Report - www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com

Report Overview

Submitted URL
www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
IP
136.243.28.94
ASN
#24940 Hetzner Online GmbH
Submitted
2023-02-03 19:13:33
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	8.2 kB	17 kB	142.250.74.131
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	418 B	741 B	139.45.195.8
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-13T05:09:46Z	391 B	764 B	142.250.74.130
adservice.google.com	76	2021-02-20T17:10:48Z	2023-03-13T08:49:52Z	392 B	663 B	142.250.74.98
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	1.3 kB	3.2 kB	142.250.74.74
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	1.3 kB	17 kB	216.58.211.3
phicmune.net	199064	2021-04-07T16:53:43Z	2023-03-13T07:40:28Z	2.6 kB	3.3 kB	139.45.197.251
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	520 B	4.9 kB	142.250.74.98
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-03-13T08:39:17Z	445 B	794 B	142.250.74.34
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	79 kB	34.120.237.76
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	515 B	46 kB	216.58.207.227
static.doubleclick.net	333	2012-06-26T18:16:24Z	2023-03-13T08:46:37Z	1.8 kB	316 kB	142.250.74.166
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.7 kB	9.8 kB	23.33.119.27
www.dosya.tc	unknown	2012-05-20T21:31:56Z	2023-03-13T04:21:39Z	6.8 kB	176 kB	136.243.28.94
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	1.3 kB	21 kB	142.250.74.14
pagead2.googlesyndication.com	101	2021-02-20T16:52:05Z	2023-03-13T08:39:15Z	3.8 kB	64 kB	142.250.74.66
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.26.115.190
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	598 B	588 B	64.233.165.157
tpc.googlesyndication.com	126	2020-01-16T09:35:32Z	2023-03-13T05:31:03Z	1.3 kB	27 kB	172.217.21.161
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	896 B	846 B	142.250.74.164
cdn.itskiddien.club	unknown	2022-10-06T18:03:35Z	2023-03-13T08:06:22Z	374 B	1.1 kB	139.45.197.236

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-03 19:13:53	medium	Client IP	136.243.28.94	ET INFO HTTP Request to a *.tc domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	phicmune.net/custom	Malware
2023-02-03	medium	phicmune.net/custom	Malware
2023-02-03	medium	phicmune.net/custom	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	phicmune.net	Sinkholed
2023-02-03	medium	phicmune.net	Sinkholed
2023-02-03	medium	phicmune.net	Sinkholed
2023-02-03	medium	phicmune.net	Sinkholed
2023-02-03	medium	phicmune.net	Sinkholed
2023-02-03	medium	phicmune.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (185)

	URL	Size	First Seen	Last Seen
	adservice.google.no/adsid/integrator.js?domain=www.dosya.tc	107 B	2023-03-07	2024-02-03
Pretty URL adservice.google.no/adsid/integrator.js?domain=www.dosya.tc IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-02-03 18:43:04 Times Seen27539 Hash d9c47f48660b656705d0ff86fc850de8 bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769 a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1	5.1 kB	2023-03-13	2023-03-14
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:30:53 Last Seen2023-03-14 13:26:27 Times Seen1 Hash 3c955011325db507d4bea89590201c9e 559599c0676a8bc7f22c47060acca7ab06e4317e 66fb4a44cd81d6879a9a5def62927bb23d8c67af6b9511478ca4a3ba2ab7b6c0 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	91 B	2023-03-07	2023-12-09
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-09 21:56:02 Times Seen1361 Hash c82428a35f2157d1ffc58db62a62642c 23a3ba37c8219ada20ade938bf6ab027ddfaa32e c202f499070bf24f65287263b3c7fd4a221000ebc2e9a9eb1da84c48faf83f7a Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc	8.4 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 7d81bb6ac7c488304fc993d50c74a942 195eb787ad60aa0de9b43e02c2f36c6b439a9c1f 5aadbd09e97b9de2e3b80650d7766c63fa6be1787008f4e6ab8b92a09d23b570 Loading...

	tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js	2.7 kB	2023-03-08	2024-04-25
Pretty URL tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2024-04-25 20:39:32 Times Seen2172 Hash 9ef158292b617d358506529b02c73629 843852d8addbf1a7f96c5607179e1c9423ed8a4c 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Loading...

	cdn.itskiddien.club/apu.php?zoneid=5426561	78 kB	2023-03-13	2023-03-13
Pretty URL cdn.itskiddien.club/apu.php?zoneid=5426561 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash bf70d1d87e8dad047c86a489734b03a9 e5ce2131acebcee1cbda0a0bf9e1db926dce8fef 16872492a553c7273d52c84d97597bddfd7905b57dfba232f3598388b2ff9cba Loading...

	www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914	161 kB	2023-03-13	2023-03-13
Pretty URL www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:36:38 Last Seen2023-03-13 19:02:04 Times Seen1 Hash 15f11c4e025eedbba4e1adf87c26f043 94b41f3e04fc1dac0f6685afc3649127e1ef9c4f c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9775275426073837&fa=4&ifi=5&uci=a!5&xpc=KGjqwc3H1r&p=https%3A//www.dosya.tc	883 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9775275426073837&fa=4&ifi=5&uci=a!5&xpc=KGjqwc3H1r&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 45e4433e17312e21e01be867895001ab 3bc744890da9796a7b5dbe7236faee86ced4d6a8 a50215a17d65d46c01ffb62f5e6717708f244752dfc80a1ac6c3c9ffac0a74b5 Loading...

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=www.dosya.tc	367 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash f0655d3b215a7f029b9afd076c533f81 dc57a380ee59a761f96afbbaefbbd055c86979c6 eeff3eeaace2971d68eb1076c49adf2318e2bc3a12f97e7f4d80a9a25f5724a4 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1	3.9 kB	2023-03-13	2023-03-14
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:22:15 Last Seen2023-03-14 13:26:26 Times Seen1 Hash fc3084eb4a9ac33d9245ea4303c70fd0 96bd2f4da63423669e42442a9cf1551ce2af0f82 60e6ff19de97aadf35d143fe7c133757c30b576371d8f07aaecef15098712bcc Loading...

	tpc.googlesyndication.com/sodar/sodar2.js	17 kB	2023-03-07	2024-04-26
Pretty URL tpc.googlesyndication.com/sodar/sodar2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 23:20:56 Times Seen17694 Hash 2cc87e9764aebcbbf36ff2061e6a2793 b4f2ffdf4c695aa79f0e63651c18a88729c2407b 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html	9.7 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 5ba05061c66d3e3a39f0573557899b0d f31c916b0c5ba50856c2d505c6a07ac2e3703dea 821afaa0abe5e4fb2292f52492b24ad0e290f7c43766602293856e911b5d1499 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=www.dosya.tc&callback=_gfp_s_&client=ca-pub-9775275426073837	383 B	2023-03-13	2023-03-13
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=www.dosya.tc&callback=_gfp_s_&client=ca-pub-9775275426073837 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash fd95afd63072f4a519d2d1af5682e5e5 45df2c5138f412cfbd2ecd89b9ff34357a00ef81 2fedef4befe3d6a22a98520ba29fad877fc2322c047f50b1a5c6b84c66079197 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458	46 B	2023-03-07	2024-04-25
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-25 20:39:21 Times Seen1585 Hash 4f0abc3ba95c84ebf5cc9987135b4168 cc7819e635f40040efef3ed36f44e35243c092fa 556cf7831e8acf0289fe5045796235dba49cf88c1b9cf908f8291dbd9a86786d Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc	865 B	2023-03-07	2023-09-26
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2023-09-26 10:13:13 Times Seen948 Hash 2a980601f126ccf75525c8de2f28a710 1c0ea07c6ac72e55acc81b5b60a80df538bb2b91 2820eca7c63ddd81d283ab8e497c6035888f4f4e89151ef305ff7786e64e39d4 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc	2.1 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen1170 Hash 6b526bad7bafa7d3586f548efe823fe9 f4b7ebc99aefa49317e40777538a9976cc4cc7e3 97f9cd1f0fa3d093248acbed20f55b6a38461ba3db45734a1e6f83f5eb37235d Loading...

	www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019	34 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019 IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:53:03 Last Seen2023-03-13 22:27:21 Times Seen1 Hash 8aec859a266e19fb42fee7f82edeac28 f00befab79b5d70c4fe19cbac00e79398743ab51 07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a Loading...

	www.google.com/recaptcha/api2/aframe	614 B	2023-03-07	2023-04-05
Pretty URL www.google.com/recaptcha/api2/aframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-04-05 02:12:11 Times Seen4624 Hash e9e28069c47a530a55f8c7e015a1b38b 2eced601ebdbe39ca274f61c71376ea4bcb8dfff 5fc84aaac11d3157f560666107a0551c67974bbd141130882f9579a5a92e0c52 Loading...

	www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html	391 B	2023-03-07	2023-04-02
Pretty URL www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html IP 136.243.28.94 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:49 Last Seen2023-04-02 21:26:07 Times Seen57 Hash 7f210ab99dddbcfad682603c80bdb1b0 6eb8051259d36a55254dc4d22aab15b88be6e61d a1025f54286788acb53039fb4ab86373cf25d36e5ca6f3d244e5e8be10d1b253 Loading...

	www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html	101 B	2023-03-13	2023-03-13
Pretty URL www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html IP 136.243.28.94 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 579f8b6db01e24c3567e552bde171ed5 00e5ce12e7a03e1664ebb49f772d1e81b7c1dd5f e32ee2b958e83fc27b7dabf14bb82cdbab3af92bbfa6e6f354e5bad6c0b484d6 Loading...

	www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html	57 B	2023-03-07	2024-04-26
Pretty URL www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html IP 136.243.28.94 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-26 19:37:09 Times Seen10862 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458	169 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash ced1c4a10fe54a9a687a91f6330fcf65 26e56663380820d4e994af3888fe83797c37f52a 5480871905b664ad7a3d929ebb1ff783f457793d83a6363ed90520e78ca617a6 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1	19 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:26:02 Last Seen2023-03-13 20:01:04 Times Seen1 Hash bf52e7145dff36a771d01fc54d986804 48f322f364b2438262d7c0c22d1d7dc657fc7903 252f20d056a451fa5781d2c1958122ace9060c86823e92be6331675c7164f4e3 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1	10 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 725be9375410efe7cd416693a2b6f294 eb5ed78d5ac2a4f28f4e68910deccfe77c4f3daa b28e588a2739b02898a680f8e7504db97733e7cd5610135fefec6b4bc0c883c5 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	436 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 7ad5b6dcdb14bd1a8e1c894768266199 1ec1d23cca589eea544d2505fb430cb3079a974f 0f824143b1c4ff7209b3b065f33ed6f9b6ef40752f965e6d5d4f1d5b95f4f043 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	9 B	2023-03-07	2024-04-25
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 20:39:22 Times Seen2253 Hash c8308edb31948449adfea16b3e2d316d 38d59d97a7ea7498b50a40eabdfde6c3f446be3b 5c1324674560cf5a651810c1e7ad9643cd2472144d432b7a62a743a19f6f86c4 Loading...

	tpc.googlesyndication.com/sodar/sodar2/225/runner.html	13 kB	2023-03-07	2024-02-23
Pretty URL tpc.googlesyndication.com/sodar/sodar2/225/runner.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-02-23 22:40:33 Times Seen4633 Hash 04889347291e33491547245846d18c4f fa0e1917fb2630c86eab067505751a72ba001c6a f4a5d6b45c241fa0ce6ba4ae8b035ad725d67c4091ce8a99bc9c2364295b8fd8 Loading...

	www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html	422 B	2023-03-13	2023-03-13
Pretty URL www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html IP 136.243.28.94 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash e66b5912fb996be535bba4654a917aa1 b07821e21ff65a1b1bd658cd939da636da7369c4 cce73573e7b35bf4e3263ae89b7d9baa9c7d2b69882d8031b3e9c7b9dfe18ca5 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	566 B	2023-03-07	2023-04-05
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2023-04-05 02:10:11 Times Seen464 Hash 1d94359236582b07a3847b6ad018e40f 183a56ccfb9a122e7abe3d3b73bee96ed1405281 ef8553166b4224d14caf381ee0e3aef4491574ec4bf434987749d0078a621c25 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc	3.9 kB	2023-03-08	2023-03-14
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-03-14 13:23:12 Times Seen1 Hash 41ec6b317ecd4bdb0aeacccea220cac2 25a6ed1d4ac4326e30516064b9f1b7d44c8c8613 70f25c4a1351285f5616eed749cd7297e937608a6b3494448ab69f31634be2e9 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc	460 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 297fc21b8a465391ac7d889a2f30013b 85ef064f3e2b20a83135a61f7a9fbf7e5083905b ca81975c9c2bff365fbaed2253df26f9dc736df9f307de69c4c12ac84033e9ab Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	19 B	2023-03-07	2024-04-25
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 20:39:17 Times Seen2233 Hash 65bb46e3f84073f672c022f98f42245e 2d0aed946f65bf94f57fe36798d2540727b212e3 375bc1a8808edc2a20b432f223e06e981b02feb9d34f558260aa537495f3533f Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	7.0 kB	2023-03-13	2023-03-18
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:27:24 Last Seen2023-03-18 16:35:17 Times Seen1 Hash 3fb9581c1334d387186bb29b70369e62 ce999668e87f8a5e9d4e52c44afa5df894c14c90 8d61648c206c0969641a3c53a5e4c0ad8059669260b97016f586f2d2be294356 Loading...

	tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js	1.6 kB	2023-03-08	2023-04-05
Pretty URL tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-04-05 02:11:33 Times Seen1532 Hash 822ae3ba8078d8c2f84874b6dd35276b 41c4a330885a8297f036f76df13ae219203e3dff f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9775275426073837&fa=4&ifi=5&uci=a!5&xpc=KGjqwc3H1r&p=https%3A//www.dosya.tc	9.7 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9775275426073837&fa=4&ifi=5&uci=a!5&xpc=KGjqwc3H1r&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 69314654298953b8d90ad2be4a221c3a 0fe1dd9ff8098a6127175f4bc38c75afe6b43399 ed621dcd96191232b55af7f51a4b868dd3b663288317390a426f8a3e27fda3d3 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458	145 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 3593bec118ca5645cb860f5bad56faea db62a9005ee3fbf31cec8684bd6e8514d6f2d2e1 437de056b1307b54d33ed3bc3844f6927cffe0f46d533f3f162174eee0deba56 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458	267 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 1f42f453f8988d29685d060968b176ac 8a6d0c7c3d21c180102e83b6fa91e6d4fa9b6755 414feb76f55d1fc7a571355de23bae70e47e7c056ea3bfca97efdda0d6a14c2f Loading...

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/reactive_library_fy2021.js	153 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/reactive_library_fy2021.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:16:32 Last Seen2023-03-13 16:33:55 Times Seen1 Hash ed85b51bd47765fb7bf7cf35b59b8e85 23f78921af1e6c07350f3c66776f5d1d5d1b1856 94eca77038ee723d18e3dc409f1cf983726923453b58f841065f051e016821e4 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	29 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:15:06 Last Seen2023-03-13 18:35:59 Times Seen1 Hash 33c7331fdb0270998120ab5f2b412095 84d779cefd15fccb6abe23e6e69d67889a36a9f3 c4a17259a956750245b4afd22b7c8d510df8ae19d7b19bab8ae87677c7614e90 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	51 B	2023-03-08	2023-04-05
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:47 Last Seen2023-04-05 02:10:11 Times Seen472 Hash 28af94bc1600e9ac259e4ca00dc4cf8a 2502d6c9785acecb2a2e4ab346e572eceecbdb3c 6d2e7247be2c7a684b742fd6cf41fb7f75452753f7e25bf8a11e797ebf168fa1 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271808&client=ca-pub-9775275426073837&fa=8&ifi=3&uci=a!3&xpc=NyrPLBGZfI&p=https%3A//www.dosya.tc	118 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271808&client=ca-pub-9775275426073837&fa=8&ifi=3&uci=a!3&xpc=NyrPLBGZfI&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash d530d033d7a878ef028745b5bde20396 d1c889c7d38073e06411a37bf58305ec90cfe1ad f1fcf8a37d8f7f699771967543c6e540a58399bb9898a0e092fee89cf18ca375 Loading...

	tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js	18 kB	2023-03-13	2023-03-13
Pretty URL tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:24:28 Last Seen2023-03-13 20:01:04 Times Seen1 Hash a8c847dd892396d6201d43c720b9d09a 7b6776f8c428ffca9bf6058204656842e91f79a3 2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9775275426073837&fa=4&ifi=5&uci=a!5&xpc=KGjqwc3H1r&p=https%3A//www.dosya.tc	460 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9775275426073837&fa=4&ifi=5&uci=a!5&xpc=KGjqwc3H1r&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash e123153c80e695c0b8f132ea9551e2e4 cd46a5f3be636803f6aae61264ccd3c901a9d150 8bd0e40f3c976a604eb70ea837fd08e6e01ead46c485325a451558885a386266 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458	8.4 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 6aa91ea75f09f5e352ba720dc7bf4328 fee3029e5b6ef7c3fa86475a867631034bf4a2de 0e65d552e39bcdf2646bf8ac2aed12da726b3af08af5f3a03a84ad743a7f233a Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271808&client=ca-pub-9775275426073837&fa=8&ifi=3&uci=a!3&xpc=NyrPLBGZfI&p=https%3A//www.dosya.tc	14 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271808&client=ca-pub-9775275426073837&fa=8&ifi=3&uci=a!3&xpc=NyrPLBGZfI&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:26:02 Last Seen2023-03-13 20:01:04 Times Seen1 Hash 8bfcdeb85c42632ed7b7dfa969e47dba ce7a53ec16d9040b829375ef0c0ca9957bdf15ac 07b3febde8028057e3aa2c4380629ccf9069f13d4076da4a7869d2e49df939ee Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc	9.6 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 53ec2e383bb03def6120b66c85dc7625 349ebd6abbb7cb1cd41a894dcd1883a737d93b2b 33f956a4b11a4f1e2d85211208606bb936ee252a7d3e8b63a58e4a3242d6fcd7 Loading...

	phicmune.net/pfe/current/tag.min.js?z=5030740	15 kB	2023-03-13	2023-03-13
Pretty URL phicmune.net/pfe/current/tag.min.js?z=5030740 IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:28:22 Last Seen2023-03-13 18:47:21 Times Seen1 Hash dcb7609ee3c9cdebf9ff27705198646f 6d769ef447e81bbf9b2d36d964826e9d34c1b9a2 96ac715a4b5ef34b6a45ef1e16ca0b269258ec85e4c7cc668875d1cea76ad23f Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9775275426073837	150 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9775275426073837 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 5458cc9f3f2289dae480884935f5cef6 712837bc7684c2c802795158d00a87a8d3a6b8e4 4945441d02f7138500872eb26434286f06d28ea6ca5143e4c547355bdb38367e Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	872 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 09a39784fcee1a37d3887b7be392989b a09fad95904bd35b444ed989b9db791392521641 c39871652983d6a3385aac4618877e9c58e29025b4fca31dd91dd622291755dc Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1	679 B	2023-03-07	2024-03-25
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-03-25 17:46:31 Times Seen1197 Hash 5ffe1df38faa71b9a109a3e5b47f265f f28524aa6ffd0388346ca0245ea5f236f5d8f165 ffd99951639c4423a5606214235ad4223de160faeb31f1f0af54861c249cbe3b Loading...

	tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/interstitial_ad_frame_fy2021.js	20 kB	2023-03-13	2023-03-13
Pretty URL tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/interstitial_ad_frame_fy2021.js IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:26:02 Last Seen2023-03-13 19:29:40 Times Seen1 Hash dc6ed1a4a4ef1b1b7bf60e26fb30c68b fb88ae3933279eaae0f358f0330a87bcecee2ffc 675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1	457 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 62690d0e69dc331455ea44dd98e62596 3e5888b474cb95d8cceda48a6dfdee4800daeaf0 c4d9ede84be45ff7efa4235ccafb135c16a4975c378d9bec9295fbaab9dc5b1a Loading...

	www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html	573 B	2023-03-13	2023-04-02
Pretty URL www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html IP 136.243.28.94 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:51:14 Last Seen2023-04-02 21:26:07 Times Seen54 Hash 6dd7e83b61959cdde75ad54a2d6f23a9 deeb5ff8ca1393b7eb026641e91c27de98288b12 f104aec6ac5c0d9d5c0dd8986fdcb6933583d33e58aca745ba07be90b2ca76eb Loading...

	www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html	102 kB	2023-03-13	2023-03-13
Pretty URL www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html IP 136.243.28.94 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:28:22 Last Seen2023-03-13 18:47:20 Times Seen1 Hash 6486e114fbb50d2a51410d1b815efca9 ed7dbe7163b58dc35aa1187cceee1f75e2fa11b6 d6722782df04c672031e5118f553aa8a562bb13075c989fc5c8d522d10a3c3ea Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	15 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:24:28 Last Seen2023-03-13 20:01:03 Times Seen1 Hash 3de9d0fb471b4abcc99c1bd0cf965339 e6dbdadc0571304ef5e383bd5b634ed15b75d55c eb16dd9af2248c90f0ccfdf755ad2ce4a909fc0248b35815274d6ba5d334761f Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458	29 B	2023-03-07	2024-04-25
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-25 20:39:16 Times Seen1576 Hash ffdeabb8ddc079ab75fc11771e82d609 eec3c2fe235719cef576ac181912ce2e832f4b88 593ec3939c38f7d9154231957277279ed105cc7fba028a610644cb510bbbf749 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475	18 B	2023-03-07	2023-12-10
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1675451635&format=300x250&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&wgl=1&dt=1675451635328&bpp=2&bdt=588&idt=357&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1074553093155&frm=20&pv=1&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=640&ady=175&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0eabE7vTOj&p=https%3A//www.dosya.tc&dtd=475 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-12-10 23:37:06 Times Seen1996 Hash 364903be35e41b2e14a841071c35f191 58dcb22af21e5f7fd6e5bef578eb1b9a7ddd34a5 b29dd4c3347306fe999d36cab04ed9a9ef863d885d11c86ebbb571802f25ff59 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1	47 B	2023-03-08	2024-03-25
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2024-03-25 17:46:31 Times Seen1244 Hash ec1037cd2cafcb8608fa83ecc4e67ee9 1b2824e9d197e5c00d7814afe478d37c7232b2b3 d8ce62dabed83bcacf75b458cf04acdb5ebc590d35e102cc61af7206afcf83e4 Loading...

	tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js	23 kB	2023-03-13	2023-03-13
Pretty URL tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:26:02 Last Seen2023-03-13 18:35:16 Times Seen1 Hash b5248955056af97e008372493ce197d4 cdbf5353e1a5dd4aaf0da08a9253e6de3805fd5c f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2 Loading...

	pagead2.googlesyndication.com/bg/qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js	37 kB	2023-03-13	2023-03-14
Pretty URL pagead2.googlesyndication.com/bg/qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:46 Times Seen1 Hash dea55f2a55d5f6232c69b6ebb960f3b5 e4fb80ab34680d696480371a1fdc8fb6a5e25da4 a9de4a30455e3e94f51022183f5f2a05829f4238af7ea34eb40d1c4e316c4153 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1	861 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash fc09016d14217b8ab5bcb22631a2d551 1d08e6cc244b99c06eff3441a8f59e9374d8f0f2 6ebab2d1ab42d3182c22a2aea47736869a66ff2992a1654672b5611d19f9a806 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458	938 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1675451635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x848_l%7C404x848_r&format=0x0&url=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ea=0&pra=5&wgl=1&dt=1675451635328&bpp=6&bdt=589&idt=324&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1074553093155&frm=20&pv=2&ga_vid=664779681.1675451635&ga_sid=1675451636&ga_hid=1055498030&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774606%2C44782817%2C31071264%2C31071662&oid=2&pvsid=1271233479581641&tmod=1079960693&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=458 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:42:08 Last Seen2023-03-13 16:01:35 Times Seen1 Hash b36bb7e27b75eb656a1153ca710f9200 ddb7f8bf6dd4aea01025c8789cf0cc0d99ad3f39 27e286fce1cc64e15f333cf2e719c092ecd2db2fc80f8abf607ca3d0d235b083 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1	28 B	2023-03-07	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2023-11-03 08:02:11 Times Seen1154 Hash 97762f84b371ef2d09d327bfcc3229f7 5a5902b59bc343d77975b883bd41d2e99abdbf7d 59672a8bc2f5a2c77c406196d1b74af5f001597e4525ffb9ab6f5fe835a848ea Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc	883 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9775275426073837&fa=3&ifi=4&uci=a!4&xpc=MZQPLgH8wL&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 5de239ae070c14df36f2d2385ac6c648 a37102ee889d20307b8a98c6a127275faebba9a7 ea97da36756fbac804dea14f67d3a1f39b7880d8c8075465f6355e63afb98a97 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271808&client=ca-pub-9775275426073837&fa=8&ifi=3&uci=a!3&xpc=NyrPLBGZfI&p=https%3A//www.dosya.tc	13 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271808&client=ca-pub-9775275426073837&fa=8&ifi=3&uci=a!3&xpc=NyrPLBGZfI&p=https%3A//www.dosya.tc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:49:18 Last Seen2023-03-13 18:38:46 Times Seen1 Hash a44138c619abd72cacb32ad2a48b9d93 4a093c099654c69fc3b77a0dcc5126ab310d7fee 150ad9c12d2ed7e8d17c1c4277717e940ae01b00c837fbe73b0411a0c8f61a59 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 613178442fa1d9e7a4c7ed5464a47800	349 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 613178442fa1d9e7a4c7ed5464a47800 303e619ce25224b151e776a6968bbc254fc38ae1 1e87aad0680f0e1141f3ae6daf028e78a2e3f569adb4226148209e489780024d Loading...

	#2 Eval - 8e13599ed29f41f2439ac21a31e64d56	139 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 8e13599ed29f41f2439ac21a31e64d56 9172fe9499df42f3bf49590234664a7870640777 ae5ac308274e133d7abf382708bd21ec8f9fb318f8612fa125fdd3e4d572678c Loading...

	#3 Eval - 43e6866b7ab224b34117ea898e4310ff	115 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 43e6866b7ab224b34117ea898e4310ff 7203cc539564cd355022e5ff63154a20e840887b 0e7c026bc53a0717b537f23521de854996e95dbbcee853a4773a1385be4c56c3 Loading...

	#4 Eval - cefaa8ba4bd8ba3b2621df17b31f2f44	25 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash cefaa8ba4bd8ba3b2621df17b31f2f44 809b105daefc4f70ce9ea72b417f87672411049b 2092c311514f4b20658263072246ac997745f48b78e97c4bd63c7c65e243bf7f Loading...

	#5 Eval - 19911a8fc491c53723858e312ffbbc6a	230 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 19911a8fc491c53723858e312ffbbc6a 170c3c4e224d17e35216ab449a2b0eef8491f6e3 27b162f9ced3a514ae7499dc22152be9c13de4e4f8d452f83c5f774ee51650b7 Loading...

	#6 Eval - 856d012d7b83ddf2438d004f572b043c	320 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 856d012d7b83ddf2438d004f572b043c 64519fc3b06bdbd44b45c4840f66aa17420a7ace 0f9be7a9fc78a3e22842715384f0ced9bd04a43f7f3cdecae48d579aa6ffc626 Loading...

	#7 Eval - 29c42e7f65081d0c5635e785690bf294	36 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:01:35 Last Seen2023-03-13 16:01:35 Times Seen1 Hash 29c42e7f65081d0c5635e785690bf294 bedcf17a1ab8b84c3bc34d144a036cd9554f49fc 0ae80e88fe5e06f80619369c0b3b10452f03a1110c392f8b9d8eae961c358450 Loading...

	#8 Eval - 8264ee52f589f4c0191aa94f87aa1aeb	2 B	2023-03-08	2024-03-06
Pretty Observations First Seen2023-03-08 10:00:13 Last Seen2024-03-06 12:52:51 Times Seen623 Hash 8264ee52f589f4c0191aa94f87aa1aeb d3c583412a36313ab5e24293924c39a36b842c56 3f3ef786b34d6dd716e1812c8b74a7a0e1f05aa5f3230588f6f5bcd00c6c8392 Loading...

	#9 Eval - 6fa75c92a4048fb5bc75647f02f0aa56	54 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 6fa75c92a4048fb5bc75647f02f0aa56 880c9b76d96c47e01938ffec7cedc03f8a42ccfe 48405ad74b96efeb11cc891f157937d0a7fe6cb035313aa50b6e36cc85cdb748 Loading...

	#10 Eval - b72e1fdd5dc8ba0c9a63118a723c4399	79 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:46 Times Seen1 Hash b72e1fdd5dc8ba0c9a63118a723c4399 c611ee4b1e475fa625b6cb920d31aac727ca7e05 044590483fd1a4c27e82252647224cc78664d8ac738c7550bfc169297f5278a1 Loading...

	#11 Eval - bae3f90cb000352645e35fad60da411c	35 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 23:46:10 Times Seen53329 Hash bae3f90cb000352645e35fad60da411c 00023f94c170125b979cb1914925d06ab1abfbce 1e3606d95ce27d593157594820335681a9380f51a96147303cd8000e60a95e12 Loading...

	#12 Eval - faee866aedc007ed999eb34c8990f8d1	2 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 17:29:04 Last Seen2024-04-14 19:24:42 Times Seen99 Hash faee866aedc007ed999eb34c8990f8d1 63c667a86db396672851c515d79db51decf9cfe9 aed375ce32c114ccbcb5432b81f6f6a310fdc8bc5345ef9426817a885d4229d8 Loading...

	#13 Eval - 11d2fdcf16e2000cba67a4c21393d31e	434 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 11d2fdcf16e2000cba67a4c21393d31e 65a873c804c0132180e8de7dfd884e44096e1af3 455337babee9e6fbfb7624a4585331ebfbd9696a7974a2e8b27333bedde2e5d4 Loading...

	#14 Eval - 8fa6304f96093d55e046b8dd1d50deb3	454 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 8fa6304f96093d55e046b8dd1d50deb3 23b5cdad934d6bc008db9ff6af58fc69ae054ba3 e0bc346257b89f6e380bdbe7e55ee389ceeb35b214f0dac80dff1a719e4ca309 Loading...

	#15 Eval - 7fde9a45d4629dc4647d6f6345e00b53	2 B	2023-03-07	2024-03-29
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2024-03-29 14:30:01 Times Seen874 Hash 7fde9a45d4629dc4647d6f6345e00b53 2614a4580d07ea689f6b9bc162281dc9d3964678 9d709a05ea3ef8e47d527b1ad766e60447b90f0cb58c3b5ba9a77c30e53b0f4c Loading...

	#16 Eval - 1655486a00b6d0c86b5f629955853521	71 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 1655486a00b6d0c86b5f629955853521 c2b4427c2f21b3a2870e958ad6acea6455c07691 5f4462fa94652d1557f19658d0f60e4ea4637d79519993add589afeeab00da29 Loading...

	#17 Eval - 1fae6eefd4d4b5ee43ee4fcfae51d041	65 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 1fae6eefd4d4b5ee43ee4fcfae51d041 188024de1fc49566b29addb794e79f5bac769bd6 9481410468192cb0e43ba9bc8cfdff721ddef3c827e1823cd1c164b93dc7d2d3 Loading...

	#18 Eval - b5cbc2f98efb78811114c279e62ac636	503 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash b5cbc2f98efb78811114c279e62ac636 1f39732d143c2e3f3d3d72251c00b378cbf5aa35 848072b95c03b6f12127b1d70b28101cf710b4d0e29afcf3af6d822869a4ee81 Loading...

	#19 Eval - d710557a24f09b82dc0cf54635d84b97	162 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash d710557a24f09b82dc0cf54635d84b97 4672af590724636a3bd75991479e081d79b1466d cd4e3a48b7661f81189b0cb634e7cebfb33865d93b29e9e3ca4c13de3bc9ae81 Loading...

	#20 Eval - c80e206da3e0a922cc24f681fd8c74ff	359 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash c80e206da3e0a922cc24f681fd8c74ff 814a28a4a82906ad7e0052a4ec90161f55f6bbf0 4ebba0cf91631e4eca890b4cb3d977549fdc814888482829e2ad6e08d1295287 Loading...

	#21 Eval - 0bed7d565ea24f3c3bf5fd2f1ceb7941	71 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 0bed7d565ea24f3c3bf5fd2f1ceb7941 52219b8a8cfc26ebae361179d930b3090d9cb3d2 12f0a8cc0f8b1406a70d152633dbaf12f944e27298d2eda05c68dcacb31a9c0d Loading...

	#22 Eval - 18c7046c0a6d85bffcd638e65bd0ee8f	77 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 18c7046c0a6d85bffcd638e65bd0ee8f fcfc2717e615fd19ab6600c1ed20e655a5326c0a f1791e7507fdbdf6b2182390d07c753889219ae36ed0c3c8589545c09133b4bd Loading...

	#23 Eval - 2e183d51ca54f8f73da9ca0715f351c2	118 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 2e183d51ca54f8f73da9ca0715f351c2 8e91e60ff4f9cba306eb3bf4bd22b4b460e9c3a5 1b8bdd9141fb76a8f4ea36eb0593c8b209a7c9484a61b2ad46d9744bc459ad26 Loading...

	#24 Eval - a661d6cfd9da3e0887181b96c22a445e	203 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:46 Times Seen1 Hash a661d6cfd9da3e0887181b96c22a445e 95dd9426c7f6e81bd51223f7102e0d6bd3b06395 8b6a878b7e069cd350b1a109f53d1bc2301c1a756794d20c4e86f89cb2e258d1 Loading...

	#25 Eval - a8eccc0319c51a13b58a35f615c3788d	164 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash a8eccc0319c51a13b58a35f615c3788d b338c624a516696d64213cdd59c5b39e4fd881b6 7b4eac99be344be97b0efd052f124910a1b754bafb7cbdfe4db65a712d0ef7d4 Loading...

	#26 Eval - 05b8c74cbd96fbf2de4c1a352702fbf4	6 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 23:46:10 Times Seen54718 Hash 05b8c74cbd96fbf2de4c1a352702fbf4 320ad267d8d969f285eda5c184f5455bd29c8c95 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba Loading...

	#27 Eval - 021f53266f1162dfed91d6fb9e5cc82f	73 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 021f53266f1162dfed91d6fb9e5cc82f b262ac2603e49e88d20438852baa2cba74fe58d2 d7d1fb8d3b7a7311ef2940a3d5ae5b3cc029358f630f42ab708b69cf3ef8eb07 Loading...

	#28 Eval - 1acb88d4e00ce159173658b41fc40684	85 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 1acb88d4e00ce159173658b41fc40684 7754cb5c6693d7619ac0952ca085b8d96e73d439 080b00fb0cfa7ca4607ca1dd85def2386960fcd4cc4d733285ffafb46562acd6 Loading...

	#29 Eval - 4b3200de752f7f5fd3b182787f013a52	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 4b3200de752f7f5fd3b182787f013a52 f78e92970753832f5208d54735157d055a44bfe6 20492316634a46f8c97e1d7ada5163e41e3be66d4da4fd9b8a08fb350b1c878e Loading...

	#30 Eval - bb8d0d3890e1c5f22ff789a6e77e7171	76 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash bb8d0d3890e1c5f22ff789a6e77e7171 07a82f26406e6fbda995f6a51631a5728f16927f 5f1d01d850f684c685416d31363e3dcae08969dd9a3bc71c0d57de4dfaefb1fa Loading...

	#31 Eval - 58806e006b14b04a535784a5462d09b0	2 B	2023-03-08	2023-10-20
Pretty Observations First Seen2023-03-08 12:10:41 Last Seen2023-10-20 22:55:26 Times Seen345 Hash 58806e006b14b04a535784a5462d09b0 f764c6ed9238e9b071b51643696dd9c18cc06fb1 2c24576872f7b538b5a2c8e8b9db551f58c49b5316aae1af86d201e44908d0e2 Loading...

	#32 Eval - 7fc72971abe0d5caf2fda6ad239c122b	260 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 7fc72971abe0d5caf2fda6ad239c122b 47c8bd1e4b05b906adf8c841c52d901515d7dbe0 3801eec4c69619352be6176bb9a3e1b4b4851396c73285bfb978a33f322d3867 Loading...

	#33 Eval - 67b0e73a40dae0c82d875d0bb30c75bb	210 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 67b0e73a40dae0c82d875d0bb30c75bb dfadf898edb9092575746046af4683a6660d44c8 0e22a750874869ea083192d69bfa6baf1434d686f1d72070e324bead1538f89f Loading...

	#34 Eval - 3effc6c974ef84fffbe8a009f4caabd8	360 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 3effc6c974ef84fffbe8a009f4caabd8 e2785c716fe80b268a4c59d031a81e3ef0aaeb17 98225ae09b9a513995ff7e319a2297c313c6699991a40ef8b162f868f696f883 Loading...

	#35 Eval - 95b5e8ac168d6d78b8bbf05a4449c9f7	46 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 95b5e8ac168d6d78b8bbf05a4449c9f7 4ca3652f1e4deab7c0d9f81e3d3e45233dd8adae 11ba752b56063c622fe861d7610c6f86a9283924ed0459e5227bf2233509b094 Loading...

	#36 Eval - 020afc5e0cbfe446a56efce7dd20eab9	77 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 020afc5e0cbfe446a56efce7dd20eab9 67fbf48da73045ef9a281cd70d0b9d3705e029e7 d438874da794c26652f9656af71003c9ce2f1396dc4aa8b132c08014a09ef83e Loading...

	#37 Eval - 7fc56270e7a70fa81a5935b72eacbe29	1 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:15:06 Last Seen2024-04-26 23:46:10 Times Seen7992 Hash 7fc56270e7a70fa81a5935b72eacbe29 6dcd4ce23d88e2ee9568ba546c007c63d9131c1b 559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd Loading...

	#38 Eval - 175ab72024520b8a260ba5ca637bca11	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 175ab72024520b8a260ba5ca637bca11 b7f0178a11f044c734981800c34180c2ec5a65c6 42417bca9806129f0957c54d1b855bce06cd4d6f75a0adc9d4bd1e92887b144c Loading...

	#39 Eval - d28753bb7f2d2694157366c4b7c715f3	78 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:01:36 Last Seen2023-03-13 16:01:36 Times Seen1 Hash d28753bb7f2d2694157366c4b7c715f3 442d051b978bcd14c73a4e4c5a6f64488f95786a fa67ff48e117ca3e63f208d42809eb666bfd32a4c6d088feaad80b2254b41ac9 Loading...

	#40 Eval - a191a28f5a1c622229a7071963be311e	91 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash a191a28f5a1c622229a7071963be311e d3db0dddb2ffacf5886de5c0d5fdbc14e40553c9 f0b3e8090494d38b63324f7b9e1f1b5cbcd9e6fab526c87104ec90dbf32d1d00 Loading...

	#41 Eval - 358f831dc8dc3eb2986a8de9f2e78519	139 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 358f831dc8dc3eb2986a8de9f2e78519 9a844baa2c6398a68780f9700c3c853822c16a85 124d56e738113bb7a303d8cbe9f4d854bb36bea7ad6c4b0088bf02fa623484f4 Loading...

	#42 Eval - 710537f56101d2c8c4a51afe9e6a7f6b	34 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-13 22:16:41 Times Seen1 Hash 710537f56101d2c8c4a51afe9e6a7f6b 6120134ab1ef2f6b0541d0c82e82abb4ac7ce2c4 de82ae973b95d6c9282d712b258548a2fdfd45a54398583894ea36b7656f5c08 Loading...

	#43 Eval - 44c29edb103a2872f519ad0c9a0fdaaa	1 B	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 01:20:09 Last Seen2024-04-21 08:50:28 Times Seen9231 Hash 44c29edb103a2872f519ad0c9a0fdaaa 511993d3c99719e38a6779073019dacd7178ddb9 5c62e091b8c0565f1bafad0dad5934276143ae2ccef7a5381e8ada5b1a8d26d2 Loading...

	#44 Eval - 0211144dc5ba8a8c6913a06fe777e1e8	228 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 0211144dc5ba8a8c6913a06fe777e1e8 4fdb6f0a4edb3acb6c4dfb6a2e17ce49549c2db1 5a7e9ce2fe0d73b4c427149f00710ee2db7785a83f62ece82cb6b061aa73ef77 Loading...

	#45 Eval - 4a8a08f09d37b73795649038408b5f33	1 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:15:05 Last Seen2024-04-25 20:03:27 Times Seen8901 Hash 4a8a08f09d37b73795649038408b5f33 84a516841ba77a5b4648de2cd0dfcb30ea46dbb4 2e7d2c03a9507ae265ecf5b5356885a53393a2029d241394997265a1a25aefc6 Loading...

	#46 Eval - 8d9c307cb7f3c4a32822a51922d1ceaa	1 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 08:02:31 Times Seen8239 Hash 8d9c307cb7f3c4a32822a51922d1ceaa b51a60734da64be0e618bacbea2865a8a7dcd669 8ce86a6ae65d3692e7305e2c58ac62eebd97d3d943e093f577da25c36988246b Loading...

	#47 Eval - 488ceb925db89840e04ece37be4e9855	2 B	2023-03-08	2023-11-28
Pretty Observations First Seen2023-03-08 07:07:40 Last Seen2023-11-28 10:45:35 Times Seen626 Hash 488ceb925db89840e04ece37be4e9855 2eb5a3b6d89c53470ebf5237326c088ddbb59fa1 14030a5e22dbcd54c8fb6d5d83b183bba9270bfc717f193f2072e2e809c57644 Loading...

	#48 Eval - 17c9d4683d9f263799e9d89c5a9048d6	126 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 17c9d4683d9f263799e9d89c5a9048d6 082376c93bdf1bd78e42bd04efbd6512ca77e2a7 4baa3896777d63b183cfdbb7b7f3a3898c46ec5136817199a2992fe1d5af39bb Loading...

	#49 Eval - daf97402ad86190c1992c4d882337f3e	95 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash daf97402ad86190c1992c4d882337f3e 9c849decfe95f7edf092dbefe0f17af7b1046659 f3955f72604649abee82f78ad7e3c800d1df902a591c3a16e3baee450ebfb563 Loading...

	#50 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

	#51 Eval - 6264a062d8d72c5700e8fd2300850013	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 6264a062d8d72c5700e8fd2300850013 60210064494067a3b1b42306d784e8320aa31b4a 7a400efa9ae656767b1cfb68fc19e827a163d53806ef6a42d9f2cbe72ff369de Loading...

	#52 Eval - 708e303a5ad799c96126e5794fe68c95	130 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 708e303a5ad799c96126e5794fe68c95 fbd0ae1323b7b5867b60e481bc9e06e139916bbd a24f9678d3df7dcccf31f78696cfcc159a19890c7d37ab11934ff5d0b4898013 Loading...

	#53 Eval - 3a44cf88b7f07dff4de1b633daf0e988	445 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 3a44cf88b7f07dff4de1b633daf0e988 bcfd4e44077405e4fa44d26f1de3e276ac191024 4c0e515c5276d169dad97d34753ed6e18079a533268b4c84f3afd7e183283a49 Loading...

	#54 Eval - cd73d005963d024eccc3470287e1c8c6	77 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash cd73d005963d024eccc3470287e1c8c6 9ef3bd575ad6614c370b6ecc1d8473c84a40b96c 3e0874ea9afdd919d1501fb7c932ec1be909b4be8ffa5d2d60724c6acb312f42 Loading...

	#55 Eval - 231a7a1aae7e81c1be1c507f46c27ef3	347 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 231a7a1aae7e81c1be1c507f46c27ef3 8e692156ca17c8929a61918feed67247104cea79 bcdf8cca380f1cd99cf2ef165cea19be740a7b03cf25eb0cb8694b941082295b Loading...

	#56 Eval - f35b62d94a9d5647469231954bffe46e	73 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash f35b62d94a9d5647469231954bffe46e 74c734979636cec694983edbb08e08f0f325fea6 1dd5204b8543087d9d56588e9f5803b5bff7ca1b14b0ea67754825a9b31f1cde Loading...

	#57 Eval - e76cf8a691823107e27238a4976cd98e	2 B	2023-03-08	2024-04-04
Pretty Observations First Seen2023-03-08 00:56:14 Last Seen2024-04-04 19:56:29 Times Seen1099 Hash e76cf8a691823107e27238a4976cd98e 8481498539213a901784f6679c486df2bb4e6bd7 0b6722a8adfb93540bc8b6008e2e82d9940e1f5a2c48af03e0dc04524ffecd0e Loading...

	#58 Eval - c2d75724334cab079503451aab65ba04	2 B	2023-03-07	2024-04-22
Pretty Observations First Seen2023-03-07 01:15:05 Last Seen2024-04-22 16:59:43 Times Seen499 Hash c2d75724334cab079503451aab65ba04 3e8e6a6261c5fdc9550044bcbaa58e06c6eb12fb b3855c69c6a617c29be83baebc7719ceb326b42971f02beecfafa830ea896102 Loading...

	#59 Eval - 60cd8e7fdb31fab417a711b04ac66198	136 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 60cd8e7fdb31fab417a711b04ac66198 9d6521b28e695bd3ce0da48e8b944d07d3688f68 7359577ef92d448a33e8a42d1b5f38770a71e64711ba78d714a2b232601ef062 Loading...

	#60 Eval - 84aa874556523fbd8e997f38c3ef94c8	106 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 84aa874556523fbd8e997f38c3ef94c8 68532132182237dfa545b16e95a90ab883f6d10f f1ac829b1080ba789287f0277996f7d3baed08eac550ce6c0476e790e6c0984d Loading...

	#61 Eval - 5d2e228641ab0e384adde0977865b9f9	2 B	2023-03-07	2024-03-05
Pretty Observations First Seen2023-03-07 14:13:33 Last Seen2024-03-05 07:52:48 Times Seen92 Hash 5d2e228641ab0e384adde0977865b9f9 f48fa5224cc88855d59e6cc2d193a8f4bcadd485 4b017fd4a04100462efdf7b4b21675b8655eb3e35f5a5859674e2b656cd3e6c8 Loading...

	#62 Eval - a06b33d1ea28e90733617ec889d4e76e	2 B	2023-03-13	2024-02-26
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2024-02-26 07:22:18 Times Seen271 Hash a06b33d1ea28e90733617ec889d4e76e f234d5fb8fc9acfc9390016f483a02320d3e4086 01c25374f1ecddd30409e94d0733173be918166e340a90dd577fdc680a9075be Loading...

	#63 Eval - e8250b30616161cfbeda8d3d6396fc62	70 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash e8250b30616161cfbeda8d3d6396fc62 f046f2177e8916305e39c6ee415c558a7adfa586 f943237c2f496e0a4b9879e58e0a88ea2a9283a9bda07a368ff79d2e8fdab224 Loading...

	#64 Eval - 58295aee054aed0eac206f48e8c4a1d7	296 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 58295aee054aed0eac206f48e8c4a1d7 6475ab75f37190ed3f4c87456d40b8e4463146e5 161d70f311b96c6449b5b79996e260d22baa56a7b760714020af68adfa760fcb Loading...

	#65 Eval - bfac940f30eab69bd425489aa41fad5b	572 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash bfac940f30eab69bd425489aa41fad5b 4e2aeddf5feff3040b1521b0adeb600e69afb50b 04fb309b14613681d314e25202fbd5ea3aa58bdfd71d325511a31467425ca943 Loading...

	#66 Eval - f965fbb31adee9ee8544fbd1332625af	246 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash f965fbb31adee9ee8544fbd1332625af 8e670fcc64dc4f050967e81f59ebf01946be059c 07e908857be0033b9d295b3530eff0664797563dd6700cea993921fb224a61b6 Loading...

	#67 Eval - e358efa489f58062f10dd7316b65649e	1 B	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 12:02:51 Last Seen2024-04-21 01:51:10 Times Seen10973 Hash e358efa489f58062f10dd7316b65649e 8efd86fb78a56a5145ed7739dcb00c78581c5375 e3b98a4da31a127d4bde6e43033f66ba274cab0eb7eb1c70ec41402bf6273dd8 Loading...

	#68 Eval - 54cb98709ea10531993c8a6069e48fdb	570 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 54cb98709ea10531993c8a6069e48fdb fe979a85891d6e640356a161fd396a89c2dd1a07 8241fb792c375b6f07d9b60d70f6b6e352a9df122efe3d15ce027c432905dfc5 Loading...

	#69 Eval - 74a518913533fd1fa1ce110ce69d6727	74 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 74a518913533fd1fa1ce110ce69d6727 f3c66d5fa4a851ae9e6e6904c0ec4b04077d1d4f d0d4b12a4a8f488a3b380593a29a227e3a5edb5f287e9ac27e02fbe64d0a7e68 Loading...

	#70 Eval - 62d49fce93ae1d3b1848c43fc3df2662	251 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 62d49fce93ae1d3b1848c43fc3df2662 17de366740315ee3bd876dda4ce888e99d0739d5 6bd2e2104d85c4d57c5c9dce4495f01ca67e19cbdc222210250153865f35c1ae Loading...

	#71 Eval - a606b690cbbf96c2b628040f4b44b01a	90 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash a606b690cbbf96c2b628040f4b44b01a 211f0cc99280df0eba024dcc82bf5a0c4d4c7ecc 27e25ce12e6ac52df433de2822c0f0a19e7aec8543a7ed8155482f77ff28b539 Loading...

	#72 Eval - 6f8f57715090da2632453988d9a1501b	1 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 12:09:42 Last Seen2024-04-26 23:46:10 Times Seen7958 Hash 6f8f57715090da2632453988d9a1501b 6b0d31c0d563223024da45691584643ac78c96e8 62c66a7a5dd70c3146618063c344e531e6d4b59e379808443ce962b3abd63c5a Loading...

	#73 Eval - b6859a758f901d6e67dece9c4c6676ef	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash b6859a758f901d6e67dece9c4c6676ef e324702919b6caee8ed867e7e585a57c6a41163e c73ef278fa1c3fed9722fbd5ee48e45462f0325c34bf7124095c51205f3c8317 Loading...

	#74 Eval - b8f8b9746184029461e2099903461392	432 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash b8f8b9746184029461e2099903461392 c16a11dff3c5f0580f2172f29f38acdd25c518cb 0493dfea8d36221d554f64e9c305fc991c3e3627c60cdb0dfcfd720efe7c3932 Loading...

	#75 Eval - 6b6e0136976d7814ccc339f91019811b	92 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 6b6e0136976d7814ccc339f91019811b 07535126c12468d21e35612c574ee52f8eacf1d6 1688f555c0d72d59b2da2d99e305c2ad8fc4665c820f12a6f98d46eec497eba8 Loading...

	#76 Eval - b989be335a4fb3a65d9c06c6df9ca877	464 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash b989be335a4fb3a65d9c06c6df9ca877 782baad1cab60a34eb252eef2b729b40f63528c3 c018c09716d6a1846278993edad2552b1ab6b54e207c90ce97739adfd234ddd7 Loading...

	#77 Eval - bd4496eb0285aba06273987971f6063a	35 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 23:46:10 Times Seen38692 Hash bd4496eb0285aba06273987971f6063a 8c7d085c9d54b41debd437430b6852de7f898857 f2a353ed5469812b863c5fbeb58b4d46b864ba4e20a49f57f9c44c7cda45f46b Loading...

	#78 Eval - e13bf67ed093be44a59369b10a811102	37 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:01:36 Last Seen2023-03-13 16:06:49 Times Seen1 Hash e13bf67ed093be44a59369b10a811102 50e01f8940f5f74572125df28f3195522707edf5 498b09158126e0148186a54b4a4a94532cee6e2b4b30fa89ba904fbbd8d517f2 Loading...

	#79 Eval - fbade9e36a3f36d3d676c1b808451dd7	1 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 23:42:37 Times Seen4838 Hash fbade9e36a3f36d3d676c1b808451dd7 395df8f7c51f007019cb30201c49e884b46b92fa 594e519ae499312b29433b7dd8a97ff068defcba9755b6d5d00e84c524d67b06 Loading...

	#80 Eval - cdfb6cb0c7e93aee3bd13afe717f0b66	74 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash cdfb6cb0c7e93aee3bd13afe717f0b66 e18c37a59c5981cc5c623ad3645f412a0014fa6d 3e664ae6ab9c7034736b79f80592c88ee693a1026484ec870769b50ab3577ede Loading...

	#81 Eval - fcab294a24285020cffff90065c95070	2 B	2023-03-13	2023-11-22
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-11-22 17:53:31 Times Seen93 Hash fcab294a24285020cffff90065c95070 2813abf63954a931db88bf116fbc58d93f409bfa 4ab924a2c4364b07abe1862cb7cd2df5d6848516fd8ee33d27e19925cbe68937 Loading...

	#82 Eval - 4a621ba37e61ad8ad8945a3caa8878fe	39 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:01:36 Last Seen2023-03-13 16:01:36 Times Seen1 Hash 4a621ba37e61ad8ad8945a3caa8878fe 2ce85005c06c06543a9c559d0818e8edddeb9504 83547e756a55281e8d478aeedd9e9242ad5321f0c3b481637233aaf66717bfec Loading...

	#83 Eval - a644ac2dd1af936064a8a9b3833b7ae2	25 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash a644ac2dd1af936064a8a9b3833b7ae2 7463f7879e182afa5eadd8bb9de57c900d5ab71d ac95175a8632609ae8b1bae0d8af03043617609aab6bdd550e52e71aaa0dabd9 Loading...

	#84 Eval - 9bae1e7e6957fa30f9258d6b590d936a	2 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:15:12 Last Seen2024-04-14 05:04:37 Times Seen251 Hash 9bae1e7e6957fa30f9258d6b590d936a d8456c6820fd89df552aa7e19b1b2b4337eeab87 75badcb532a865120b3b7378670ca62b30967971f8b9d6d1137c072f68cd7b35 Loading...

	#85 Eval - 5523723a966c504978c2757f4ebb81a4	132 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 5523723a966c504978c2757f4ebb81a4 0e864adec420fcf9ed334f52f70df492c781b353 ea06551bb109857544c396125b19f6051bc8a8fe7c703ba1e09f5ff0ad1734c6 Loading...

	#86 Eval - e0cdd69bef3661a10f4cba06817ece92	120 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash e0cdd69bef3661a10f4cba06817ece92 10d57a693299880e73d00b83491b4d28e8dffdc8 e7cd127ab12310ead57fc34aef814f883235d592418ed7c6104fee9eceb57858 Loading...

	#87 Eval - d48a24ae9672ee573050e4d3aeeebe4d	29 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 23:46:11 Times Seen53290 Hash d48a24ae9672ee573050e4d3aeeebe4d 8f8c4d27852980a1ec5a8b1aba30769001314ec8 53e5b7d706a350fe98d52499058624e15cddc1541f17370f94a899a386c50255 Loading...

	#88 Eval - f4c5b145004dfa2e2b36b3964f330e00	77 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash f4c5b145004dfa2e2b36b3964f330e00 684d8c74af5e10e7e61f74c134557ac7a0303a3a a10e51c2bca3b27a7dd7c67b1918f5deaab9684eb119b59a5784e8e2871f58bf Loading...

	#89 Eval - fca5d4d85ec2fc2992646bd5b133f5e3	118 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash fca5d4d85ec2fc2992646bd5b133f5e3 8f8c8c7213ac49c8f7493fd28baa9e3fddcdb560 1892a1a6384788dd8765e5c8ad0e09c50fdc6e16e429f094ebd0daea996b1424 Loading...

	#90 Eval - d53106f43f77d1f19dd046e0aa90253a	2 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 01:02:14 Last Seen2024-04-18 05:38:33 Times Seen1335 Hash d53106f43f77d1f19dd046e0aa90253a 5e26d901dfdc280acfaf7b1aeb2bda00a5a5476a 004374e9564b253d09b9d628a697f2c8e6ec5b01cfd237fd20bb242078baf915 Loading...

	#91 Eval - 30db2fdfdddfb7cc359ce7a36596f3e0	2 B	2023-03-08	2024-04-22
Pretty Observations First Seen2023-03-08 00:56:15 Last Seen2024-04-22 16:59:43 Times Seen298 Hash 30db2fdfdddfb7cc359ce7a36596f3e0 65954b8be7729973ad6f7b2f4b9a6b82c888c191 61b96822da6b66a2bd06a3ac4da20e0328f5dd2e17a6e5428a0e4435ac0a4f06 Loading...

	#92 Eval - 95a68684ad683fe2e9cb464036896d09	541 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 95a68684ad683fe2e9cb464036896d09 8618d2f2d31fd4d056eadcb1d6b2c7da3b8c9518 b59bf21ca16819b414138833b1ab45955c7f4e0c3c0dff27d698af17a3f2db8a Loading...

	#93 Eval - 10f9132e586392a6513eeeb303db630c	2 B	2023-03-07	2023-11-22
Pretty Observations First Seen2023-03-07 16:51:11 Last Seen2023-11-22 17:53:32 Times Seen3 Hash 10f9132e586392a6513eeeb303db630c 48b3f8cdcb1b705653ad2d03a86591a505d38596 a5f5bb0f06efb99aca21bfb3fa34193a0985b4c63e85d150eecea2b514c78019 Loading...

	#94 Eval - 0d80d99d7f209071a284c9ab6d14accf	83 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 23:46:10 Times Seen53584 Hash 0d80d99d7f209071a284c9ab6d14accf c91e7389c28a7b35eeb114484808a20cddb8c20e 0cb21d1de060008bab472c15c63e6f15828de601f85deff00d701d26c0f6819a Loading...

	#95 Eval - 6f1a6eb6c5b11e9478aacbecaa8b5804	130 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 6f1a6eb6c5b11e9478aacbecaa8b5804 fc778f2dae3a2ea2ff86c8616e32981b9223fd62 7fa2c3c7f6a6a8f5b395359b46de7926dd8a282701ec1d9edf46594f507e2d58 Loading...

	#96 Eval - ca4342a628427f415e71d329b80c4a92	248 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash ca4342a628427f415e71d329b80c4a92 a25a593047105bb1cd26e0280ba8c498db705098 1317ebbadcd734e2267c2f47d917670fcb117dfc23854f8355128dd3d125544c Loading...

	#97 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-26 23:06:23 Times Seen2162 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

	#98 Eval - c593db2229b4eb64c93be0c9bc8f823c	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash c593db2229b4eb64c93be0c9bc8f823c 596f55ca28923de373557c9ff124868ea7c02258 763ccde8f7cb9198605980a96df37bae48ced09eac10856d8675525270140292 Loading...

	#99 Eval - bde6a8dd86d2e716426bc2d127e4e009	132 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash bde6a8dd86d2e716426bc2d127e4e009 eb1c12857616775cd9fb740419beff8afb99ad70 a0074f35c3448cb569d61815a5164b933a2334741a39655569534a1a3698524f Loading...

	#100 Eval - e794085617ee4a2811c8c332fff2ce2f	150 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash e794085617ee4a2811c8c332fff2ce2f 2d2b9c3205f2efd02ce6584c2120c05260d1c0cb ce5bcf4f40430ac22e584d721310d287e97943bef0f968d3450c30721d16b311 Loading...

	#101 Eval - 8fa14cdd754f91cc6554c9e71929cce7	1 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 20:12:59 Times Seen9186 Hash 8fa14cdd754f91cc6554c9e71929cce7 4a0a19218e082a343a1b17e5333409af9d98f0f5 252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111 Loading...

	#102 Eval - 5bbfd6e2e9668b4f9b4f693d9aa6e90a	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 5bbfd6e2e9668b4f9b4f693d9aa6e90a 753a0fb9458b4e8a2b3f56e5cc64ef347219c9b7 2fc84f1c3dedf5fc2d8ec2d97041a0b16902ffe023de650c9e257291890fb34c Loading...

	#103 Eval - 858b0f4cd1648110ca7d6cc1bca99382	56 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 858b0f4cd1648110ca7d6cc1bca99382 a5557b7173daa50a072282719a554164b5539e11 382359d2f50d9c89eb6d073a6ed6fa32a24dcab2cdc2023af1cba6bbb1a4d5d8 Loading...

	#104 Eval - c4c81ca3fbb9da95af6c3ae9cf0f684b	456 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash c4c81ca3fbb9da95af6c3ae9cf0f684b 9946b54bccea9235816368c2ba8a2e3d7fe2cd80 e0c8355bc69aa38029c010645ba0adac57f95fc596980eddb430e196b8207d9d Loading...

	#105 Eval - 049f4e50f31f7c3b9fc03b33577227ea	102 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:50 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 049f4e50f31f7c3b9fc03b33577227ea 53b7b2c20ddcc079d0cf7eef250668ea1ff8c7b1 5d8f57fc4131122cae3a133e9a8e57503b57e800a25c15bd6aee3c43f485f8e7 Loading...

	#106 Eval - 960c4f624be27997ad51e4515e217ef2	357 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 960c4f624be27997ad51e4515e217ef2 8ab20c69fe6bf5d87479d59cd2725479d8b0deb8 bd3307b902552a66c95409b5f22c19dbadb63a1761e152895ca4920a200f0388 Loading...

	#107 Eval - 87c69d95a624572b1d842444b47e69f3	2 B	2023-03-08	2023-08-01
Pretty Observations First Seen2023-03-08 07:07:40 Last Seen2023-08-01 01:49:28 Times Seen6 Hash 87c69d95a624572b1d842444b47e69f3 eeb4050514ce69a808426f9995dcba71b8239447 c25bc23dbb74cf75453f841306c0934fb9a5a0eb333aa5e7aea428466a2e5292 Loading...

	#108 Eval - 9a5870206af6a293c07eb563219083fe	57 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:47 Times Seen1 Hash 9a5870206af6a293c07eb563219083fe 906f7a077e50e9480a7dfd69563dbe0338ec587a a92f0529ec091d0abef34b61226c55d2669b8d55161946a61cca66fa1ac53f20 Loading...

	#109 Eval - ce1d5a2480e0f4a2d1c1c7968cc66c13	2 B	2023-03-08	2024-02-21
Pretty Observations First Seen2023-03-08 08:08:46 Last Seen2024-02-21 08:50:00 Times Seen474 Hash ce1d5a2480e0f4a2d1c1c7968cc66c13 5644a3f6d24dcd489c4300bdf0bee118eb558724 7ee0a6aea916330f53642770fe109e59c0d7d6139f0bc702609029b0124cce4c Loading...

	#110 Eval - 6b0fe779b92ca91b6838a783dee75f73	25 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-14 01:49:46 Times Seen1 Hash 6b0fe779b92ca91b6838a783dee75f73 a561657923d0ab6e1a9749d09f95fcdb38a92b15 1566c5788a1c22a30a97bab2de1441941070c0fb4dd3d68cf0bb83b4775ef270 Loading...

	#111 Eval - ceac39d13a5687b7fcd340f95727a2f1	36 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:01:36 Last Seen2023-03-13 16:01:36 Times Seen1 Hash ceac39d13a5687b7fcd340f95727a2f1 8f01dc74956d495c24fe3b6f459d30c6623130aa fac99851f34a5f495a0b08d37b17affe86fc0f6ac51bfe543b149e0bedd8f08a Loading...

	#112 Eval - 24cc3dc813f384fde380df619f1525cb	19 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 23:46:10 Times Seen48881 Hash 24cc3dc813f384fde380df619f1525cb 56399e3ce57ff98d68c7de98a563e572230dff6b 5421715bbdaf2550e31d10fc28d444310a8fe7147bbddecf0abb490358a1553b Loading...

	#113 Eval - de80dced16b6d4413746e2ab75e9922e	2 B	2023-03-08	2024-04-15
Pretty Observations First Seen2023-03-08 00:56:14 Last Seen2024-04-15 13:10:17 Times Seen83 Hash de80dced16b6d4413746e2ab75e9922e 8a6e6f21ec9fe15bd92d0d950073c32098b9f615 87002e329a20288918ab3281e574956499f9e5d96f16fa787b4af2035dbf8acf Loading...

	#114 Eval - 73b8234ee206e3a61f060c951d333442	22 B	2023-03-13	2024-04-13
Pretty Observations First Seen2023-03-13 15:38:51 Last Seen2024-04-13 18:29:57 Times Seen5 Hash 73b8234ee206e3a61f060c951d333442 315e94a005feaa64cd73e47dfaa949b5574ac232 f8c84b5e0e4d1f6ff6cc166ebe7f27ddf29c3c8b8f91d03fa71fbf7106610770 Loading...

		Size	First Seen	Last Seen
	#1 Write - 761668ea4628254b2e456534a78970ad	155 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:01:36 Last Seen2023-03-13 16:01:36 Times Seen1 Hash 761668ea4628254b2e456534a78970ad 5a285fbbc990ea870773e8b19cfbb920e08b15f0 79114d0896eb5827d006a6860b9f2e9b681b344c28e64a0ea8b0646d69519ff2 Loading...

	#2 Write - baacf92787473ba30ca3f9f90013b678	102 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:01:36 Last Seen2023-03-13 16:01:36 Times Seen1 Hash baacf92787473ba30ca3f9f90013b678 f2f5ddac9dc1c94b3cae2e151fea9c2d0fe49c7a bb85370cc950c1142fce7b526744dac2a1fe0e7efb15a1330275aae4d3b9e90c Loading...

	#3 Write - 154a6d204e9bbd271668ed0cd6db1cf1	126 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:01:36 Last Seen2023-03-13 16:01:36 Times Seen1 Hash 154a6d204e9bbd271668ed0cd6db1cf1 0df08357de1274c416242f545c2cc19730b8ce1d 9b50413a2eaa113c838b36e93223e6f40890c58e3fd64089556449aab6c8362a Loading...

	#4 Write - 38632be87cbddf712ad13763315bb2e3	126 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:01:36 Last Seen2023-03-13 16:01:36 Times Seen1 Hash 38632be87cbddf712ad13763315bb2e3 63a06bae1d40b527849b74ba8627ece4890d6758 89870be07945e0ba7f27e05e29cdbeaa92845b8624d5ed00955a4bb2d5f4b839 Loading...

	#5 Write - f315f5f2c187a05af1ace62d5f6aa477	54 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-26 23:15:48 Times Seen3858 Hash f315f5f2c187a05af1ace62d5f6aa477 47d77a2a1665cb6202028ecd89b50920287d9148 166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da Loading...

HTTP Transactions (98)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12248
Expires: Fri, 03 Feb 2023 22:37:29 GMT
Date: Fri, 03 Feb 2023 19:13:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13488
Expires: Fri, 03 Feb 2023 22:58:09 GMT
Date: Fri, 03 Feb 2023 19:13:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4902
Expires: Fri, 03 Feb 2023 20:35:03 GMT
Date: Fri, 03 Feb 2023 19:13:21 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 18:43:35 GMT
content-type: application/json
age: 1786
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Y/uhgyxLLgBmKc8g6cppjFeXFxFfVpTp1wdUrO/97VHQUw7adA3roG4uHQyjvgCRllCEwTfA+70=
x-amz-request-id: BC5XV6WASYJZ311R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 18:52:31 GMT
age: 1250
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:13:21 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html

136.243.28.94

302 Found

274 B

URL HTTP/1.1
www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
274 B (274 bytes)
Hash
118ce7d947f310be60119b4a20b72043
669d52e5cf999f07fad3bcf597e599301fd46bb2
8018d6cc8b415b33c5fb4416bc0508c0774cc328042c50d84099de765aaaa879

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.tc domain

HTTP Headers

GET /server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Fri, 03 Feb 2023 19:13:21 GMT
Server: Apache
Location: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Content-Length: 274
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 18:49:06 GMT
age: 1455
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11972
Expires: Fri, 03 Feb 2023 22:32:54 GMT
Date: Fri, 03 Feb 2023 19:13:22 GMT
Connection: keep-alive

push.services.mozilla.com/

52.26.115.190

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.26.115.190:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 78uQF9wN2A3SqMkJTzyc0A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JDSFPU8yq3nQ7Gk17DuHAgMu+Uk=

www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html

136.243.28.94

200 OK

5.3 kB

URL HTTP/1.1
www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text
Size
5.3 kB (5336 bytes)
Hash
46a29b4b90c03cd973bd5ed7c40e5ffb
0d8bdc19b4cc1d0bc1b5ac6e9ebfb7e5f43c3930
ac70fccf9ff4492e0fd2ad8dd77618c545fc3053ed628a78b82ddcd288b9bce8

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.tc domain

HTTP Headers

GET /server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-9

www.dosya.tc/style/style.css

136.243.28.94

200 OK

2.0 kB

URL HTTP/1.1
www.dosya.tc/style/style.css
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
assembler source, ASCII text
Size
2.0 kB (2005 bytes)
Hash
ac278d5531b52b2d9cc32edf71749d43
5685f1c07b37853ce04e029c1e6c3b64f5d2baae
9b3f0f81ca9ca1c387b9940500e893aa22e23751225254fd73367736ec7e3389

HTTP Headers

GET /style/style.css HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Last-Modified: Fri, 07 Jun 2019 21:04:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2005
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.dosya.tc/style/bootstrap.css

136.243.28.94

200 OK

21 kB

URL HTTP/1.1
www.dosya.tc/style/bootstrap.css
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (540)
Size
21 kB (20804 bytes)
Hash
31be671a9cab0b21b4d5879fbfa1c100
115f1f29dacf8dddf74371971b28840fd10b9661
802acd624acac101802644608abc8f5708c664405b97715e7f34649f0bc4f5df

HTTP Headers

GET /style/bootstrap.css HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Last-Modified: Thu, 30 May 2019 23:25:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20804
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.dosya.tc/images/footer-icon2.png

136.243.28.94

200 OK

850 B

URL HTTP/1.1
www.dosya.tc/images/footer-icon2.png
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
850 B (850 bytes)
Hash
51a472b4a51ea9245ee6f4386f07818f
a19e86c411dc6da3592d1f90e89ddf68df1fee3c
eea1befd43d3dc930a0eb0335c56ed8bc7e14aa1ee3e6c546cd21c1826362750

HTTP Headers

GET /images/footer-icon2.png HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:47 GMT
Accept-Ranges: bytes
Content-Length: 850
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

www.dosya.tc/images/footer-icon3.png

136.243.28.94

200 OK

1.7 kB

URL HTTP/1.1
www.dosya.tc/images/footer-icon3.png
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1702 bytes)
Hash
3a61d85a6bb0a45429b1e4b7d945aa95
6fcdf44c20d1ed269303583e16a98e245fa7b69b
c84a015988434d7fa0c884f5590de727799abacb9c4a4ad6b4cadea4b97ea732

HTTP Headers

GET /images/footer-icon3.png HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:47 GMT
Accept-Ranges: bytes
Content-Length: 1702
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

www.dosya.tc/images/uye-girisi.png

136.243.28.94

200 OK

3.0 kB

URL HTTP/1.1
www.dosya.tc/images/uye-girisi.png
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 140 x 51, 8-bit/color RGB, non-interlaced\012- data
Size
3.0 kB (2979 bytes)
Hash
6925e8f5c208aae4dd55cadd1340f180
a03365e7fb59c9588b3b7963e18c0b3e5d4cb369
6bfa03e8b7d8249e9927cafe801657559f7b7064248bb970b55fb4b689611f2d

HTTP Headers

GET /images/uye-girisi.png HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:56 GMT
Accept-Ranges: bytes
Content-Length: 2979
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

www.dosya.tc/images/logo.png

136.243.28.94

200 OK

7.2 kB

URL HTTP/1.1
www.dosya.tc/images/logo.png
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 191 x 53, 8-bit/color RGB, non-interlaced\012- data
Size
7.2 kB (7157 bytes)
Hash
2a193802d40b18cd55b0d159571bf63c
1a4e4bdf88317471241d9e5ee29d9572be3f37e3
77eba513db8685e5a4b7633684b1d6b175bf8272ccfff3c6a1c0735d37d1d57a

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:54 GMT
Accept-Ranges: bytes
Content-Length: 7157
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
53cc85a7ef2b236fe663c172f34a59dd
b312fe14aab83532105d73f0110ef6a63c0788d0
de8f1c4b0eb0e45d0e7c3cfc9b9c0113b649d697ff326c5ad1c0da6b1df651bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE8F1C4B0EB0E45D0E7C3CFC9B9C0113B649D697FF326C5AD1C0DA6B1DF651BB"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10735
Expires: Fri, 03 Feb 2023 22:12:17 GMT
Date: Fri, 03 Feb 2023 19:13:22 GMT
Connection: keep-alive

www.dosya.tc/images/download-img.png

136.243.28.94

200 OK

6.8 kB

URL HTTP/1.1
www.dosya.tc/images/download-img.png
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 313 x 117, 8-bit/color RGB, non-interlaced\012- data
Size
6.8 kB (6819 bytes)
Hash
1edfa391c712325a169fa384adbfbfa7
4ae0807157e873cf80df3a3b0f8b2b67a098b0de
e7cfbf6b7de5e77de00e7376302839e106d3f0ab89637d2af07eb74b86ef4d4f

HTTP Headers

GET /images/download-img.png HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:46 GMT
Accept-Ranges: bytes
Content-Length: 6819
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

www.dosya.tc/images/menu-ayrac.png

136.243.28.94

200 OK

125 B

URL HTTP/1.1
www.dosya.tc/images/menu-ayrac.png
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 2 x 52, 8-bit/color RGB, non-interlaced\012- data
Size
125 B (125 bytes)
Hash
35a0591c63feeb75e3e547e894ff6e2d
7dd00c2e8d4e9203b71d3fcb9a660e717b8dca7c
9700fc9abb23b0fa04c070487f5aebdcec2cbb22f10788ab7898032abe3fcced

HTTP Headers

GET /images/menu-ayrac.png HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/style/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:55 GMT
Accept-Ranges: bytes
Content-Length: 125
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

www.dosya.tc/images/footer-icon1.png

136.243.28.94

200 OK

582 B

URL HTTP/1.1
www.dosya.tc/images/footer-icon1.png
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
582 B (582 bytes)
Hash
e62d200d08f565563cc9b713729bbaa6
3a130f79117f2aaa91154eb56a22b47de8c06a50
101d88dc759a5588d5c064fe233b6b19c565966a527a03eb9cdc29c733b8d4c3

HTTP Headers

GET /images/footer-icon1.png HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:47 GMT
Accept-Ranges: bytes
Content-Length: 582
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

phicmune.net/zone?pub=0&zone_id=5030740&is_mobile=false&domain=www.dosya.tc&var=&ymid=&var_3=

139.45.197.251

200 OK

755 B

URL HTTP/2
phicmune.net/zone?pub=0&zone_id=5030740&is_mobile=false&domain=www.dosya.tc&var=&ymid=&var_3=
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (754)
Size
755 B (755 bytes)
Hash
f993df9f39d5e03ad963043dbff24a2f
b6e35776ecab36b0c7703d4abb0f9a0a48093359
485a8e787a79a059f71a4cc2f2fe9e6dbdc7530c6e7cb597de0c0f9a0bcc42ae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=5030740&is_mobile=false&domain=www.dosya.tc&var=&ymid=&var_3= HTTP/1.1
Host: phicmune.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Origin: https://www.dosya.tc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:13:22 GMT
content-type: application/json; charset=utf-8
content-length: 755
x-trace-id: 2552d53589a13fbab6f5b989508c90fa
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.dosya.tc/images/background.webp

136.243.28.94

200 OK

113 kB

URL HTTP/1.1
www.dosya.tc/images/background.webp
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1050, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
113 kB (112776 bytes)
Hash
2b08bddebb64127b30bc913f73cdab61
f8911fd91f0302e88e7fe6e089ba20af32269b79
0804b26a6993fc6ee8e977f77aa9ce5ddf9c4fe69773b296cc292ee7b2a5ac1b

HTTP Headers

GET /images/background.webp HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/style/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:22 GMT
Server: Apache
Last-Modified: Fri, 07 Jun 2019 21:04:40 GMT
Accept-Ranges: bytes
Content-Length: 112776
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp

www.dosya.tc/favicon-16x16.png

136.243.28.94

200 OK

1.6 kB

URL HTTP/1.1
www.dosya.tc/favicon-16x16.png
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.6 kB (1594 bytes)
Hash
05c5d89a72c5dc5e863e151cc5fa9b68
df5a0242031f54494fe0bf1b2d7290cd5e864a15
cd6cef0b6624ec979018be137e45b606f36c018b2d64cfe7e3d39815c0936a46

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:23 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 22:06:40 GMT
Accept-Ranges: bytes
Content-Length: 1594
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

www.dosya.tc/apple-touch-icon.png

136.243.28.94

200 OK

6.6 kB

URL HTTP/1.1
www.dosya.tc/apple-touch-icon.png
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
6.6 kB (6556 bytes)
Hash
bfd9b50e03f63b25c253a5d6fa5c5ef4
b4c68746da8a1da96b57d37990bfbfb0f716c14b
ca0f27136956761254299ac92d78aecca2c21841760c56904d894eb13ea0237f

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:23 GMT
Server: Apache
Last-Modified: Fri, 07 Jun 2019 16:58:22 GMT
Accept-Ranges: bytes
Content-Length: 6556
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 17:45:20 GMT
expires: Fri, 03 Feb 2023 19:45:20 GMT
cache-control: public, max-age=7200
age: 5283
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9775275426073837

142.250.74.66

200 OK

50 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9775275426073837
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4879)
Size
50 kB (49879 bytes)
Hash
df1dd155b012b7e6507ff85c42ab268a
c1f01a2e3ce23025a77671429e999b8c10b153e2
6c90e8c6a3c935b5c9123c26f054334613d66b6e29b08da6b48fa2fab304ee06

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-9775275426073837 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dosya.tc
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 03 Feb 2023 19:13:23 GMT
expires: Fri, 03 Feb 2023 19:13:23 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17809813510304359577
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49879
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j99&a=1055498030&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ul=en-us&de=windows-1254&dt=Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar%20dosyas%C4%B1n%C4%B1%20indir%20-%20download&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=2119963379&gjid=677753596&cid=664779681.1675451635&tid=UA-60205436-1&_gid=1152273862.1675451635&_r=1&_slc=1&z=1430875784

142.250.74.14

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1055498030&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ul=en-us&de=windows-1254&dt=Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar%20dosyas%C4%B1n%C4%B1%20indir%20-%20download&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=2119963379&gjid=677753596&cid=664779681.1675451635&tid=UA-60205436-1&_gid=1152273862.1675451635&_r=1&_slc=1&z=1430875784
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j99&a=1055498030&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dosya.tc%2Fserver37%2F19gn8v%2FFar_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html&ul=en-us&de=windows-1254&dt=Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar%20dosyas%C4%B1n%C4%B1%20indir%20-%20download&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=2119963379&gjid=677753596&cid=664779681.1675451635&tid=UA-60205436-1&_gid=1152273862.1675451635&_r=1&_slc=1&z=1430875784 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.dosya.tc
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.dosya.tc
date: Fri, 03 Feb 2023 19:13:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

phicmune.net/custom

139.45.197.251

200 OK

0 B

URL HTTP/2
phicmune.net/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: phicmune.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.dosya.tc/
Origin: https://www.dosya.tc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:13:23 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

www.dosya.tc/sw.js

136.243.28.94

200 OK

2.4 kB

URL HTTP/1.1
www.dosya.tc/sw.js
IP
136.243.28.94:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (5235)
Size
2.4 kB (2381 bytes)
Hash
1d6c1729cc0355d80de21444da3b79de
b4f29f327d3fadf1b15383b782470437cc51ba8d
bb27c7c719c8137e74182cf656b46a985ac5ccc2fbc4f7fe93535193f6725b2b

HTTP Headers

GET /sw.js HTTP/1.1
Host: www.dosya.tc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce_yama__Torrentoyunindir.com_.rar.html
Connection: keep-alive
Cookie: _ga=GA1.2.664779681.1675451635; _gid=GA1.2.1152273862.1675451635; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 19:13:23 GMT
Server: Apache
Last-Modified: Mon, 18 Apr 2022 10:12:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2381
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

phicmune.net/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
phicmune.net/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: phicmune.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Content-Type: application/json
Origin: https://www.dosya.tc
Content-Length: 430
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:13:23 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2b3b22d8c4497dfae1343ecafe2f832b
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
126fe6d82aa9e9cc84bbfd5c5aa400e9
66ab0fe08d072f686889db8e26f8323b5f90c475
795ad81d8bfd6e2e8ebec70ee0e23d22108d23d9019070c33f5f2095ea6e38cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "795AD81D8BFD6E2E8EBEC70EE0E23D22108D23D9019070C33F5F2095EA6E38CD"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16922
Expires: Fri, 03 Feb 2023 23:55:25 GMT
Date: Fri, 03 Feb 2023 19:13:23 GMT
Connection: keep-alive

googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html

142.250.74.98

200 OK

4.2 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Size
4.2 kB (4242 bytes)
Hash
2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345

HTTP Headers

GET /pagead/html/r20230201/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Fri, 03 Feb 2023 15:45:14 GMT
expires: Fri, 17 Feb 2023 15:45:14 GMT
cache-control: public, max-age=1209600
age: 12489
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-60205436-1&cid=664779681.1675451635&jid=2119963379&gjid=677753596&_gid=1152273862.1675451635&_u=IEBAAEAAAAAAACAAI~&z=537799969

64.233.165.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-60205436-1&cid=664779681.1675451635&jid=2119963379&gjid=677753596&_gid=1152273862.1675451635&_u=IEBAAEAAAAAAACAAI~&z=537799969
IP
64.233.165.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-60205436-1&cid=664779681.1675451635&jid=2119963379&gjid=677753596&_gid=1152273862.1675451635&_u=IEBAAEAAAAAAACAAI~&z=537799969 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.dosya.tc
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.dosya.tc
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 19:13:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
05295a6ef6a1e08350820742ca84d4cd
829cfdfb5f40a5cf0a9b80d787d46652df0ffdec
2864347c8cafc993e298b6c80a7e34b0c49710b9e8e35af6815ef685d4efdaf2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2864347C8CAFC993E298B6C80A7E34B0C49710B9E8E35AF6815EF685D4EFDAF2"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9569
Expires: Fri, 03 Feb 2023 21:52:52 GMT
Date: Fri, 03 Feb 2023 19:13:23 GMT
Connection: keep-alive

my.rtmark.net/gid.js?userId=f9a96879edb84bd3aedf06dd16421467

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=f9a96879edb84bd3aedf06dd16421467
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
649bbcb38341045e5b2d1b481bdd5bfe
7d7a61c882aede8bb56eeb6d4ad0809ca226d8d1
6b32209ae8ef0e53459e5cba10a9a120d7a84661317aaffebdcb18ed1bb6380e

HTTP Headers

GET /gid.js?userId=f9a96879edb84bd3aedf06dd16421467 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dosya.tc
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:13:23 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.dosya.tc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f9a96879edb84bd3aedf06dd16421467; expires=Sat, 03 Feb 2024 19:13:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/adsid/integrator.js?domain=www.dosya.tc

142.250.74.130

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=www.dosya.tc
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=www.dosya.tc HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 03 Feb 2023 19:13:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

adservice.google.com/adsid/integrator.js?domain=www.dosya.tc

142.250.74.98

200 OK

100 B

URL HTTP/2
adservice.google.com/adsid/integrator.js?domain=www.dosya.tc
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=www.dosya.tc HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 03 Feb 2023 19:13:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ead5df3e30e38bb1a739ababb3292302
b5986cff7222999bf19e360ced4a445a2202c82c
768a8260af372a1ca06f826c3a3f84b6bc4523130134b32998baf75b64d7de4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=www.dosya.tc&callback=_gfp_s_&client=ca-pub-9775275426073837

142.250.74.34

200 OK

247 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=www.dosya.tc&callback=_gfp_s_&client=ca-pub-9775275426073837
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (383), with no line terminators
Size
247 B (247 bytes)
Hash
16154c9f0047d300d37694123b6d6e9d
4e33037e86c9936b7b330910e3ffcd42dd964cf9
4a6967adfff1aa99ccb9cf94a2da2afd77e53e527ed86b3c3b7b4234b602680c

HTTP Headers

GET /gampad/cookie.js?domain=www.dosya.tc&callback=_gfp_s_&client=ca-pub-9775275426073837 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 03 Feb 2023 19:13:23 GMT
server: cafe
cache-control: private
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9610
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 19:13:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9610
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 19:13:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9610
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 19:13:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9610
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 19:13:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14071 bytes)
Hash
9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aTs6L8dJENFRdtBn7ggAbY5yaYRAzSY2B0bmElV4YNPrJg-KRDAyNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 77187
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 67699
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 51602
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ead5df3e30e38bb1a739ababb3292302
b5986cff7222999bf19e360ced4a445a2202c82c
768a8260af372a1ca06f826c3a3f84b6bc4523130134b32998baf75b64d7de4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5641 bytes)
Hash
d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 74673
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10971 bytes)
Hash
24261df857fd20898ed41615ff44efd2
5ebaae7786e95f6daf7e837ce741f96611a64335
b947696fced12e35736691fb27c5cc4ddb28e4b4781cfbb69b8b4011b84aca5b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10971
x-amzn-requestid: 87d6a618-4ddf-4e40-aaeb-f6e38c274c23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feH0jHisoAMFgpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58683-2de413f446505ec44ab2a390;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:33:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSK5RmNEDZxTn_J6zk6eGwhUexiPYxHRnvs7h0DtRM-fXMJ1QsmtHw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 09:43:13 GMT
age: 34210
etag: "5ebaae7786e95f6daf7e837ce741f96611a64335"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8211 bytes)
Hash
114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZZXEXszbtmGh7kLfhabCGd41rZRnSmQvdcySUQRTDtJRBqZVUK3LaQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 07:19:27 GMT
age: 42836
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
832775a408c718892e82db29cfd714ee
4b05adbde482a9d0e8290326273c8cc52b051123
2e24e9ddbdb9326d57ee324b8b8280d7fb51266af3109226a95f866149090062

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
832775a408c718892e82db29cfd714ee
4b05adbde482a9d0e8290326273c8cc52b051123
2e24e9ddbdb9326d57ee324b8b8280d7fb51266af3109226a95f866149090062

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

172.217.21.161

200 OK

7.6 kB

URL HTTP/2
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1605)
Size
7.6 kB (7647 bytes)
Hash
aeaebc4fec11dcafa566897f3b2aa937
7b4507c8793c1ce833dccaeb7dbc956c1fd06668
c23b4a16d9468c0018f502492594408fc809fc0fe003aed2f1145ba3dca87bae

HTTP Headers

GET /pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:43:53 GMT
expires: Thu, 16 Feb 2023 21:43:53 GMT
cache-control: public, max-age=1209600
age: 77371
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

172.217.21.161

200 OK

9.0 kB

URL HTTP/2
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1672)
Size
9.0 kB (8993 bytes)
Hash
9aa683d616d8b2d10fe0100d761df816
60f84308b40072edcc24b6fd54c68247786001aa
2e8549a4bc0e1f4a4eda2637f239105e780b2ae2879c9a241b1ffe7130386e0a

HTTP Headers

GET /pagead/js/r20230201/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8993
x-xss-protection: 0
date: Thu, 02 Feb 2023 19:49:13 GMT
expires: Thu, 16 Feb 2023 19:49:13 GMT
cache-control: public, max-age=1209600
age: 84251
etag: 12355142264901698679
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/interstitial_ad_frame_fy2021.js

172.217.21.161

200 OK

8.4 kB

URL HTTP/2
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/interstitial_ad_frame_fy2021.js
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2256)
Size
8.4 kB (8365 bytes)
Hash
d15f0121eaec6db2344acf60f8ba8c87
feefcd6dcf50962e28541be2212738b5de5917bd
1692cd9e5ce0190ceb94ef54b43296a4bdb45b7e542299879a1a3619af38aa28

HTTP Headers

GET /pagead/js/r20230201/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8365
x-xss-protection: 0
date: Thu, 02 Feb 2023 20:15:05 GMT
expires: Thu, 16 Feb 2023 20:15:05 GMT
cache-control: public, max-age=1209600
age: 82699
etag: 8727046649480766555
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

142.250.74.74

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1346 bytes)
Hash
6cb94b735892d629822e9d7cc12815ac
d01f9dae36b69d2c937617217832facbfe46d308
ebd4bfb12ec60ab3533899141b439af878ae4a6b4afa59a0d2af9bc6686c5540

HTTP Headers

GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 19:13:24 GMT
date: Fri, 03 Feb 2023 19:13:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

216.58.211.3

200 OK

14 kB

URL HTTP/2
www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
C++ source, ASCII text, with very long lines (1688)
Size
14 kB (14079 bytes)
Hash
3582c692298538eabf17eebd7434e582
587a6222383df174947008131dcccc13efbd3dba
ac83b4d1ea4abd201377d450290a7cc306499837a4b6ff1cd2b0f8d275baaa82

HTTP Headers

GET /mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 14:04:08 GMT
expires: Tue, 02 May 2023 14:04:08 GMT
cache-control: public, max-age=7776000
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
content-type: text/javascript
age: 191356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

216.58.211.3

200 OK

604 B

URL HTTP/2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
604 B (604 bytes)
Hash
7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

HTTP Headers

GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 13:30:57 GMT
expires: Thu, 01 Feb 2024 13:30:57 GMT
cache-control: public, max-age=31536000
age: 193347
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

216.58.211.3

200 OK

205 B

URL HTTP/2
www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
205 B (205 bytes)
Hash
4087858e2c9db9aa8f6a840aedcfb533
d1ffe861da6bd0e95fd1a365b0c3d3ceb6cd58a3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

HTTP Headers

GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 09:38:52 GMT
expires: Sat, 03 Feb 2024 09:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 34472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 346843
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/drt/ui

142.250.74.164

302 Found

0 B

URL HTTP/2
www.google.com/pagead/drt/ui
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 19:13:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/pagead/drt/ui

142.250.74.164

302 Found

0 B

URL HTTP/2
www.google.com/pagead/drt/ui
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 19:13:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.doubleclick.net/dynamic/5/396077578/14844727076690591887_5541704954540447619.png

142.250.74.166

200 OK

33 kB

URL HTTP/2
static.doubleclick.net/dynamic/5/396077578/14844727076690591887_5541704954540447619.png
IP
142.250.74.166:0
ASN
#15169 GOOGLE

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
33 kB (32590 bytes)
Hash
f6476070a994a12dcb22185d01a2ca16
be850ea674d0fbc01f27418613a94e19384ea0bb
ee5fef75aedbe7910904e0ad49588292f12c5b9f8a2207446b088a23082560aa

HTTP Headers

GET /dynamic/5/396077578/14844727076690591887_5541704954540447619.png HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 32590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 19:09:02 GMT
expires: Sun, 28 Jan 2024 19:09:02 GMT
cache-control: public, max-age=31536000
age: 518663
last-modified: Sun, 18 Sep 2022 19:23:57 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.doubleclick.net/dynamic/5/396077578/11601769098915092867_8507514706627327658.png

142.250.74.166

200 OK

9.0 kB

URL HTTP/2
static.doubleclick.net/dynamic/5/396077578/11601769098915092867_8507514706627327658.png
IP
142.250.74.166:0
ASN
#15169 GOOGLE

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
9.0 kB (8997 bytes)
Hash
cdd653404d8289c114e7c946301e0df7
c2011cfb91f3a832532615458c0f36d353d8a153
6b277fa13ac68561b8074224ce5f07cdf565e2c1c07aacdbbaf625184e815cd3

HTTP Headers

GET /dynamic/5/396077578/11601769098915092867_8507514706627327658.png HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 8997
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:42:14 GMT
expires: Fri, 02 Feb 2024 18:42:14 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 18 Sep 2022 19:24:11 GMT
content-type: image/png
age: 88271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.doubleclick.net/dynamic/5/396077578/417777700735704502_8695563961451305315.png

142.250.74.166

200 OK

213 kB

URL HTTP/2
static.doubleclick.net/dynamic/5/396077578/417777700735704502_8695563961451305315.png
IP
142.250.74.166:0
ASN
#15169 GOOGLE

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced\012- data
Size
213 kB (213383 bytes)
Hash
facd035d746079fc8b8101d9e893b8d2
11d6e12a76d9d4b6a18f77a8061c5eaee1a5957e
b35a96850a9f96841931e899cb0a6fadd8c163c39627ad53fc4f42fa979ef82f

HTTP Headers

GET /dynamic/5/396077578/417777700735704502_8695563961451305315.png HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 213383
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 03:31:29 GMT
expires: Sat, 03 Feb 2024 03:31:29 GMT
cache-control: public, max-age=31536000
age: 56516
last-modified: Sun, 18 Sep 2022 19:24:21 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.doubleclick.net/dynamic/5/396077578/5932773406843216403_11778311371345852840.png

142.250.74.166

200 OK

57 kB

URL HTTP/2
static.doubleclick.net/dynamic/5/396077578/5932773406843216403_11778311371345852840.png
IP
142.250.74.166:0
ASN
#15169 GOOGLE

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
57 kB (57265 bytes)
Hash
2af7c5fd3e72989a6cf6e247dc537e26
cfa1f7ae4a9d4ece008f91e892d5c73a063eaf5c
74998023a25f4efd966b4e8337bdaf6b4e8d8f28ec42b4d938b4e4dc2b57286f

HTTP Headers

GET /dynamic/5/396077578/5932773406843216403_11778311371345852840.png HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 57265
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 03:33:31 GMT
expires: Sat, 03 Feb 2024 03:33:31 GMT
cache-control: public, max-age=31536000
age: 56394
last-modified: Sun, 18 Sep 2022 19:23:53 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 19:13:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

phicmune.net/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
phicmune.net/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: phicmune.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Content-Type: application/json
Origin: https://www.dosya.tc
Content-Length: 799
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:13:25 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 713953056ac9e7a77631898d2115287a
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env

142.250.74.66

200 OK

11 kB

URL HTTP/2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (14534), with no line terminators
Size
11 kB (10970 bytes)
Hash
9f1785ad17e1a8f6532383325fa7f0f3
1265692e64db17ce55f9870ed40b55621194628f
8f036d8751bc03907fae02ccb3b3763972a023b2a64787a8c56e23d083e84942

HTTP Headers

GET /getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dosya.tc
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Fri, 03 Feb 2023 19:13:25 GMT
server: cafe
content-length: 10970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttE3vtx6quWzxU_CneXF_zxU6wkCwBN9XY126FADsI-hNWWrEByCnQUuX14-OtioHzd99JSaEzP81XHzDeY-o05aptx5C6WKjSPbu7lbO3iPAVFlcAQmwEse4vmPYYWdRk0qvFuA&sai=AMfl-YSYHOJDoKeP5YSeVkooq7O80VYaUqQp106h0ppallF9chmtJfILWVmzUuda7hjEzBimM5TZsrMat0z_&sig=Cg0ArKJSzGtWJH0igTp6EAE&cid=CAQSGwDUE5ymAVpMQNCcB_gxN8iCeIqwK6GrdfbgvRgB&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1675451636364&rpt=546&met=mue&wmsd=0&pbe=0&vae=0&spb=0

142.250.74.66

200 OK

42 B

URL HTTP/2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttE3vtx6quWzxU_CneXF_zxU6wkCwBN9XY126FADsI-hNWWrEByCnQUuX14-OtioHzd99JSaEzP81XHzDeY-o05aptx5C6WKjSPbu7lbO3iPAVFlcAQmwEse4vmPYYWdRk0qvFuA&sai=AMfl-YSYHOJDoKeP5YSeVkooq7O80VYaUqQp106h0ppallF9chmtJfILWVmzUuda7hjEzBimM5TZsrMat0z_&sig=Cg0ArKJSzGtWJH0igTp6EAE&cid=CAQSGwDUE5ymAVpMQNCcB_gxN8iCeIqwK6GrdfbgvRgB&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1675451636364&rpt=546&met=mue&wmsd=0&pbe=0&vae=0&spb=0
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pcs/activeview?xai=AKAOjsttE3vtx6quWzxU_CneXF_zxU6wkCwBN9XY126FADsI-hNWWrEByCnQUuX14-OtioHzd99JSaEzP81XHzDeY-o05aptx5C6WKjSPbu7lbO3iPAVFlcAQmwEse4vmPYYWdRk0qvFuA&sai=AMfl-YSYHOJDoKeP5YSeVkooq7O80VYaUqQp106h0ppallF9chmtJfILWVmzUuda7hjEzBimM5TZsrMat0z_&sig=Cg0ArKJSzGtWJH0igTp6EAE&cid=CAQSGwDUE5ymAVpMQNCcB_gxN8iCeIqwK6GrdfbgvRgB&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1675451636364&rpt=546&met=mue&wmsd=0&pbe=0&vae=0&spb=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Fri, 03 Feb 2023 19:13:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbDoVbNVmqa0jA52aahjvVC6hphCRkjJVnSoElAKKvSlraY29NbtFkeKr7kxXEtWut83B_bMX-6kFkYmwys4-m90t9G8HqUx6_AOFcPRz_0jjmoaOqG8gIPWdd5GZpysUClNgo6A&sai=AMfl-YR3z0Yvpb64pXfOd44VLZoFMtpsjHgledbhu435EXKtWQxD8Ov_RJviEe2SbNIIAIlgAe4tzdywvVgh&sig=Cg0ArKJSzDqyxVzdfgKREAE&cid=CAQSGwDUE5ymAVpMQNCcB_gxN8iCeIqwK6GrdfbgvRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1675451636367&rpt=561&met=mue&wmsd=0&pbe=0&vae=0&spb=0

142.250.74.66

200 OK

42 B

URL HTTP/2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbDoVbNVmqa0jA52aahjvVC6hphCRkjJVnSoElAKKvSlraY29NbtFkeKr7kxXEtWut83B_bMX-6kFkYmwys4-m90t9G8HqUx6_AOFcPRz_0jjmoaOqG8gIPWdd5GZpysUClNgo6A&sai=AMfl-YR3z0Yvpb64pXfOd44VLZoFMtpsjHgledbhu435EXKtWQxD8Ov_RJviEe2SbNIIAIlgAe4tzdywvVgh&sig=Cg0ArKJSzDqyxVzdfgKREAE&cid=CAQSGwDUE5ymAVpMQNCcB_gxN8iCeIqwK6GrdfbgvRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1675451636367&rpt=561&met=mue&wmsd=0&pbe=0&vae=0&spb=0
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pcs/activeview?xai=AKAOjsvbDoVbNVmqa0jA52aahjvVC6hphCRkjJVnSoElAKKvSlraY29NbtFkeKr7kxXEtWut83B_bMX-6kFkYmwys4-m90t9G8HqUx6_AOFcPRz_0jjmoaOqG8gIPWdd5GZpysUClNgo6A&sai=AMfl-YR3z0Yvpb64pXfOd44VLZoFMtpsjHgledbhu435EXKtWQxD8Ov_RJviEe2SbNIIAIlgAe4tzdywvVgh&sig=Cg0ArKJSzDqyxVzdfgKREAE&cid=CAQSGwDUE5ymAVpMQNCcB_gxN8iCeIqwK6GrdfbgvRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1675451636367&rpt=561&met=mue&wmsd=0&pbe=0&vae=0&spb=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Fri, 03 Feb 2023 19:13:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstLNuPUCCKoXalvvEpRJ0v7aqVIs7U7dDDXxtTTtc9uyEQOXpTkc0W0gSr8uFH-aiveN9iSAZ8PTpBXMqtQtzfcmR8bRlbi07AnEYKiylT2h8769twGukd1vhHDwdHRtL4HcdZew&sai=AMfl-YT7KzNtG3TU3hn4yqjwaL5EjxDNOsen5BljHVm6-Pjp7cA9ieKycnuZYqvQYdOCyzc3kz4p3EBVCxvY&sig=Cg0ArKJSzBT-VbyHfzYbEAE&cid=CAQSGwDUE5ymImlucxip-dIoKrnvh9NsCokgCwt1-hgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3870207184&rs=2&la=0&cr=0&vs=4&r=v&rst=1675451635804&rpt=1506&met=mue&wmsd=0&pbe=0&vae=0&spb=0

142.250.74.66

200 OK

42 B

URL HTTP/2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstLNuPUCCKoXalvvEpRJ0v7aqVIs7U7dDDXxtTTtc9uyEQOXpTkc0W0gSr8uFH-aiveN9iSAZ8PTpBXMqtQtzfcmR8bRlbi07AnEYKiylT2h8769twGukd1vhHDwdHRtL4HcdZew&sai=AMfl-YT7KzNtG3TU3hn4yqjwaL5EjxDNOsen5BljHVm6-Pjp7cA9ieKycnuZYqvQYdOCyzc3kz4p3EBVCxvY&sig=Cg0ArKJSzBT-VbyHfzYbEAE&cid=CAQSGwDUE5ymImlucxip-dIoKrnvh9NsCokgCwt1-hgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3870207184&rs=2&la=0&cr=0&vs=4&r=v&rst=1675451635804&rpt=1506&met=mue&wmsd=0&pbe=0&vae=0&spb=0
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pcs/activeview?xai=AKAOjsstLNuPUCCKoXalvvEpRJ0v7aqVIs7U7dDDXxtTTtc9uyEQOXpTkc0W0gSr8uFH-aiveN9iSAZ8PTpBXMqtQtzfcmR8bRlbi07AnEYKiylT2h8769twGukd1vhHDwdHRtL4HcdZew&sai=AMfl-YT7KzNtG3TU3hn4yqjwaL5EjxDNOsen5BljHVm6-Pjp7cA9ieKycnuZYqvQYdOCyzc3kz4p3EBVCxvY&sig=Cg0ArKJSzBT-VbyHfzYbEAE&cid=CAQSGwDUE5ymImlucxip-dIoKrnvh9NsCokgCwt1-hgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3870207184&rs=2&la=0&cr=0&vs=4&r=v&rst=1675451635804&rpt=1506&met=mue&wmsd=0&pbe=0&vae=0&spb=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Fri, 03 Feb 2023 19:13:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10166 bytes)
Hash
2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 74737
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

phicmune.net/pfe/current/universal.min.js?v=3.1.415

139.45.197.251

200 OK

0 B

URL HTTP/2
phicmune.net/pfe/current/universal.min.js?v=3.1.415
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.415 HTTP/1.1
Host: phicmune.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Origin: https://www.dosya.tc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:13:22 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-18c6c"
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

phicmune.net/pfe/current/tag.min.js?z=5030740

139.45.197.251

200 OK

0 B

URL HTTP/2
phicmune.net/pfe/current/tag.min.js?z=5030740
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/tag.min.js?z=5030740 HTTP/1.1
Host: phicmune.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:13:22 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.itskiddien.club/apu.php?zoneid=5426561

139.45.197.236

200 OK

0 B

URL HTTP/2
cdn.itskiddien.club/apu.php?zoneid=5426561
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apu.php?zoneid=5426561 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 19:13:23 GMT
content-type: application/javascript
x-trace-id: 7af1865c19d837f3fdc4557793583c91
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f9a96879edb84bd3aedf06dd16421467; expires=Sat, 03 Feb 2024 19:13:23 GMT; path=/; secure; SameSite=None
oaidts=1675451603; expires=Sat, 03 Feb 2024 19:13:23 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 19:13:24 GMT
date: Fri, 03 Feb 2023 19:13:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 19:13:24 GMT
date: Fri, 03 Feb 2023 19:13:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (185)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML