Report - www.loadiflly.com/2024/04/e456rikrthje.html

Report Overview

Submitted URL
www.loadiflly.com/2024/04/e456rikrthje.html
IP
142.250.74.179
ASN
#15169 GOOGLE
Submitted
2024-05-04 16:40:12
Access
public
Website Title
Magnet Torrent - [KS] The Sims 4 - Full Edition v1.106.zip - Loadifly
Final URL
www.loadiflly.com/2024/04/e456rikrthje.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-04	433 B	35 kB	142.250.74.138
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	1.6 kB	67 kB	216.58.207.227
pl17349874.profitablecpmgate.com	unknown	2022-05-30	2022-06-11	2022-09-24	453 B	31 kB	192.243.59.20
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-05-03	418 B	329 B	172.240.253.132
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	1.9 kB	40 kB	142.250.74.106
conceivedtowards.com	unknown	2024-04-29	2024-04-30	2024-05-02	488 B	467 B	192.243.59.12
resources.blogblog.com	13274	2000-09-15	2017-01-30	2024-05-03	917 B	2.3 kB	142.250.74.73
www.loadiflly.com	unknown	2022-06-01	2022-06-01	2023-12-26	1.5 kB	28 kB	142.250.74.179
www.blogger.com	8975	1999-06-22	2012-05-22	2024-05-04	3.5 kB	73 kB	142.250.74.73
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-05-03	457 B	23 kB	104.18.11.207
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-03	412 B	28 kB	104.21.35.227
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-04	737 B	423 B	192.243.59.13
apis.google.com	105	1997-09-15	2013-05-06	2024-05-03	2.0 kB	153 kB	142.250.74.110
2.bp.blogspot.com	11071	2000-07-31	2012-05-21	2024-05-03	1.0 kB	12 kB	142.250.74.65
www.topdisplayformat.com	unknown	2022-05-30	2022-06-03	2024-02-15	443 B	13 kB	172.240.108.84
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-03	870 B	848 B	52.29.105.35
failpendingoppose.com	unknown	2024-04-29	2024-04-30	2024-05-03	2.8 kB	3.4 kB	172.240.127.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	profitablecpmgate.com	Sinkholed
2024-05-04	medium	topdisplayformat.com	Sinkholed
2024-05-04	medium	conceivedtowards.com	Sinkholed
2024-05-04	medium	failpendingoppose.com	Sinkholed
2024-05-04	medium	failpendingoppose.com	Sinkholed
2024-05-04	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (30)

	URL	Size	First Seen	Last Seen
	www.loadiflly.com/2024/04/e456rikrthje.html	310 B	2023-03-07	2024-05-04
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:04:40 Last Seen2024-05-04 18:40:13 Times Seen44 Hash 63b4a3ff713a0faaf256dcb12b26ba61 bf4efc4c73dcd051c5daa4c1d2eda17d8a9c7018 08da90a69f66eae0323e419b3a2664a695127cc19905f5b331baf836ae1fe554 Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	3.1 kB	2023-03-07	2024-05-04
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:42:09 Last Seen2024-05-04 18:40:13 Times Seen79 Hash 677ca5fe015b171fd1d70a78704367a2 536b63e5e2f110f09d9d50f6dfb24a8005bfec7a 0a29517a88a6582524a16caba23769fe38e87baa33e738c4c6bdf8e56d9707b8 Loading...

	www.blogger.com/static/v1/widgets/4290687098-widgets.js	144 kB	2024-04-29	2024-05-14
Pretty URL www.blogger.com/static/v1/widgets/4290687098-widgets.js IP 142.250.74.73 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 04:27:43 Last Seen2024-05-14 01:22:31 Times Seen2188 Hash 30490c5bf1c9a62c3f7aaf45de530b69 89fdf91f40944a3babf7d9f485cbfbcc32454d50 b7c68fe77654ca4d42928e0a0ea49c642de2887b1ef65e5123105f5359390d49 Loading...

	unknown	27 B	2023-04-10	2024-05-18
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:53:31 Last Seen2024-05-18 11:53:27 Times Seen30924 Hash 7688ca9eb3ca1c878821b1e3fe2c23d7 2c41fd7e9f8312d6fed18b21e1a0589413e35553 793bae9539499e6e02187febbd2e20fd17dd40260033f5175dbfc2f294440d9a Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	275 B	2023-03-07	2024-05-18
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:24 Last Seen2024-05-18 11:53:27 Times Seen58985 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	223 B	2023-03-07	2024-05-04
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:04:40 Last Seen2024-05-04 18:40:13 Times Seen39 Hash 641dcbcd53ab9a6e7e6e090a58ad3f32 60acf73bd1a31f4796400a58a0f61f8029665f30 976df6a9e5d98b565880ccc88c473a22f8093ca148fa15126ecfe173e63008f7 Loading...

	www.blogger.com/navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fwww.loadiflly.com&pfname=&rpctoken=22324578	0 B	2023-03-07	2024-05-18
Pretty URL www.blogger.com/navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fwww.loadiflly.com&pfname=&rpctoken=22324578 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 12:57:21 Times Seen37785432 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs	137 kB	2024-04-23	2024-05-18
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 06:22:46 Last Seen2024-05-18 11:53:27 Times Seen1451 Hash 4d1bd282f5a3799d4e2880cf69af9269 2ede61be138a7beaa7d6214aa278479dce258adb 5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693 Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	302 B	2023-03-07	2024-05-18
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-18 11:53:27 Times Seen29230 Hash 5a9442d8fb9a2077b3ebaf7aa6f763fb 1ad7b70635d1b80ddf645acb12b5f17e0ecf0c99 0665437bacd7ab06df7300ed254eac6729ed5e062da4cfb3895416289cfc647a Loading...

	www.topdisplayformat.com/929b7d971a00771c29af85ece5e7d407/invoke.js	31 kB	2024-05-04	2024-05-04
Pretty URL www.topdisplayformat.com/929b7d971a00771c29af85ece5e7d407/invoke.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 18:40:13 Last Seen2024-05-04 18:40:14 Times Seen2 Hash 39381dc29d9569acda9576bb43d6d651 bc68c89aa6825b4e45412659400436b4199fc405 865ba72ed6faf4fa9ab3ebede7b95f74269d1e94d9ce3a8a532853dab67d9c69 Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	793 B	2024-05-04	2024-05-04
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 18:40:13 Last Seen2024-05-04 18:40:13 Times Seen1 Hash 017f6fc090794bbf9f89a2e2f0bbf7b6 d64c53aa55c44f7c0844a038c112b67ccf4a11a8 a88bcdc8442a80bd4c70e9fd03bf1913337a12d0fc1f07b112268cda6c33dc1c Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	269 B	2023-03-07	2024-05-18
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-18 11:53:27 Times Seen28516 Hash 6e880fa46f41c3a142b32e22ca7c06a0 cb7725608bf21d4a5fab1e9050328ab9b024d285 95df5b72788a5634d46797321652a339cd37eeba06d33166541e76a0deb42b61 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js	96 kB	2023-03-07	2024-05-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-18 12:37:45 Times Seen18945 Hash 8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs	184 kB	2024-04-23	2024-05-18
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 06:22:46 Last Seen2024-05-18 11:53:27 Times Seen1142 Hash 575e42a695a782c950bd57d1cd413c7e 8549b65a7e35bd251ac277315a063c07ea288a2e c3f62bbfcc26082d78406d7f36866969da709db71ef269081374aee5a5b2cf21 Loading...

	apis.google.com/js/platform:gapi.iframes.style.common.js	56 kB	2024-04-23	2024-05-18
Pretty URL apis.google.com/js/platform:gapi.iframes.style.common.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 06:22:46 Last Seen2024-05-18 11:53:27 Times Seen1195 Hash 7ef4bc18139bcdbdd14c5b58b0955a67 afe44fd9a877f81a3c36f571c0fc934324c6cbd7 192bc707852c5986f930528442d88a79e5bcf4513aacc2b722a3c5e964501838 Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	343 B	2023-03-08	2024-05-04
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 00:40:51 Last Seen2024-05-04 18:40:13 Times Seen3 Hash 259268dc86776c0f996b2c660a58779d bbbf9b4ee2a4c26ff6ee81e4fe29fae6df322d84 655f7e0d58b5e477865fef17b1a440a93bd5a60b6353b58c591ef2d0c4aa0daf Loading...

	www.loadiflly.com/js/cookienotice.js	6.5 kB	2023-03-07	2024-05-18
Pretty URL www.loadiflly.com/js/cookienotice.js IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-05-18 11:53:27 Times Seen117342 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	unknown	145 B	2023-03-08	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:40:51 Last Seen2024-05-04 18:40:14 Times Seen3 Hash b2133dc4ed0b7aaa09f5b062c5d42572 2119014185ef5f1f0678759ebd9de2760df236ea 16568b3f4c972dff08eec6f54bb3a7d9ff53ee76c636462251e2648cff9a3188 Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	39 kB	2024-02-17	2024-05-04
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-17 03:21:50 Last Seen2024-05-04 18:40:14 Times Seen2 Hash 5ea621659eca290c3a90a2dd88b035a6 633d8ccbe6fc1def4f590bdbcccb445fb1076550 9f956f5e14a1035fcfaa400313759d2a80322c22515aaec5abedf2e0fca0e708 Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	189 B	2023-03-07	2024-05-04
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:33 Last Seen2024-05-04 18:40:14 Times Seen107 Hash fa98d4d0b2238f5169b271fb40db0790 01c0386c1ebccc96d3e064cda19d3b1f561af72e 726df63a65d1b7756ebcd934048f0300c26c6196240ee4e647c87543e659717c Loading...

	capaciousdrewreligion.com/advertisers.js	0 B	2023-03-07	2024-05-18
Pretty URL capaciousdrewreligion.com/advertisers.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 12:57:21 Times Seen37785432 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	apis.google.com/js/platform.js	56 kB	2024-04-23	2024-05-18
Pretty URL apis.google.com/js/platform.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 06:22:45 Last Seen2024-05-18 11:53:27 Times Seen1872 Hash e66acfdb2f1dfcff8c6dba736dd4ab6d 36026360b6c8d750488ef2c739e04969f8c5bcd7 742841b3cf614dd55ce486a7335018bd1992c4d05ef74b45a0781318075a99f3 Loading...

	moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/lib/shim_messaging_helper.js	1.7 kB	2023-05-05	2024-05-18
Pretty URL moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-05-18 12:47:59 Times Seen46191 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5&appId=1760806057479925	17 kB	2023-05-05	2024-05-18
Pretty URL connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5&appId=1760806057479925 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-05-18 12:47:59 Times Seen45642 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 104.21.35.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	338 B	2023-03-07	2024-05-04
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:33 Last Seen2024-05-04 18:40:14 Times Seen115 Hash 08b812a22d075b47c58118ee4011bd51 b6330793513b92758cb60aa2e94a6e4e45e0935d 25670db41a49d2ba91f8a8d5d3ec1617866f7db582ab7066db8f2817429569c0 Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	798 B	2024-02-05	2024-05-18
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-05 14:31:36 Last Seen2024-05-18 11:53:27 Times Seen4612 Hash f488687f23b8b2ad6f1d05c2d07b2735 9fc276898b78f841cb27d76da4f17dbe8c77aefe 9153ade8a8e5db45d8092225fe85f04f6af83889149e2f735d1815268a1003c9 Loading...

	www.loadiflly.com/2024/04/e456rikrthje.html	5.9 kB	2024-05-04	2024-05-04
Pretty URL www.loadiflly.com/2024/04/e456rikrthje.html IP 142.250.74.179 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 18:40:14 Last Seen2024-05-04 18:40:14 Times Seen1 Hash 7a8e9f6977d5e3a4e372001fbdcf27dd 8b321ebe4b14e844c21c4558e56baa8e5abcce47 f7bc4410b7890aef76d84ebce53ef9afc0f439da71e3ef5217b7029c55df374b Loading...

	pl17349874.profitablecpmgate.com/d5/ae/23/d5ae232e6859a576d6142082048beb87.js	84 kB	2024-05-04	2024-05-04
Pretty URL pl17349874.profitablecpmgate.com/d5/ae/23/d5ae232e6859a576d6142082048beb87.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 18:40:14 Last Seen2024-05-04 18:40:14 Times Seen2 Hash ce4af2cad6955b38748a24f7f4294211 4d746148d52dd9eacb4f0f3cb2da1f330715075e 84f2ad76c711383aa13055e64308e4a69f8be966dfc420482883b55d8759192d Loading...

		Size	First Seen	Last Seen
	#1 Write - 44533a9f5933ab9a47e6989f14416c49	122 B	2023-03-08	2024-05-04
Pretty Observations First Seen2023-03-08 00:40:51 Last Seen2024-05-04 18:40:14 Times Seen3 Hash 44533a9f5933ab9a47e6989f14416c49 1e8e57cd85a8649b17f5ff7617b6034bfa92d3cc 00c4cf4906e5a809ab5e31ce0827e5817c268e723211e3430e9028c924d19a66 Loading...

HTTP Transactions (35)

URL IP Response Size

www.loadiflly.com/2024/04/e456rikrthje.html

142.250.74.179

200 OK

24 kB

URL User Request GET HTTP/2
www.loadiflly.com/2024/04/e456rikrthje.html
IP
142.250.74.179:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectwww.loadiflly.com
FingerprintF8:81:DD:AA:FE:4E:C4:7D:57:66:88:8D:44:A5:5C:98:D4:48:35:F3
ValidityFri, 19 Apr 2024 16:37:51 GMT - Thu, 18 Jul 2024 17:29:03 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2753)
Size
24 kB (23954 bytes)
Hash
ec6a9c3a60a27905c842c12e07936012
4d1aa668feac08631d5404fd53d042dd5f8fc34b
00f05b84b9c38174d9621bcce28372ef8e8009f1813d10b9ddd4a6e14da38d1f

HTTP Headers

GET /2024/04/e456rikrthje.html HTTP/1.1
Host: www.loadiflly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 04 May 2024 16:39:46 GMT
date: Sat, 04 May 2024 16:39:46 GMT
cache-control: private, max-age=0
last-modified: Fri, 03 May 2024 05:56:07 GMT
etag: W/"184fc59d4177412324ed415be264e8be564fa18b85d4dc9d512cbb0427ae305c"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 23954
server: GSE
X-Firefox-Spdy: h2

www.loadiflly.com/js/cookienotice.js

142.250.74.179

200 OK

2.0 kB

URL GET HTTP/2
www.loadiflly.com/js/cookienotice.js
IP
142.250.74.179:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.loadiflly.com
FingerprintF8:81:DD:AA:FE:4E:C4:7D:57:66:88:8D:44:A5:5C:98:D4:48:35:F3
ValidityFri, 19 Apr 2024 16:37:51 GMT - Thu, 18 Jul 2024 17:29:03 GMT

File type
JavaScript source, ASCII text
Size
2.0 kB (2026 bytes)
Hash
a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: www.loadiflly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/2024/04/e456rikrthje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 04 May 2024 16:39:46 GMT
expires: Sat, 11 May 2024 16:39:46 GMT
cache-control: public, max-age=604800
last-modified: Sat, 04 May 2024 09:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

142.250.74.138

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (32341)
Size
34 kB (33576 bytes)
Hash
8fc25e27d42774aeae6edbc0a18b72aa
b66ed708717bf0b4a005a4d0113af8843ef3b8ff
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

HTTP Headers

GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:49:33 GMT
expires: Fri, 02 May 2025 01:49:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 226213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apis.google.com/js/platform.js

142.250.74.110

200 OK

21 kB

URL GET HTTP/2
apis.google.com/js/platform.js
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B
ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT

File type
JavaScript source, ASCII text, with very long lines (2050)
Size
21 kB (21303 bytes)
Hash
e66acfdb2f1dfcff8c6dba736dd4ab6d
36026360b6c8d750488ef2c739e04969f8c5bcd7
742841b3cf614dd55ce486a7335018bd1992c4d05ef74b45a0781318075a99f3

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21303
date: Sat, 04 May 2024 16:39:46 GMT
expires: Sat, 04 May 2024 16:39:46 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "d8cc7aca923e8ade"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/4290687098-widgets.js

142.250.74.73

200 OK

51 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/4290687098-widgets.js
IP
142.250.74.73:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64
ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT

File type
JavaScript source, ASCII text, with very long lines (1941)
Size
51 kB (51402 bytes)
Hash
30490c5bf1c9a62c3f7aaf45de530b69
89fdf91f40944a3babf7d9f485cbfbcc32454d50
b7c68fe77654ca4d42928e0a0ea49c642de2887b1ef65e5123105f5359390d49

HTTP Headers

GET /static/v1/widgets/4290687098-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 51402
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:08:26 GMT
expires: Fri, 02 May 2025 02:08:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 May 2024 23:54:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 225080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

142.250.74.73

200 OK

7.8 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
142.250.74.73:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64
ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT

File type
ASCII text, with very long lines (35959)
Size
7.8 kB (7756 bytes)
Hash
1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

HTTP Headers

GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 04:48:54 GMT
expires: Sat, 03 May 2025 04:48:54 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 23:55:05 GMT
content-type: text/css
vary: Accept-Encoding
age: 129053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.loadiflly.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 223305
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

2.bp.blogspot.com/-JW6YUtxJt-M/WwokWYGgD0I/AAAAAAAAAkA/HFLBc7T0bokXXoW78w5m5df0LLKfLsMsACLcBGAs/s72-c/st.png

142.250.74.65

200 OK

4.9 kB

URL GET HTTP/2
2.bp.blogspot.com/-JW6YUtxJt-M/WwokWYGgD0I/AAAAAAAAAkA/HFLBc7T0bokXXoW78w5m5df0LLKfLsMsACLcBGAs/s72-c/st.png
IP
142.250.74.65:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00
ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced
Size
4.9 kB (4852 bytes)
Hash
0bd6a2fb492608ec9ae1c9262c8356f3
367ca4a1f653ee8967c20c4dad82f4e297a73b1f
66d6bd01ba8c754f19b799dea52fb13bf8d1d19851f6b96ba78cc2a9960480a1

HTTP Headers

GET /-JW6YUtxJt-M/WwokWYGgD0I/AAAAAAAAAkA/HFLBc7T0bokXXoW78w5m5df0LLKfLsMsACLcBGAs/s72-c/st.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v241"
expires: Sun, 05 May 2024 16:39:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="st.png"
x-content-type-options: nosniff
date: Sat, 04 May 2024 16:39:47 GMT
server: fife
content-length: 4852
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

2.bp.blogspot.com/-JW6YUtxJt-M/WwokWYGgD0I/AAAAAAAAAkA/HFLBc7T0bokXXoW78w5m5df0LLKfLsMsACLcBGAs/s1600/st.png

142.250.74.65

200 OK

6.1 kB

URL GET HTTP/2
2.bp.blogspot.com/-JW6YUtxJt-M/WwokWYGgD0I/AAAAAAAAAkA/HFLBc7T0bokXXoW78w5m5df0LLKfLsMsACLcBGAs/s1600/st.png
IP
142.250.74.65:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00
ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT

File type
PNG image data, 208 x 62, 8-bit/color RGBA, non-interlaced
Size
6.1 kB (6116 bytes)
Hash
4e3664bdaafb1304f45824c46e3d11b9
4257e1d0cb601bf6de4610b635cc0c492e0132e0
b3fa018a547476fcb7767d841558d7da9fdd94efa67731b97c3fa53dfdee3c16

HTTP Headers

GET /-JW6YUtxJt-M/WwokWYGgD0I/AAAAAAAAAkA/HFLBc7T0bokXXoW78w5m5df0LLKfLsMsACLcBGAs/s1600/st.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v241"
expires: Sun, 05 May 2024 16:39:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="st.png"
x-content-type-options: nosniff
date: Sat, 04 May 2024 16:39:47 GMT
server: fife
content-length: 6116
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:400,700

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
11 kB (10581 bytes)
Hash
f2a85e4ec6c7a9ea4eb14082627bd849
8f240417e69c9ee375ba2874a7f9f7acbc00a0c8
cd979f18d3fbb051bba629dfa0ed990df81145ec1d8d7245396a9a344305cd9f

HTTP Headers

GET /css?family=Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 16:39:46 GMT
date: Sat, 04 May 2024 16:39:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A400%2C900%2C700%2C500%2C300%2C400italic%7CMontserrat%3A700&ver=4.6.6

142.250.74.106

5.8 kB

URL
fonts.googleapis.com/css?family=Roboto%3A400%2C900%2C700%2C500%2C300%2C400italic%7CMontserrat%3A700&ver=4.6.6
IP
142.250.74.106:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
5.8 kB (5797 bytes)
Hash
e6762247b5a9bd9b16cc1bec0644debf
ebc92ee1371742eb5e8e9ee28703c6ba963d9c0e
c5f4dbb00a005d44d0aca171e5dfcd71a24ef2d4199a046b75c7b9d58a7868d5

HTTP Headers

GET /css?family=Roboto%3A400%2C900%2C700%2C500%2C300%2C400italic%7CMontserrat%3A700&ver=4.6.6 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 16:39:46 GMT
date: Sat, 04 May 2024 16:39:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pl17349874.profitablecpmgate.com/d5/ae/23/d5ae232e6859a576d6142082048beb87.js

192.243.59.20

200 OK

31 kB

URL GET HTTP/1.1
pl17349874.profitablecpmgate.com/d5/ae/23/d5ae232e6859a576d6142082048beb87.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerLet's Encrypt
Subject*.profitablecpmgate.com
Fingerprint83:CE:ED:5C:47:96:B9:BE:A4:19:A3:51:A7:03:93:4B:9A:F6:F4:FD
ValidityThu, 21 Mar 2024 08:21:28 GMT - Wed, 19 Jun 2024 08:21:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30649 bytes)
Hash
ce4af2cad6955b38748a24f7f4294211
4d746148d52dd9eacb4f0f3cb2da1f330715075e
84f2ad76c711383aa13055e64308e4a69f8be966dfc420482883b55d8759192d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /d5/ae/23/d5ae232e6859a576d6142082048beb87.js HTTP/1.1
Host: pl17349874.profitablecpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 16:39:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bf5d16234b36b3e6a60bc44f455695fe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.topdisplayformat.com/929b7d971a00771c29af85ece5e7d407/invoke.js

172.240.108.84

200 OK

12 kB

URL GET HTTP/1.1
www.topdisplayformat.com/929b7d971a00771c29af85ece5e7d407/invoke.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerLet's Encrypt
Subject*.topdisplayformat.com
FingerprintB2:D7:47:81:C0:ED:5F:DC:1C:94:E6:DB:E0:2D:8A:28:FB:6B:CE:46
ValidityThu, 21 Mar 2024 08:57:04 GMT - Wed, 19 Jun 2024 08:57:03 GMT

File type
JavaScript source, ASCII text, with very long lines (31298), with no line terminators
Size
12 kB (11837 bytes)
Hash
39381dc29d9569acda9576bb43d6d651
bc68c89aa6825b4e45412659400436b4199fc405
865ba72ed6faf4fa9ab3ebede7b95f74269d1e94d9ce3a8a532853dab67d9c69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /929b7d971a00771c29af85ece5e7d407/invoke.js HTTP/1.1
Host: www.topdisplayformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:39:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb5ff37e32bd49afa5b5ae2bbbf83826
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.loadiflly.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 25870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

104.18.11.207

200 OK

22 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (27303)
Size
22 kB (22027 bytes)
Hash
4fbd15cb6047af93373f4f895639c8bf
12d6861075de8e293265ff6ff03b1f3adcb44c76
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 16:39:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:58:32
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9bd489b3b47817325036093612d128df
cdn-cache: HIT
cf-cache-status: HIT
age: 332876
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e9edc548f1b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

52.29.105.35

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.105.35:443
ASN
#16509 AMAZON-02

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
302493e76eaa7b7d2a578ef43aafe3a8
1a00a1bf75c230dc19de12a8bcea599180dd781d
ca95d725cf7c95f31b7b356cd09c58341f87a21524e619d38fdbb60ba3752da2

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loadiflly.com
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 16:39:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.loadiflly.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=a8964807-dfc9-4d4c-a732-5c6e9e3d60f6:2:1; expires=Tue, 02 May 2034 16:39:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

52.29.105.35

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.105.35:443
ASN
#16509 AMAZON-02

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
298b0781d9df366acf7733c370d45ed0
5b3779578b16909d54624ebbb4d27f0e146b148e
9371b4796479d1efdc003025af0d2b09251069841d3844046ff8cea1c487bebd

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loadiflly.com
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 16:39:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.loadiflly.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=78e79947-9840-47c0-aeb1-e2e76569211d:1:1; expires=Tue, 02 May 2034 16:39:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

conceivedtowards.com/pixel/purst?dl=0&th=0&sc=0&rs=1651&rd=1651&fd=994&bv=24.5.6485&tmpl=70

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
conceivedtowards.com/pixel/purst?dl=0&th=0&sc=0&rs=1651&rd=1651&fd=994&bv=24.5.6485&tmpl=70
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerLet's Encrypt
Subjectconceivedtowards.com
Fingerprint7E:51:62:88:EF:9C:34:4E:AB:87:19:31:45:2C:B4:48:5F:E0:A7:6B
ValidityMon, 29 Apr 2024 13:00:02 GMT - Sun, 28 Jul 2024 13:00:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1651&rd=1651&fd=994&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: conceivedtowards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 16:39:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

failpendingoppose.com/watch.721070282604.js?key=929b7d971a00771c29af85ece5e7d407&kw=%5B%22magnet%22%2C%22torrent%22%2C%22-%22%2C%22ks%22%2C%22the%22%2C%22sims%22%2C%224%22%2C%22-%22%2C%22full%22%2C%22edition%22%2C%22v1%22%2C%22106%22%2C%22zip%22%2C%22-%22%2C%22loadifly%22%5D&refer=https%3A%2F%2Fwww.loadiflly.com%2F2024%2F04%2Fe456rikrthje.html&tz=0&dev=e&res=14.2071&uuid=78e79947-9840-47c0-aeb1-e2e76569211d%3A1%3A1

172.240.127.234

307 Temporary Redirect

0 B

URL GET HTTP/1.1
failpendingoppose.com/watch.721070282604.js?key=929b7d971a00771c29af85ece5e7d407&kw=%5B%22magnet%22%2C%22torrent%22%2C%22-%22%2C%22ks%22%2C%22the%22%2C%22sims%22%2C%224%22%2C%22-%22%2C%22full%22%2C%22edition%22%2C%22v1%22%2C%22106%22%2C%22zip%22%2C%22-%22%2C%22loadifly%22%5D&refer=https%3A%2F%2Fwww.loadiflly.com%2F2024%2F04%2Fe456rikrthje.html&tz=0&dev=e&res=14.2071&uuid=78e79947-9840-47c0-aeb1-e2e76569211d%3A1%3A1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerLet's Encrypt
Subjectfailpendingoppose.com
FingerprintEA:8D:0F:1C:ED:4F:51:92:B0:7F:A5:55:40:65:12:08:79:3C:74:C1
ValidityMon, 29 Apr 2024 08:07:14 GMT - Sun, 28 Jul 2024 08:07:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.721070282604.js?key=929b7d971a00771c29af85ece5e7d407&kw=%5B%22magnet%22%2C%22torrent%22%2C%22-%22%2C%22ks%22%2C%22the%22%2C%22sims%22%2C%224%22%2C%22-%22%2C%22full%22%2C%22edition%22%2C%22v1%22%2C%22106%22%2C%22zip%22%2C%22-%22%2C%22loadifly%22%5D&refer=https%3A%2F%2Fwww.loadiflly.com%2F2024%2F04%2Fe456rikrthje.html&tz=0&dev=e&res=14.2071&uuid=78e79947-9840-47c0-aeb1-e2e76569211d%3A1%3A1 HTTP/1.1
Host: failpendingoppose.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loadiflly.com
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:39:48 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.loadiflly.com
Access-Control-Allow-Origin: https://www.loadiflly.com
Access-Control-Allow-Credentials: true
Location: https://failpendingoppose.com/watch.721070282604.js?dev=e&key=929b7d971a00771c29af85ece5e7d407&kw=%5B%22magnet%22%2C%22torrent%22%2C%22-%22%2C%22ks%22%2C%22the%22%2C%22sims%22%2C%224%22%2C%22-%22%2C%22full%22%2C%22edition%22%2C%22v1%22%2C%22106%22%2C%22zip%22%2C%22-%22%2C%22loadifly%22%5D&pst=1714840848&refer=https%3A%2F%2Fwww.loadiflly.com%2F2024%2F04%2Fe456rikrthje.html&res=14.2071&rmtc=t&shu=72b2f356677267d390de3380c8e8dfb136d1727b4cd06d90d9fefbbdd3687792af1fd6fd09392361980c3d17f5e73c82192764ddb94e61fe248abaa540d0450ab55d8be0ccf952aa92783906dc7986da621664c41a85b61f6efe74c7897c&tz=0&uuid=78e79947-9840-47c0-aeb1-e2e76569211d%3A1%3A1
Set-Cookie: u_pl=17252425; expires=Sun, 05 May 2024 16:39:48 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI1MjQyNSwiayI6IjkyOWI3ZDk3MWEwMDc3MWMyOWFmODVlY2U1ZTdkNDA3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4OTEwLCJwaWQiOjE1MTQzMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJtM2MzM3F3OSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5sb2FkaWZsbHkuY29tLzIwMjQvMDQvZTQ1NnJpa3J0aGplLmh0bWwiLCJhciI6W119fQ.XtDBSsbPG56-FGzAYPhMilLZPGr4s_4EnUp77aY_AD8; expires=Sat, 04 May 2024 16:40:48 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ad39859e9793376ba458024076c2783d
Strict-Transport-Security: max-age=0; includeSubdomains

failpendingoppose.com/watch.721070282604.js?dev=e&key=929b7d971a00771c29af85ece5e7d407&kw=%5B%22magnet%22%2C%22torrent%22%2C%22-%22%2C%22ks%22%2C%22the%22%2C%22sims%22%2C%224%22%2C%22-%22%2C%22full%22%2C%22edition%22%2C%22v1%22%2C%22106%22%2C%22zip%22%2C%22-%22%2C%22loadifly%22%5D&pst=1714840848&refer=https%3A%2F%2Fwww.loadiflly.com%2F2024%2F04%2Fe456rikrthje.html&res=14.2071&rmtc=t&shu=72b2f356677267d390de3380c8e8dfb136d1727b4cd06d90d9fefbbdd3687792af1fd6fd09392361980c3d17f5e73c82192764ddb94e61fe248abaa540d0450ab55d8be0ccf952aa92783906dc7986da621664c41a85b61f6efe74c7897c&tz=0&uuid=78e79947-9840-47c0-aeb1-e2e76569211d%3A1%3A1

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
failpendingoppose.com/watch.721070282604.js?dev=e&key=929b7d971a00771c29af85ece5e7d407&kw=%5B%22magnet%22%2C%22torrent%22%2C%22-%22%2C%22ks%22%2C%22the%22%2C%22sims%22%2C%224%22%2C%22-%22%2C%22full%22%2C%22edition%22%2C%22v1%22%2C%22106%22%2C%22zip%22%2C%22-%22%2C%22loadifly%22%5D&pst=1714840848&refer=https%3A%2F%2Fwww.loadiflly.com%2F2024%2F04%2Fe456rikrthje.html&res=14.2071&rmtc=t&shu=72b2f356677267d390de3380c8e8dfb136d1727b4cd06d90d9fefbbdd3687792af1fd6fd09392361980c3d17f5e73c82192764ddb94e61fe248abaa540d0450ab55d8be0ccf952aa92783906dc7986da621664c41a85b61f6efe74c7897c&tz=0&uuid=78e79947-9840-47c0-aeb1-e2e76569211d%3A1%3A1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerLet's Encrypt
Subjectfailpendingoppose.com
FingerprintEA:8D:0F:1C:ED:4F:51:92:B0:7F:A5:55:40:65:12:08:79:3C:74:C1
ValidityMon, 29 Apr 2024 08:07:14 GMT - Sun, 28 Jul 2024 08:07:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.721070282604.js?dev=e&key=929b7d971a00771c29af85ece5e7d407&kw=%5B%22magnet%22%2C%22torrent%22%2C%22-%22%2C%22ks%22%2C%22the%22%2C%22sims%22%2C%224%22%2C%22-%22%2C%22full%22%2C%22edition%22%2C%22v1%22%2C%22106%22%2C%22zip%22%2C%22-%22%2C%22loadifly%22%5D&pst=1714840848&refer=https%3A%2F%2Fwww.loadiflly.com%2F2024%2F04%2Fe456rikrthje.html&res=14.2071&rmtc=t&shu=72b2f356677267d390de3380c8e8dfb136d1727b4cd06d90d9fefbbdd3687792af1fd6fd09392361980c3d17f5e73c82192764ddb94e61fe248abaa540d0450ab55d8be0ccf952aa92783906dc7986da621664c41a85b61f6efe74c7897c&tz=0&uuid=78e79947-9840-47c0-aeb1-e2e76569211d%3A1%3A1 HTTP/1.1
Host: failpendingoppose.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loadiflly.com
Referer: https://www.loadiflly.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17252425; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI1MjQyNSwiayI6IjkyOWI3ZDk3MWEwMDc3MWMyOWFmODVlY2U1ZTdkNDA3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4OTEwLCJwaWQiOjE1MTQzMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJtM2MzM3F3OSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5sb2FkaWZsbHkuY29tLzIwMjQvMDQvZTQ1NnJpa3J0aGplLmh0bWwiLCJhciI6W119fQ.XtDBSsbPG56-FGzAYPhMilLZPGr4s_4EnUp77aY_AD8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:39:48 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.loadiflly.com
Access-Control-Allow-Origin: https://www.loadiflly.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=78e79947-9840-47c0-aeb1-e2e76569211d:1:1; expires=Sat, 11 May 2024 16:39:48 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c66daa8bcfb76aa27b45312849bbfe4
Strict-Transport-Security: max-age=0; includeSubdomains

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

28 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27461 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 16:39:47 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2292e56ddb42d52b3b90dbb10b8514ec
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 16:39:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbULJwXCniXOg7cQw%2FoLU3iWWacmPx1XsMYErBHXfVvRs%2BaVpNvscQ8EwPGHeXj9HwQmQvVVhuYgcZtHDFzzF5PKdGTxvknb6ALjWzZgR6C9Vh9%2BwgbCCSxrvNYAwxVZvB6HS2EEw8pFOjJHqft9xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e9edcc2b625689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

61 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (2124)
Size
61 kB (61025 bytes)
Hash
575e42a695a782c950bd57d1cd413c7e
8549b65a7e35bd251ac277315a063c07ea288a2e
c3f62bbfcc26082d78406d7f36866969da709db71ef269081374aee5a5b2cf21

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 61025
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:37:51 GMT
expires: Sat, 03 May 2025 00:37:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 18:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 144117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/dyn-css/authorization.css?targetBlogID=3592734726615605939&zx=d84442af-0532-421c-a7e4-519d08885fae

142.250.74.73

200 OK

21 B

URL GET HTTP/3
www.blogger.com/dyn-css/authorization.css?targetBlogID=3592734726615605939&zx=d84442af-0532-421c-a7e4-519d08885fae
IP
142.250.74.73:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64
ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=3592734726615605939&zx=d84442af-0532-421c-a7e4-519d08885fae HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 16:39:48 GMT
last-modified: Sat, 04 May 2024 16:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.loadiflly.com/favicon.ico

142.250.74.179

200 OK

786 B

URL GET HTTP/2
www.loadiflly.com/favicon.ico
IP
142.250.74.179:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.loadiflly.com
FingerprintF8:81:DD:AA:FE:4E:C4:7D:57:66:88:8D:44:A5:5C:98:D4:48:35:F3
ValidityFri, 19 Apr 2024 16:37:51 GMT - Thu, 18 Jul 2024 17:29:03 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
786 B (786 bytes)
Hash
2dede0bcdf2d139cd567af224c48e9bc
0ef4a5a5922dbd959b6b6073ceb9c53766a3947f
d85c96edc800130b2dbaf6c92dea6352046814ced712c173bbe15850e169da5d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.loadiflly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/2024/04/e456rikrthje.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=78e79947-9840-47c0-aeb1-e2e76569211d%3A1%3A1; pp_main_d5ae232e6859a576d6142082048beb87=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
expires: Sat, 04 May 2024 16:39:48 GMT
date: Sat, 04 May 2024 16:39:48 GMT
cache-control: private, max-age=86400
last-modified: Fri, 03 May 2024 05:56:07 GMT
etag: W/"184fc59d4177412324ed415be264e8be564fa18b85d4dc9d512cbb0427ae305c"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 786
server: GSE
X-Firefox-Spdy: h2

www.blogger.com/navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

142.250.74.73

2.6 kB

URL
www.blogger.com/navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
IP
142.250.74.73:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64
ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3170)
Size
2.6 kB (2598 bytes)
Hash
2223754e433a09941d080b47f2a9e4e2
39701457d34c4fcfb0e95d0f7ae67636edd98c91
4f05ff6c182f28e0c4a4acbcc8fd044b24a3e6459979cf288bbd4bbc08437e2f

HTTP Headers

GET /navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 16:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2598
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/navbar/icons_peach.png

142.250.74.73

200 OK

907 B

URL GET HTTP/3
resources.blogblog.com/img/navbar/icons_peach.png
IP
142.250.74.73:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fwww.loadiflly.com&pfname=&rpctoken=22324578
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64
ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT

File type
PNG image data, 46 x 20, 8-bit colormap, non-interlaced
Size
907 B (907 bytes)
Hash
3718077fe5eb689b0ded987a52881d06
f0ce5596ef43f850c400cbbc0556697fb3e7b232
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

HTTP Headers

GET /img/navbar/icons_peach.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 907
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:51:08 GMT
expires: Thu, 09 May 2024 01:51:08 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 May 2024 21:56:23 GMT
content-type: image/png
age: 226121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/navbar/arrows-light.png

142.250.74.73

200 OK

117 B

URL GET HTTP/3
resources.blogblog.com/img/navbar/arrows-light.png
IP
142.250.74.73:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fwww.loadiflly.com&pfname=&rpctoken=22324578
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64
ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT

File type
PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced
Size
117 B (117 bytes)
Hash
25c2b0cfe0ad4dcda4a0e3727d091d80
b9d16f4311e64648b7970baf00cb9841e3c3351b
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

HTTP Headers

GET /img/navbar/arrows-light.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 117
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 15:32:26 GMT
expires: Thu, 09 May 2024 15:32:26 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 May 2024 16:56:12 GMT
content-type: image/png
age: 176843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/platform:gapi.iframes.style.common.js

142.250.74.110

200 OK

21 kB

URL GET HTTP/3
apis.google.com/js/platform:gapi.iframes.style.common.js
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fwww.loadiflly.com&pfname=&rpctoken=22324578
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (2050)
Size
21 kB (21313 bytes)
Hash
7ef4bc18139bcdbdd14c5b58b0955a67
afe44fd9a877f81a3c36f571c0fc934324c6cbd7
192bc707852c5986f930528442d88a79e5bcf4513aacc2b722a3c5e964501838

HTTP Headers

GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21313
date: Sat, 04 May 2024 16:39:49 GMT
expires: Sat, 04 May 2024 16:39:49 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "1df5d68c1707a051"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

46 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fwww.loadiflly.com&pfname=&rpctoken=22324578
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (2124)
Size
46 kB (45677 bytes)
Hash
4d1bd282f5a3799d4e2880cf69af9269
2ede61be138a7beaa7d6214aa278479dce258adb
5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45677
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 12:30:15 GMT
expires: Fri, 02 May 2025 12:30:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 18:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 187774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

unseenreport.com/pxf.gif?uuid=78e79947-9840-47c0-aeb1-e2e76569211d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d5ae232e6859a576d6142082048beb87&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=78e79947-9840-47c0-aeb1-e2e76569211d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d5ae232e6859a576d6142082048beb87&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=78e79947-9840-47c0-aeb1-e2e76569211d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d5ae232e6859a576d6142082048beb87&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 16:39:49 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e07de99dd517363711577e09912171cf
Strict-Transport-Security: max-age=0; includeSubdomains

capaciousdrewreligion.com/advertisers.js

172.240.253.132

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC
ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:39:48 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a956e5b27acbb5dc20cd043fde8299e2
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.googleapis.com/css?family=Roboto%3A400%2C900%2C700%2C500%2C300%2C400italic%7CMontserrat%3A700&ver=4.6.6

142.250.74.106

200 OK

15 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto%3A400%2C900%2C700%2C500%2C300%2C400italic%7CMontserrat%3A700&ver=4.6.6
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
15 kB (14914 bytes)
Hash
c5b0be800044839838cae627530783ca
33b85197cea7b81bab2158cc76980de6b3d060c7
ce9cb4cd4d33a7486ca41fd7d35c2b9e8fa5645c24501231fae767349dd865b8

HTTP Headers

GET /css?family=Roboto%3A400%2C900%2C700%2C500%2C300%2C400italic%7CMontserrat%3A700&ver=4.6.6 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 16:39:46 GMT
date: Sat, 04 May 2024 16:39:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?display=swap&family=Open+Sans

142.250.74.106

200 OK

6.0 kB

URL GET HTTP/2
fonts.googleapis.com/css2?display=swap&family=Open+Sans
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (6096), with no line terminators
Size
6.0 kB (5996 bytes)
Hash
7e18a097b51eb70d0d781735844b6897
bee01b4d68b934b8a85650c2edd6e0b51fd961b8
4eadd38b698cc5058bc6909316f68e23ad7784bcde595476b27b47a652ff83f0

HTTP Headers

GET /css2?display=swap&family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 16:39:46 GMT
date: Sat, 04 May 2024 16:39:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.loadiflly.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 225887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

142.250.74.73

200 OK

6.7 kB

URL GET HTTP/3
www.blogger.com/navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
IP
142.250.74.73:443
ASN
#15169 GOOGLE

Requested by
https://www.loadiflly.com/2024/04/e456rikrthje.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64
ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6887), with no line terminators
Size
6.7 kB (6700 bytes)
Hash
e4a9ef6441326372391213543b639aa1
f92436dd93b0f6e53923ea97ba65bf79f3a8906f
825acfc3d9b56311bccd1ce07789f5bb4dd2a8a83bf11856f32b1de23d7168bd

HTTP Headers

GET /navbar.g?targetBlogID=3592734726615605939&blogName=Loadifly&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.loadiflly.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.loadiflly.com/&targetPostID=1021688290334039744&blogPostOrPageUrl=https://www.loadiflly.com/2024/04/e456rikrthje.html&vt=3976118759267747529&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.loadiflly.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 16:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2598
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL