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=4d9b05c9-516c-48fa-9965-f65272e4ecae&action=prerequest HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-length: 0
x-trace-id: 719fa6d963afb6c8a70e3cb44c8dc8e4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 255
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 62cb63b409931e5ed60d25cc28b0f64f
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 257
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a4bfc042af785bec4885dbdf30cb9969
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 258
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 88da1362ad2211f0061d7621cc230cdc
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://iwanttogetmore.com/
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type
JSON text data
Size
94 B (94 bytes)
Hash
dd6ce5a54466b34244d5ed37d15be10f
9e1908c6306e72100eae4ee9598a93645e339a03
91b1fac37482ad8f2f2831972f56736204ff8468fb42023994eda4433750d0f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iwanttogetmore.com/
Content-Type: application/json
Content-Length: 875
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

142.250.74.106

200 OK

3.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
3.4 kB (3384 bytes)
Hash
906959bb3fa223045c286acde976330d
227a2ad95d8524d7ca4050d29f2222305a6f00c7
635f649cd3783e1d6a447445c6cbda82df6e09ef3ce938aaea27b97ce9d1d6e5

HTTP Headers

GET /css2?family=Roboto:wght@400;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:15:55 GMT
date: Tue, 07 May 2024 21:15:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/css/style.min.css?v=1.14

104.26.2.21

200 OK

8.0 kB

URL GET HTTP/2
iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/css/style.min.css?v=1.14
IP
104.26.2.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerGoogle Trust Services LLC
Subjectiwanttogetmore.com
Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8
ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT

File type
ASCII text, with very long lines (7965), with no line terminators
Size
8.0 kB (7963 bytes)
Hash
2262c2e53a8b322777b6eb511d29af7c
a29de156da1bd664d0efa52a29a99972876875ed
332d038e0a8f9aa4d78be40da4977133f4679121160024b2590f8f513afcea44

HTTP Headers

GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/css/style.min.css?v=1.14 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: text/css
last-modified: Mon, 06 May 2024 09:47:27 GMT
etag: W/"6638a72f-1f1b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FfFwSC6pROBVLOZ1AjUwty8BGRlYgwMTgb8xqvjwwH2Kp8tmUcJeNu%2BcNxvSI85yZQyXm1wD4tQigCSAOVFVFPGQNLFC7Di0YQP%2FQtnfi%2Fv9wf2FYGh9KQQW9E0RkZ8hNXTGPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6a1cb2b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/favicon.png

104.26.2.21

200 OK

2.5 kB

URL GET HTTP/2
iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/favicon.png
IP
104.26.2.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerGoogle Trust Services LLC
Subjectiwanttogetmore.com
Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8
ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2512 bytes)
Hash
adacb828139375adbd92f9f1bea5d012
f3e090aca77454b266360f17967b65add7292ce8
1fe30add0127d73534be3fdf272792c18f54bb4a5d6b335221b2587ac9e99fe6

HTTP Headers

GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/favicon.png HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:56 GMT
content-type: image/png
content-length: 2512
last-modified: Mon, 06 May 2024 09:54:20 GMT
etag: "6638a8cc-9d0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5018
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBWQJ%2FWMmgZvpVfVYuyM5v3ejlCF5cb3D194H3EjpDeqrEWmgeT7Qx9tLuBcXQLm2GQJbX9SXrkEKqtazxXvHeAsGlovgR7pXt2WLarCR6kFhWtnNZEiyDnlLLWaWRv4WWJELw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6d19a2b511-OSL
X-Firefox-Spdy: h2

iwanttogetmore.com/sw-check-permissions-82431.js?zoneId=5759770

104.26.2.21

200 OK

566 B

URL GET HTTP/2
iwanttogetmore.com/sw-check-permissions-82431.js?zoneId=5759770
IP
104.26.2.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerGoogle Trust Services LLC
Subjectiwanttogetmore.com
Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8
ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT

File type
ASCII text, with very long lines (605), with no line terminators
Size
566 B (566 bytes)
Hash
686535c4472d3a1b2f93529397abd300
131f74272eec6fe9819d587917ccf776153b66e4
38ad0f3b4884f108391ab18dfb9d0b69ca2fe3f6f7932f59a3d70aeaee087d8b

HTTP Headers

GET /sw-check-permissions-82431.js?zoneId=5759770 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 09:47:27 GMT
etag: W/"6638a72f-236"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gi8%2FitfphESdsjC87sDtQtq73tw3j4Cxudb70LXg2nMNiO4Vck6ETW8fsTaFulJXbU6T7CKNCXnWiznDjHyifAF1zBacFyGlkdqFRAAbDsaWsvwD2yRPVUubTiI%2FpHI0xDYSYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6d9a64b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/templates/box/box_letter.css?v=1.14

104.26.2.21

200 OK

3.2 kB

URL GET HTTP/2
iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/templates/box/box_letter.css?v=1.14
IP
104.26.2.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerGoogle Trust Services LLC
Subjectiwanttogetmore.com
Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8
ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT

File type
ASCII text, with very long lines (3396), with no line terminators
Size
3.2 kB (3211 bytes)
Hash
ba6242d390b0c782b79ba07cbe5118fe
2f60a5d46063f9005f3d7b641a834c4113a11e1e
219ee9df98776c5d29468ba8deb3c5622f88a7b08edda067dcb1d3645d9463c0

HTTP Headers

GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/templates/box/box_letter.css?v=1.14 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: text/css
last-modified: Mon, 06 May 2024 09:47:27 GMT
etag: W/"6638a72f-c8b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pYV2QZdsHTjXZuPgvj6QeTIBnto8q2zJwUHfCSD4qyKXVcCsFyl2hN0kIgZ%2F5AVNiad7ByExc15ykn8rAWtlNtVYtMumLGxPNempSr0CGLF0hKSI0027wcFCc17hQe4hTdHKFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6a2cc8b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/box_o.js?v=1.14

104.26.2.21

200 OK

4.2 kB

URL GET HTTP/2
iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/box_o.js?v=1.14
IP
104.26.2.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerGoogle Trust Services LLC
Subjectiwanttogetmore.com
Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8
ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT

File type
JavaScript source, ASCII text, with very long lines (4184), with no line terminators
Size
4.2 kB (4179 bytes)
Hash
540bfe138c793172e999f49b394ee71e
d9bd4b33fc83ba9c878365eb93b214f0e8f1b44b
b38ef2303ee7080d8fa982a22f79ebbfc138ac7f69bbc27f2d61ed1c9d60c7f1

HTTP Headers

GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/box_o.js?v=1.14 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 09:47:27 GMT
etag: W/"6638a72f-1053"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5017
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s7%2FOu3Mj10cf4cdBD9MRL4aDwvVc3py6UBjXFlr6y4DkOGi2uThwHBC7k3x0RnNUlGRFWPfGO0B%2Bf61sDFQoAFJ7B6Ctu1jN7Eamre9brPlVAP6tv3r5UR%2F1miaKcd1g1%2F9OUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6a2ccab511-OSL
content-encoding: br
X-Firefox-Spdy: h2

iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/preload_o.min.js?v=1.14

104.26.2.21

200 OK

18 kB

URL GET HTTP/2
iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/preload_o.min.js?v=1.14
IP
104.26.2.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerGoogle Trust Services LLC
Subjectiwanttogetmore.com
Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8
ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT

File type
JavaScript source, ASCII text, with very long lines (17559), with no line terminators
Size
18 kB (17559 bytes)
Hash
a32d40b2f01f5a74c8077e46a4a8a73d
7abaeaf47545c71abc18c731d7bdfcbabcda087f
b55e30ce0e6f42daacd35842c1edfc675673aa5d436a26ff8d8b796932ceda6c

HTTP Headers

GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/preload_o.min.js?v=1.14 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 09:47:27 GMT
etag: W/"6638a72f-4497"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5017
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NODasp%2BB2%2Bo%2BXh6XZLsleyX9ea8EZK0huujcUu6RGtqzCSannpQFXal%2FVyVhtlO3YnGuFukDbTxlUdkY7PPS8%2BQa419IajIcjr%2Fm6jBLeHtfcMkocODqqa4RhZ5b5hYpURu2sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6a2cc5b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/img/brand-logo.svg

104.26.2.21

200 OK

11 kB

URL GET HTTP/2
iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/img/brand-logo.svg
IP
104.26.2.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Certificate
IssuerGoogle Trust Services LLC
Subjectiwanttogetmore.com
Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8
ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT

File type
SVG Scalable Vector Graphics image
Size
11 kB (10595 bytes)
Hash
665616c2aeadc53d133fed41c243a3c0
86ed0cd124d2dbb43ef317234caaecaac91aef26
658961834651b14490ff9940818b6f5db8525d4e72ef452f31c375df8ba7dabe

HTTP Headers

GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/img/brand-logo.svg HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:56 GMT
content-type: image/svg+xml
last-modified: Mon, 06 May 2024 09:54:20 GMT
etag: W/"6638a8cc-2963"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MSsSD7RLrnR%2FWLpC3uZogeKUU6KWhv9hGRNOf8UVFqa1Ryg3URw%2BdXNkExPMfdEUb8QVwaAE8l9ucnQxZ39BPmx63vatVEOEDakfYdf2vOCtO3IXvcIaVUc5mIEVVaeK15T%2Bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6c3830b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432

104.26.2.21

200 OK

14 kB

URL User Request GET HTTP/2
iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
IP
104.26.2.21:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectiwanttogetmore.com
Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8
ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT

File type

Size
14 kB (13553 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /page/3ld12u/900?campaign=ThUjIf0&cost=0.002400&currency=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AP5QyVOYDpiwR0BMcyiUFKR8grCQBojKUxC1%2FJiDLi%2FtJMhTh25BcXqI1rD1rL13T5Ha9q2OJdeRIj%2BxzXFedT55yXTxG6DKEOju6EkZfGRVj4Vw7aj%2BFXz7FxwnRNpoewKw%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88043a661e25b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML