| proxyspare3.latestcache.com/ |  172.67.194.169 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1proxyspare3.latestcache.com/ IP172.67.194.169:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET / HTTP/1.1
Host: proxyspare3.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 02 May 2023 16:23:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 02 May 2023 17:23:10 GMT
Location: https://proxyspare3.latestcache.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tx43nmVG65lP7tgG%2BtjxT%2BdiA8JzPDeJDWYfaKfpNnmefkCMJnjx6CxyG8YJn4Oh1KhBFQl7j%2BSfx6Lkh7Q8NLqqXv9s9Py1WGwhAqolKU6dZOSRiqWbk3n%2BW4k4%2BZu%2BL%2BXDjjb6Na3bNDT5w60%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c119b6f7ec6fab4-OSL
alt-svc: h2=":443"; ma=60
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js |  104.17.25.14 | 200 OK | 6.1 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js IP104.17.25.14:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File typeASCII text, with very long lines (18860) Hash644b7e1b85739d3ef9b424708cc14fa5 8b84449b04a1f5ca00e7ff1d5ef92aebf1ddb4ef eaec1c8906a7a577d272afbd87ade62bdf3ca3a4a82a497f818485fe7110a0b4
GET /ajax/libs/popper.js/1.11.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 6098
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4a59"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2242030
expires: Sun, 21 Apr 2024 16:23:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ObIStkDlZzsW0fmb6TcmJ2ukX748vehMT6YMiXRWejYIToOwIVZxYRmX2RAL4mxLjKnXQdaRiyWQeqtdzHs0bdZ70Z0bsXbAvsgUTJfuxZPK4QnFRrG%2FzOLzKtXbCJ0R21%2FCQbm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c119b75feb6b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.2.1.slim.min.js | 69.16.175.42 | 200 OK | 24 kB |
URL GET HTTP/2code.jquery.com/jquery-3.2.1.slim.min.js IP69.16.175.42:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerSectigo Limited Subject*.jquery.com Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83 ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File typeASCII text, with very long lines (32012) Hash30f5157a965bc792a83e9bacfe265f03 8330886371fe27f3cbac509e0ac9712207574c66 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1683044591.dop223.sk1.t,1683044591.cds023.sk1.hn,1683044591.cds235.sk1.c
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | | 472 B |
IP142.250.74.3:0
Hash12ba8eaf8df351c1b04c5aa90a1654ca 89c8ed3f837bd937b60d8b6862af6e81510a41f5 6b2c88a08976f9b12290abc6f4e7a6cffd00698f8853f3d7bd0a87974c354bfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 02 May 2023 16:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 14 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js IP104.18.11.207:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (50904) Hash409985b57d15fc4e9755157b99fdc329 6c49d32b9b248dd282cc744e9dde74f65cafaacb 9e5026aef65777842d430cdee1698b2fc1ab1432bc8580c96de3cfb8f394bd3e
GET /bootstrap/4.0.0-beta/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"baaadea4492b059f284187d75af46063"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:49:23
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 43b3c220438fb1ebdb0d36ffcb0a6b98
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7c119b764f4b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| proxyspare3.latestcache.com/static/images/lock.png | 104.21.36.134 | 200 OK | 161 B |
URL GET HTTP/3proxyspare3.latestcache.com/static/images/lock.png IP104.21.36.134:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerGoogle Trust Services LLC Subject*.latestcache.com Fingerprint76:A1:56:E1:7D:73:58:DA:29:73:F5:2B:BC:CE:E2:A5:8E:02:F4:7D ValidityTue, 07 Mar 2023 06:05:02 GMT - Mon, 05 Jun 2023 06:05:01 GMT
File typePNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data Hashf65536f74d80fa4ba060a0697f5f3142 3cf3d901cb29e88a2c4f75dac2b8d93521e85814 45f5a209079611483e4a990fcf69fe22971d3a941002da68092df2ba33b65115
GET /static/images/lock.png HTTP/1.1
Host: proxyspare3.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://proxyspare3.latestcache.com/
Alt-Used: proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: image/png
content-length: 161
etag: "63e1c766-a1"
last-modified: Tue, 07 Feb 2023 03:37:10 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woBF0%2FuOAsa0gAXiys0mlk0lkXk9VScvvKcB0L89OSmSUa6Rf6lvlmJnhR8I7RQ8bqlmIHo6eOgorelAUBqjRjLi9Itq9yTIhx9K%2BPVSluxFAgcbtLGGTmGx0eWUigQfYbUzg%2B3evl6s4ZBVRjs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c119b75ea07b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | | 471 B |
IP142.250.74.3:0
Hash2ce978767c05692aa24c6454c05de9fc 2daae46f8a6cc154414210a7fa409479f51991e6 2f804b51a4f9a047a1d9de696906484b648e1f6e052a1fc85f3e29a8f0309e2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 02 May 2023 16:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| staticbay.pages.dev/proxy/js/ads/pop.js | 172.66.47.92 | 200 OK | 16 kB |
URL GET HTTP/2staticbay.pages.dev/proxy/js/ads/pop.js IP172.66.47.92:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint99:B8:08:37:9E:8C:AE:74:DF:9E:6D:A7:9E:A2:7B:34:A4:9F:17:AC ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File typeASCII text, with very long lines (46040), with no line terminators Hash144fb31ae368fcd6e9c55369f8ade516 f4d5790835ade6ea92dd197d36d57ca31c451257 241e0249bfdb1c60e4995466447a388d73c91f71b61e84c38e8a999c32380838
GET /proxy/js/ads/pop.js HTTP/1.1
Host: staticbay.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"bdac5e23c18e97813eaf29f94f5a77d4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiSazL5EsS9%2Fp1G6qbRXI6pz3x72%2FHLAMVW5f%2BLik%2BWnnhBYPo5TKwsdb7k0DWjniWZ%2BxikOYakkFODAh3mv7suvNSNQ1MtimaSp6V07npcqBu7ZIAcZx8dIFmYNNxJ7w0l3GB11"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c119b766e141c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| proxyspare3.latestcache.com/static/css/base.css | 104.21.36.134 | 200 OK | 16 kB |
URL GET HTTP/3proxyspare3.latestcache.com/static/css/base.css IP104.21.36.134:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerGoogle Trust Services LLC Subject*.latestcache.com Fingerprint76:A1:56:E1:7D:73:58:DA:29:73:F5:2B:BC:CE:E2:A5:8E:02:F4:7D ValidityTue, 07 Mar 2023 06:05:02 GMT - Mon, 05 Jun 2023 06:05:01 GMT
Hashc43d509aa821641f097296db37241faf 81b90011368ee31456caca3f796e5b3f712e0030 37b2c8eece9b2e7f03e97d719be3a3e10009d5c853154c195a5b8c72da179d4b
GET /static/css/base.css HTTP/1.1
Host: proxyspare3.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://proxyspare3.latestcache.com/
Alt-Used: proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: text/css
etag: W/"63e1c766-90c"
last-modified: Tue, 07 Feb 2023 03:37:10 GMT
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tFL5sc2H0RtC52CTmqmfS7rzSjMGO6aibPYIFv4oWgAqEbGYyRFQZgD713tNG7QAIKCFP8%2FuJpJpzcB185sapmIUC0DhgP4kFYxm0IhsCC0W4kGmh8npW6EhuqiWLN9Zm7CbsgUGKLJB48J8BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c119b75ea09b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | | 471 B |
IP142.250.74.3:0
Hash2ce978767c05692aa24c6454c05de9fc 2daae46f8a6cc154414210a7fa409479f51991e6 2f804b51a4f9a047a1d9de696906484b648e1f6e052a1fc85f3e29a8f0309e2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 02 May 2023 16:23:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | | 472 B |
IP142.250.74.3:0
Hash8d8910a0aae1800af19c6aa5dff19c20 cd6fd6f7577d0391ca4ffe983a7bcafc7ea1f283 1a6186ae61053ca496cd002b135580aaca7a4c0e1accdb89d5b7e94c7ff66dee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 02 May 2023 16:23:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtag/js?id=G-H55MMD7MCD | 142.250.74.40 | 200 OK | 85 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-H55MMD7MCD IP142.250.74.40:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint07:22:19:79:30:9E:4C:35:4E:21:BD:55:7D:44:2F:A9:71:9E:4C:AA ValidityMon, 03 Apr 2023 08:16:11 GMT - Mon, 26 Jun 2023 08:16:10 GMT
File typeASCII text, with very long lines (4509) Hash72f8da2079b08f62ad87b5eca44a4b3a dc553b1053d2eb3bea3ded98aaf3dff09c7dcc56 e0e7bf94b0d415bc7602eb459bee2ca485bdb51efe86d58727792541e0d21f07
GET /gtag/js?id=G-H55MMD7MCD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 02 May 2023 16:23:12 GMT
expires: Tue, 02 May 2023 16:23:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84731
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | | 471 B |
URL ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hashdd7c8cc7fba2c6be375f1f90e563fae3 acb3bfc2bacb98a2e25b26e3903c5e60b64839f1 2fa935a177799296423605b221ca804cda17bfa072c980e65a11ef87c1b00717
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 02 May 2023 16:23:12 GMT
Last-Modified: Tue, 02 May 2023 15:12:26 GMT
Server: ECAcc (nya/79B0)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tBc6I5ol0ZE8KHQ0-oxjcCNT4TGcoz30MhN7P8TORkvhlMb5giWxfQ==
Age: 4246
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | | 472 B |
IP142.250.74.3:0
Hash8d8910a0aae1800af19c6aa5dff19c20 cd6fd6f7577d0391ca4ffe983a7bcafc7ea1f283 1a6186ae61053ca496cd002b135580aaca7a4c0e1accdb89d5b7e94c7ff66dee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 02 May 2023 16:23:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| simplewebanalysis.com/stats |  52.58.93.188 | 200 OK | 40 B |
URL GET HTTP/2simplewebanalysis.com/stats IP52.58.93.188:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerAmazon Subjectsimplewebanalysis.com FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07 ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash29642f868a968fcbf4f9dde39c6d0314 9dbb3ec0fcacf99a47daa99e1c9bb5b2fdd01712 681a9f0feb25ba00abc0e831fae00a7396e46e73945a727ff21d2d4109ce24f9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://proxyspare3.latestcache.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=80f06613-1d9b-4405-a5cf-b0b7e5b4cdb5:2:1; expires=Fri, 29 Apr 2033 16:23:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | | 471 B |
URL ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hashdd7c8cc7fba2c6be375f1f90e563fae3 acb3bfc2bacb98a2e25b26e3903c5e60b64839f1 2fa935a177799296423605b221ca804cda17bfa072c980e65a11ef87c1b00717
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 02 May 2023 16:23:12 GMT
Etag: "644fe97a-1d7"
Last-Modified: Tue, 02 May 2023 16:10:29 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: w5y3YZGZpzNQz2ZGuc9RAZhFHm5o8SX4_0GnE_RrnaZvO8pNaiGNbg==
Age: 763
|
|
| simplewebanalysis.com/stats | 52.58.93.188 | 200 OK | 40 B |
URL GET HTTP/2simplewebanalysis.com/stats IP52.58.93.188:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerAmazon Subjectsimplewebanalysis.com FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07 ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hasha7fa4d60a7f4d771cc0a92dad25e762e 5433cf0da53f6e03076283e473614b64951656b5 1ba8e415759956075225a9b5130030a0d60a91bed8471844ba5e25f300780107
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://proxyspare3.latestcache.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=704e0782-9927-4189-ba2e-03ba07c16c84:2:1; expires=Fri, 29 Apr 2033 16:23:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| poshhateful.com/advertisers.js | 173.233.137.44 | 200 OK | 0 B |
URL GET HTTP/1.1poshhateful.com/advertisers.js IP173.233.137.44:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerLet's Encrypt Subjectposhhateful.com Fingerprint86:EA:FA:D7:E2:8F:7D:8C:A8:64:EE:3D:F1:60:9F:90:9E:8B:FF:D5 ValiditySun, 16 Apr 2023 07:05:46 GMT - Sat, 15 Jul 2023 07:05:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: poshhateful.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 02 May 2023 16:23:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 56b7f55c19584588a3ba290f66bf691a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| proxyspare3.latestcache.com/cdn-cgi/rum? | 104.21.36.134 | 204 No Content | 0 B |
URL POST HTTP/3proxyspare3.latestcache.com/cdn-cgi/rum? IP104.21.36.134:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerGoogle Trust Services LLC Subject*.latestcache.com Fingerprint76:A1:56:E1:7D:73:58:DA:29:73:F5:2B:BC:CE:E2:A5:8E:02:F4:7D ValidityTue, 07 Mar 2023 06:05:02 GMT - Mon, 05 Jun 2023 06:05:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
POST /cdn-cgi/rum? HTTP/1.1
Host: proxyspare3.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://proxyspare3.latestcache.com/
content-type: application/json
Content-Length: 1053
Origin: https://proxyspare3.latestcache.com
Alt-Used: proxyspare3.latestcache.com
Connection: keep-alive
Cookie: _ga_H55MMD7MCD=GS1.1.1683044597.1.0.1683044597.0.0.0; _ga=GA1.1.1987698737.1683044597; dom3ic8zudi28v8lr6fgphwffqoz0j6c=704e0782-9927-4189-ba2e-03ba07c16c84%3A2%3A1; ppu_main_6c1f3c85c99e62eb028505b3f6b22cd4=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 02 May 2023 16:23:12 GMT
access-control-allow-origin: https://proxyspare3.latestcache.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7c119b80db8cb500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| greedevolution.com/ntv.json?key=c5f015defb41680bd68a4987925f5537&vstc=4 | 173.233.137.36 | 200 OK | 18 kB |
URL GET HTTP/1.1greedevolution.com/ntv.json?key=c5f015defb41680bd68a4987925f5537&vstc=4 IP173.233.137.36:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerLet's Encrypt Subjectgreedevolution.com Fingerprint56:6A:8F:B1:B0:73:15:A8:75:6B:08:C8:8A:63:3B:BF:27:16:12:FD ValidityThu, 23 Mar 2023 06:21:03 GMT - Wed, 21 Jun 2023 06:21:02 GMT
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (17788), with no line terminators Hash7c3b85970e7db8e9c5aef52c6dde588c 55dbcaeaf7e9bf77bc61e7f6cdfabf3bfd900163 75c2c6c464476c2a2c63188deec0ae5d17095cea98dd7a583eb82cb799e0e75a
GET /ntv.json?key=c5f015defb41680bd68a4987925f5537&vstc=4 HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 02 May 2023 16:23:12 GMT
Content-Type: application/json
Content-Length: 17836
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://proxyspare3.latestcache.com
Access-Control-Allow-Origin: https://proxyspare3.latestcache.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18193230; expires=Wed, 03 May 2023 16:23:12 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 03 May 2023 16:23:12 GMT; secure; SameSite=None
uncs=1; expires=Wed, 03 May 2023 16:23:12 GMT; secure; SameSite=None
pdhtkv49=true; expires=Wed, 03 May 2023 16:23:12 GMT; secure; SameSite=None
uncs49=1; expires=Wed, 03 May 2023 16:23:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 617b326328de53aefd3c5161edde3ff3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXue0nhQ9eJERPCjIpLvTk5lxkcV1jSzGZH8oepPqqupJmequpqprepJTcEH24GEOXnQROt8kG9S46B%2BgSMeLBBYyohDRHATvghA8yswGRx9UvffV9x2%2B9159sONOiQ9HT5bf0FtSKbrQbvnN594JgkvNFZm5YXPYXXp3KbrUNIMXA7%2FX8p9vvibYhl4I%2FcD3Az9oLksjEj1cCIKg5UPmB72g1fNbUdgK2hGG5v%2FYOg%2BWeuCDU%2FI4JJ9cPLgfQbIaWfrVVWE3Cp2%2F8GrqFC20wYDvv5VtZLrMkM7LxHhIsv1zNbQ9Xv4WOtubGYYe%2FCuM5YR4f%2FyOONs%2Fd4l4sPfQaKwgMsT8UZSDGkLVkLQG07ch%2BTEBGMfqGrL03qo2Jd18yNIpOyGNs78gywlp%2FPYEsvT%2BFSWHzVtauULqzGKYVJDDGrJfI3eHKLYuQJaHYMX7kPwBWThbQZburlmlIXk1a17KGjKpocQI1Hpw0yM9uMSDyz2k%2FKTZYVG3y7ttTgVjYZwE3SRKoh5lfsL8xV4Ix6b2RijyEZgagZlt5GYbG3IE476DXa9guQdbTIh3YxsDXqEUBKUlKClBKQnKgqAcVHtc2dBW97iyLg7Oc3ieF6uxLvo7dE8XfZGRnfyUPDadi%2Ffk3VVsiJMmayd%2B0OYiiaNgqevHfKlLo1630wvbSbu92IGVFaS9MGt1S07IM8865HJCyM8PENNDWHUIJj1QF4CW407og66Po66PrezLVBqjTUw3W9r0wXWFvGig2PR21Cl5arag3k%2BfQrCjyz8uzgLMVMhNhffk9wR9dWd8U5dk96YuLfl6LS9kKrfodHm3ClqIRz5%2FXWyW2vBrV%2B3os5fZlJiWB28KW6zQjMusb8kXVyTnwixrwwT55pp9W8TXnV2%2F4kzm8pXrryxfS3MjrJU6q0Hlsf0QTE7IxfSX2bd8%2BtcBpKlhXIXUHZHzgNQ1WL4Nm8%2FdW01g1FwT5x5KV41NGM8flSRQYo5pXMH%2BB8fzesfeQd80QIvbyNIKA1NhoCpQNYJ1F8dFbo4u%2F%2FDxND5BrBrjWJnGbqyM%2Bmg22gl5ae3v6XU2hXdh5UlTdMRSrxf5UYf7fhzxMAzagtHFiPZoGCYdFHbCb3T%2F%2FAcAAP%2F%2FAQAA%2F%2F8i4jW%2BcgQAAA%3D%3D | 173.233.137.36 | 200 OK | 7 B |
URL GET HTTP/1.1greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXue0nhQ9eJERPCjIpLvTk5lxkcV1jSzGZH8oepPqqupJmequpqprepJTcEH24GEOXnQROt8kG9S46B%2BgSMeLBBYyohDRHATvghA8yswGRx9UvffV9x2%2B9159sONOiQ9HT5bf0FtSKbrQbvnN594JgkvNFZm5YXPYXXp3KbrUNIMXA7%2FX8p9vvibYhl4I%2FcD3Az9oLksjEj1cCIKg5UPmB72g1fNbUdgK2hGG5v%2FYOg%2BWeuCDU%2FI4JJ9cPLgfQbIaWfrVVWE3Cp2%2F8GrqFC20wYDvv5VtZLrMkM7LxHhIsv1zNbQ9Xv4WOtubGYYe%2FCuM5YR4f%2FyOONs%2Fd4l4sPfQaKwgMsT8UZSDGkLVkLQG07ch%2BTEBGMfqGrL03qo2Jd18yNIpOyGNs78gywlp%2FPYEsvT%2BFSWHzVtauULqzGKYVJDDGrJfI3eHKLYuQJaHYMX7kPwBWThbQZburlmlIXk1a17KGjKpocQI1Hpw0yM9uMSDyz2k%2FKTZYVG3y7ttTgVjYZwE3SRKoh5lfsL8xV4Ix6b2RijyEZgagZlt5GYbG3IE476DXa9guQdbTIh3YxsDXqEUBKUlKClBKQnKgqAcVHtc2dBW97iyLg7Oc3ieF6uxLvo7dE8XfZGRnfyUPDadi%2Ffk3VVsiJMmayd%2B0OYiiaNgqevHfKlLo1630wvbSbu92IGVFaS9MGt1S07IM8865HJCyM8PENNDWHUIJj1QF4CW407og66Po66PrezLVBqjTUw3W9r0wXWFvGig2PR21Cl5arag3k%2BfQrCjyz8uzgLMVMhNhffk9wR9dWd8U5dk96YuLfl6LS9kKrfodHm3ClqIRz5%2FXWyW2vBrV%2B3os5fZlJiWB28KW6zQjMusb8kXVyTnwixrwwT55pp9W8TXnV2%2F4kzm8pXrryxfS3MjrJU6q0Hlsf0QTE7IxfSX2bd8%2BtcBpKlhXIXUHZHzgNQ1WL4Nm8%2FdW01g1FwT5x5KV41NGM8flSRQYo5pXMH%2BB8fzesfeQd80QIvbyNIKA1NhoCpQNYJ1F8dFbo4u%2F%2FDxND5BrBrjWJnGbqyM%2Bmg22gl5ae3v6XU2hXdh5UlTdMRSrxf5UYf7fhzxMAzagtHFiPZoGCYdFHbCb3T%2F%2FAcAAP%2F%2FAQAA%2F%2F8i4jW%2BcgQAAA%3D%3D IP173.233.137.36:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerLet's Encrypt Subjectgreedevolution.com Fingerprint56:6A:8F:B1:B0:73:15:A8:75:6B:08:C8:8A:63:3B:BF:27:16:12:FD ValidityThu, 23 Mar 2023 06:21:03 GMT - Wed, 21 Jun 2023 06:21:02 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXue0nhQ9eJERPCjIpLvTk5lxkcV1jSzGZH8oepPqqupJmequpqprepJTcEH24GEOXnQROt8kG9S46B%2BgSMeLBBYyohDRHATvghA8yswGRx9UvffV9x2%2B9159sONOiQ9HT5bf0FtSKbrQbvnN594JgkvNFZm5YXPYXXp3KbrUNIMXA7%2FX8p9vvibYhl4I%2FcD3Az9oLksjEj1cCIKg5UPmB72g1fNbUdgK2hGG5v%2FYOg%2BWeuCDU%2FI4JJ9cPLgfQbIaWfrVVWE3Cp2%2F8GrqFC20wYDvv5VtZLrMkM7LxHhIsv1zNbQ9Xv4WOtubGYYe%2FCuM5YR4f%2FyOONs%2Fd4l4sPfQaKwgMsT8UZSDGkLVkLQG07ch%2BTEBGMfqGrL03qo2Jd18yNIpOyGNs78gywlp%2FPYEsvT%2BFSWHzVtauULqzGKYVJDDGrJfI3eHKLYuQJaHYMX7kPwBWThbQZburlmlIXk1a17KGjKpocQI1Hpw0yM9uMSDyz2k%2FKTZYVG3y7ttTgVjYZwE3SRKoh5lfsL8xV4Ix6b2RijyEZgagZlt5GYbG3IE476DXa9guQdbTIh3YxsDXqEUBKUlKClBKQnKgqAcVHtc2dBW97iyLg7Oc3ieF6uxLvo7dE8XfZGRnfyUPDadi%2Ffk3VVsiJMmayd%2B0OYiiaNgqevHfKlLo1630wvbSbu92IGVFaS9MGt1S07IM8865HJCyM8PENNDWHUIJj1QF4CW407og66Po66PrezLVBqjTUw3W9r0wXWFvGig2PR21Cl5arag3k%2BfQrCjyz8uzgLMVMhNhffk9wR9dWd8U5dk96YuLfl6LS9kKrfodHm3ClqIRz5%2FXWyW2vBrV%2B3os5fZlJiWB28KW6zQjMusb8kXVyTnwixrwwT55pp9W8TXnV2%2F4kzm8pXrryxfS3MjrJU6q0Hlsf0QTE7IxfSX2bd8%2BtcBpKlhXIXUHZHzgNQ1WL4Nm8%2FdW01g1FwT5x5KV41NGM8flSRQYo5pXMH%2BB8fzesfeQd80QIvbyNIKA1NhoCpQNYJ1F8dFbo4u%2F%2FDxND5BrBrjWJnGbqyM%2Bmg22gl5ae3v6XU2hXdh5UlTdMRSrxf5UYf7fhzxMAzagtHFiPZoGCYdFHbCb3T%2F%2FAcAAP%2F%2FAQAA%2F%2F8i4jW%2BcgQAAA%3D%3D HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: u_pl=18193230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 02 May 2023 16:23:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 690b5538940b2c260ab53cb1e5bfcd4e
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| staticbay.pages.dev/proxy/js/ads/invoke.js | 172.66.47.92 | 200 OK | 8.7 kB |
URL GET HTTP/2staticbay.pages.dev/proxy/js/ads/invoke.js IP172.66.47.92:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint99:B8:08:37:9E:8C:AE:74:DF:9E:6D:A7:9E:A2:7B:34:A4:9F:17:AC ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (25074), with no line terminators Hash2a63dfbeb346d2d98c1716b6787a1e67 6e626d362d5c527c9444d57f99cf30acfa06cfcb 76b252c07ca3c2431421b8158ce18ab73d28cdd5131d2518a25ead17e74081a1
GET /proxy/js/ads/invoke.js HTTP/1.1
Host: staticbay.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f3c2aeb7b85ec97fd7234296c9ac37e0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9SKYJc%2FamQHdrzONprq9BZfxiYCIwwPpdkQlDs87NqYQ1Kc0JBIb22JYE6kSm7rOZRPs%2BVg8QW%2FyNXWK8KfxGxQlCIyRQCD6AnsCDW1YqjzMUztuzlmpvGx6kKh360cAuVshpwf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c119b766e131c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3h0Q4knRg7dZUFCQSXenJzPjIotxjQRjsj8UvUl1VfWkTHVXU9U1PckpuCB78DAHL7oInTfJBjUu%2BgcoMvEigYWMKEQwB8G7IASPMrPB0Q%2Ba73v93uF976sPd90Z8eHo6fKbelsqReebDb%2F%2B%2FLtBcLW%2BKjPXr%2Ffbi%2B8tRlfrpvdS4Hca%2Fgv11wXb1POhH%2Fh%2B4Af1ZWlEovvzQRA0fMj8sBM0On4jChtBM0Lf%2FB9b58FSD7x3Rp6E5OO5wwcRJBshS7%2B%2BLuxmofMXX0udooU26PGDt7PNTJcZ0tmYGA9JdnChhrYny99BZ%2FtTw9C9f4WxHBPvj98RZwcXLhH39h8ZjRVEhpg%2FjrI3glAjSDoC03cg%2BQkBGMfaOrL0%2Fpo2Jd16xNIJOya1878gyzGp%2FfYUsvTBkpL9%2Bm2tXCF1ZtFPKsj%2BCLI7Qu6OUGxfgiyPwIoPIPlDMn%2B%2BiizdW7dKQ%2FJquryUI8hkBCUGoNaDm3zSg0s8uNxDyk%2FrLRa127zd5FQwFsZJ0E6iJOpQ5ifMX%2BiEcGxib4AiH4CpAZjZQW52sCkHMO572I0KlnuwxZh4N3fQ4xVKQVBagpISlJKgLAjKXrXPlQ1tdZ8r6%2BLgoocXfaEa6qK7S%2Fd10RUZ2c3PyBOTXLyn761hU5zWWTPxgyYXSRwFi20%2F5ottGnXarU7YTJrNhRasrCDtpemq23JMrjzrkMsxIb88REyPYNURmPRAXQBaDluhD7oxjNo%2BtrOvUmmMNjHdamjTBdcV8qKGYsvbVWfkmemBXl4%2Fh2DH135amBaYqZCbCu%2FLHwi66u7wli7J3i1dWvLNel7IVG7TyfFuF7QQl794Q2yV2vCV63bw%2BStsQkzGw7eELVZpxmXWteTLJcm5MMvaMEG%2BXbHviPiGsxtLzmQuX73x6vJKmhthrdTZCFSe2I%2FA5JjMpb9On%2BWV5x6DNCMYVyF1x%2BSiIPUILN%2BBzWfurSYwaqaJ88soXTU0YTz7qSSBEjNM4wr2Pziezbv2LrqmBlrcQZZW6JkKPVWBqgGsmxsWuTm%2B9uMnk%2FoUsaoNY2Vqe7Ey6uMx6fz82STfv6chT%2BA9WHlaFy2x2OlEftTivh9HPAyDpmB0IaIdGoZJC4Ud85vtP%2F8BAAD%2F%2FwEAAP%2F%2FPF7jwHIEAAA%3D | 173.233.137.36 | 200 OK | 7 B |
URL GET HTTP/1.1greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3h0Q4knRg7dZUFCQSXenJzPjIotxjQRjsj8UvUl1VfWkTHVXU9U1PckpuCB78DAHL7oInTfJBjUu%2BgcoMvEigYWMKEQwB8G7IASPMrPB0Q%2Ba73v93uF976sPd90Z8eHo6fKbelsqReebDb%2F%2B%2FLtBcLW%2BKjPXr%2Ffbi%2B8tRlfrpvdS4Hca%2Fgv11wXb1POhH%2Fh%2B4Af1ZWlEovvzQRA0fMj8sBM0On4jChtBM0Lf%2FB9b58FSD7x3Rp6E5OO5wwcRJBshS7%2B%2BLuxmofMXX0udooU26PGDt7PNTJcZ0tmYGA9JdnChhrYny99BZ%2FtTw9C9f4WxHBPvj98RZwcXLhH39h8ZjRVEhpg%2FjrI3glAjSDoC03cg%2BQkBGMfaOrL0%2Fpo2Jd16xNIJOya1878gyzGp%2FfYUsvTBkpL9%2Bm2tXCF1ZtFPKsj%2BCLI7Qu6OUGxfgiyPwIoPIPlDMn%2B%2BiizdW7dKQ%2FJquryUI8hkBCUGoNaDm3zSg0s8uNxDyk%2FrLRa127zd5FQwFsZJ0E6iJOpQ5ifMX%2BiEcGxib4AiH4CpAZjZQW52sCkHMO572I0KlnuwxZh4N3fQ4xVKQVBagpISlJKgLAjKXrXPlQ1tdZ8r6%2BLgoocXfaEa6qK7S%2Fd10RUZ2c3PyBOTXLyn761hU5zWWTPxgyYXSRwFi20%2F5ottGnXarU7YTJrNhRasrCDtpemq23JMrjzrkMsxIb88REyPYNURmPRAXQBaDluhD7oxjNo%2BtrOvUmmMNjHdamjTBdcV8qKGYsvbVWfkmemBXl4%2Fh2DH135amBaYqZCbCu%2FLHwi66u7wli7J3i1dWvLNel7IVG7TyfFuF7QQl794Q2yV2vCV63bw%2BStsQkzGw7eELVZpxmXWteTLJcm5MMvaMEG%2BXbHviPiGsxtLzmQuX73x6vJKmhthrdTZCFSe2I%2FA5JjMpb9On%2BWV5x6DNCMYVyF1x%2BSiIPUILN%2BBzWfurSYwaqaJ88soXTU0YTz7qSSBEjNM4wr2Pziezbv2LrqmBlrcQZZW6JkKPVWBqgGsmxsWuTm%2B9uMnk%2FoUsaoNY2Vqe7Ey6uMx6fz82STfv6chT%2BA9WHlaFy2x2OlEftTivh9HPAyDpmB0IaIdGoZJC4Ud85vtP%2F8BAAD%2F%2FwEAAP%2F%2FPF7jwHIEAAA%3D IP173.233.137.36:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerLet's Encrypt Subjectgreedevolution.com Fingerprint56:6A:8F:B1:B0:73:15:A8:75:6B:08:C8:8A:63:3B:BF:27:16:12:FD ValidityThu, 23 Mar 2023 06:21:03 GMT - Wed, 21 Jun 2023 06:21:02 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3h0Q4knRg7dZUFCQSXenJzPjIotxjQRjsj8UvUl1VfWkTHVXU9U1PckpuCB78DAHL7oInTfJBjUu%2BgcoMvEigYWMKEQwB8G7IASPMrPB0Q%2Ba73v93uF976sPd90Z8eHo6fKbelsqReebDb%2F%2B%2FLtBcLW%2BKjPXr%2Ffbi%2B8tRlfrpvdS4Hca%2Fgv11wXb1POhH%2Fh%2B4Af1ZWlEovvzQRA0fMj8sBM0On4jChtBM0Lf%2FB9b58FSD7x3Rp6E5OO5wwcRJBshS7%2B%2BLuxmofMXX0udooU26PGDt7PNTJcZ0tmYGA9JdnChhrYny99BZ%2FtTw9C9f4WxHBPvj98RZwcXLhH39h8ZjRVEhpg%2FjrI3glAjSDoC03cg%2BQkBGMfaOrL0%2Fpo2Jd16xNIJOya1878gyzGp%2FfYUsvTBkpL9%2Bm2tXCF1ZtFPKsj%2BCLI7Qu6OUGxfgiyPwIoPIPlDMn%2B%2BiizdW7dKQ%2FJquryUI8hkBCUGoNaDm3zSg0s8uNxDyk%2FrLRa127zd5FQwFsZJ0E6iJOpQ5ifMX%2BiEcGxib4AiH4CpAZjZQW52sCkHMO572I0KlnuwxZh4N3fQ4xVKQVBagpISlJKgLAjKXrXPlQ1tdZ8r6%2BLgoocXfaEa6qK7S%2Fd10RUZ2c3PyBOTXLyn761hU5zWWTPxgyYXSRwFi20%2F5ottGnXarU7YTJrNhRasrCDtpemq23JMrjzrkMsxIb88REyPYNURmPRAXQBaDluhD7oxjNo%2BtrOvUmmMNjHdamjTBdcV8qKGYsvbVWfkmemBXl4%2Fh2DH135amBaYqZCbCu%2FLHwi66u7wli7J3i1dWvLNel7IVG7TyfFuF7QQl794Q2yV2vCV63bw%2BStsQkzGw7eELVZpxmXWteTLJcm5MMvaMEG%2BXbHviPiGsxtLzmQuX73x6vJKmhthrdTZCFSe2I%2FA5JjMpb9On%2BWV5x6DNCMYVyF1x%2BSiIPUILN%2BBzWfurSYwaqaJ88soXTU0YTz7qSSBEjNM4wr2Pziezbv2LrqmBlrcQZZW6JkKPVWBqgGsmxsWuTm%2B9uMnk%2FoUsaoNY2Vqe7Ey6uMx6fz82STfv6chT%2BA9WHlaFy2x2OlEftTivh9HPAyDpmB0IaIdGoZJC4Ud85vtP%2F8BAAD%2F%2FwEAAP%2F%2FPF7jwHIEAAA%3D HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: u_pl=18193230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 02 May 2023 16:23:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a51c94480f512ce45ac369adf72fbb3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png | 45.133.44.9 | 200 OK | 113 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File typePNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data Size113 kB (112700 bytes) Hasha85aa1de5c20ac4eb372e7f76f32ae7f cc839c5f4d10d95e79ad9b161dff4453ace53149 d5e4a4cd44386fa562de135e43cfe7fdafe70387dd40d805873c982a25ebae83
GET /si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:13 GMT
content-type: image/png
content-length: 112700
server: nginx/1.17.6
last-modified: Tue, 15 Nov 2022 07:09:29 GMT
etag: "63733b29-1b83c"
expires: Thu, 04 May 2023 16:23:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png | 45.133.44.9 | 200 OK | 123 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File typePNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data Size123 kB (123291 bytes) Hash1c26658a8e0980350d9b1ddd575fa2e1 99514e6f4091235f9ea4ba0933edd20f31c9d031 3b43b009a295edad0eb4c0617671b86f5bb68c732bd57fa090adcdb5807f99a3
GET /si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:13 GMT
content-type: image/png
content-length: 123291
server: nginx/1.17.6
last-modified: Tue, 15 Nov 2022 07:09:43 GMT
etag: "63733b37-1e19b"
expires: Thu, 04 May 2023 16:23:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/eb/a9/82/eba982fa890e5ac9af43d3f6e85be79c/1676369590.png | 45.133.44.9 | 200 OK | 167 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/eb/a9/82/eba982fa890e5ac9af43d3f6e85be79c/1676369590.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File typePNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data Size167 kB (166594 bytes) Hash620f910b6abeaf629682d4aca37fda55 d43a90e1689317434d83f251fd1114d4f8becf80 0bc771e5a6c6970a154d26169d5210947a0ac36700f42b31d3eb8eb23a5406da
GET /si/eb/a9/82/eba982fa890e5ac9af43d3f6e85be79c/1676369590.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:13 GMT
content-type: image/png
content-length: 166594
server: nginx/1.17.6
last-modified: Tue, 14 Feb 2023 10:13:19 GMT
etag: "63eb5ebf-28ac2"
expires: Thu, 04 May 2023 16:23:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/25/04/02/250402c4e83d0b2cde05a87380b1e6db/1676369460.png | 45.133.44.9 | 200 OK | 139 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/25/04/02/250402c4e83d0b2cde05a87380b1e6db/1676369460.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File typePNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data Size139 kB (139124 bytes) Hash730ff329faa6047f6e2aefa7f8833cdf ceb4494aed62bce1d70152b378fd236835aaefd0 218c391db327d9b37a8eafbed9805d03faa3778994721a17013933af70ad663d
GET /si/25/04/02/250402c4e83d0b2cde05a87380b1e6db/1676369460.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:13 GMT
content-type: image/png
content-length: 139124
server: nginx/1.17.6
last-modified: Tue, 14 Feb 2023 10:11:09 GMT
etag: "63eb5e3d-21f74"
expires: Thu, 04 May 2023 16:23:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuuzjeXL54UPXibBQUFmXR3ejIzLrIY10gwJvtD0ZtUV1VPylR3NVVd05OcgguyBw9z8KKL0Hkm2aDGRf8ARSZeJLCQEYUI5iB4F4TgUWY2OPpC1fs%2B9TyH533f%2BmDPnRMfjp6tvKF3pFJ0odnw68%2B9EwRX62syc%2F16v7307lJ0tW56LwZ%2Bp%2BE%2FX39NsC29EPqB7wd%2BUF%2BRRiS6vxAEQcOHzI86QaPjN6KwETQj9M1%2FsXUeLPXAe%2BfkCUg%2Bnj96EEGyEbL0q%2BvCbhU6f%2BHV1ClaaIMeP3wr28p0mSGdlYnxkGSHl2poe7ryLXR2MDUM3ftHGMsx8X7%2FDXF2eOkSce%2FgkdFYQWSI%2BWMoeyMINYKkIzB9B5KfEoBxrG8gS%2B%2Bva1PS7UcsnbBjUrv4E7Ick9qvTyJLHywr2a%2Ff1soVUmcW%2FaSC7I8guyPk7hjFzhxkeQxWvA%2FJH5KFizVk6f6GVRqSV9PmpRxBJiMoMQC1HtzkSA8u8eByDyk%2Fq7dY1G7zdpNTwVgYJ0E7iZKoQ5mfMH%2BxE8Kxib0BinwApgZgZhe52cWWHMC472A3K1juwRZj4t3cRY9XKAVBaQlKSlBKgrIgKHvVAVc2tNV9rqyLg8scXubFaqiL7h490EVXZGQvPyePT%2BbiPXVvHVvirM6aiR80uUjiKFhq%2BzFfatOo0251wmbSbC62YGUFaeemre7IMbnyjEMux4T8%2FBAxPYZVx2DSA3UBaDlshT7o5jBq%2B9jJvkylMdrEdLuhTRdcV8iLGoptb0%2Bdk6enC3pp4y8IdnLtx8VpgJkKuanwnvyeoKvuDm%2Fpkuzf0qUlX2%2FkhUzlDp0s73ZBC%2FG%2Fz18X26U2fPW6HXz2MpsQk%2FLoTWGLNZpxmXUt%2BWJZci7MijZMkG9W7dsivuHs5rIzmcvXbryysprmRlgrdTYClaf2QzA5JvPpL9NveeXZ%2F0OaEYyrkLoTchmQegSW78LmM%2FdWExg108T5HEpXDU0Yzx6VJFBihmlcwf4Lx7N6z95F19RAizvI0go9U6GnKlA1gHXzwyI3J9d%2B%2BHgSnyBWtWGsTG0%2FVkZ9NCadnz6dzndyXUzgPVh5VhctsdTpRH7U4r4fRzwMg6ZgdDGiHRqGSQuFHfOb7T%2F%2BBgAA%2F%2F8BAAD%2F%2F0bNA29yBAAA | 192.243.61.227 | 200 OK | 7 B |
URL GET HTTP/1.1greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuuzjeXL54UPXibBQUFmXR3ejIzLrIY10gwJvtD0ZtUV1VPylR3NVVd05OcgguyBw9z8KKL0Hkm2aDGRf8ARSZeJLCQEYUI5iB4F4TgUWY2OPpC1fs%2B9TyH533f%2BmDPnRMfjp6tvKF3pFJ0odnw68%2B9EwRX62syc%2F16v7307lJ0tW56LwZ%2Bp%2BE%2FX39NsC29EPqB7wd%2BUF%2BRRiS6vxAEQcOHzI86QaPjN6KwETQj9M1%2FsXUeLPXAe%2BfkCUg%2Bnj96EEGyEbL0q%2BvCbhU6f%2BHV1ClaaIMeP3wr28p0mSGdlYnxkGSHl2poe7ryLXR2MDUM3ftHGMsx8X7%2FDXF2eOkSce%2FgkdFYQWSI%2BWMoeyMINYKkIzB9B5KfEoBxrG8gS%2B%2Bva1PS7UcsnbBjUrv4E7Ick9qvTyJLHywr2a%2Ff1soVUmcW%2FaSC7I8guyPk7hjFzhxkeQxWvA%2FJH5KFizVk6f6GVRqSV9PmpRxBJiMoMQC1HtzkSA8u8eByDyk%2Fq7dY1G7zdpNTwVgYJ0E7iZKoQ5mfMH%2BxE8Kxib0BinwApgZgZhe52cWWHMC472A3K1juwRZj4t3cRY9XKAVBaQlKSlBKgrIgKHvVAVc2tNV9rqyLg8scXubFaqiL7h490EVXZGQvPyePT%2BbiPXVvHVvirM6aiR80uUjiKFhq%2BzFfatOo0251wmbSbC62YGUFaeemre7IMbnyjEMux4T8%2FBAxPYZVx2DSA3UBaDlshT7o5jBq%2B9jJvkylMdrEdLuhTRdcV8iLGoptb0%2Bdk6enC3pp4y8IdnLtx8VpgJkKuanwnvyeoKvuDm%2Fpkuzf0qUlX2%2FkhUzlDp0s73ZBC%2FG%2Fz18X26U2fPW6HXz2MpsQk%2FLoTWGLNZpxmXUt%2BWJZci7MijZMkG9W7dsivuHs5rIzmcvXbryysprmRlgrdTYClaf2QzA5JvPpL9NveeXZ%2F0OaEYyrkLoTchmQegSW78LmM%2FdWExg108T5HEpXDU0Yzx6VJFBihmlcwf4Lx7N6z95F19RAizvI0go9U6GnKlA1gHXzwyI3J9d%2B%2BHgSnyBWtWGsTG0%2FVkZ9NCadnz6dzndyXUzgPVh5VhctsdTpRH7U4r4fRzwMg6ZgdDGiHRqGSQuFHfOb7T%2F%2BBgAA%2F%2F8BAAD%2F%2F0bNA29yBAAA IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerLet's Encrypt Subjectgreedevolution.com Fingerprint56:6A:8F:B1:B0:73:15:A8:75:6B:08:C8:8A:63:3B:BF:27:16:12:FD ValidityThu, 23 Mar 2023 06:21:03 GMT - Wed, 21 Jun 2023 06:21:02 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuuzjeXL54UPXibBQUFmXR3ejIzLrIY10gwJvtD0ZtUV1VPylR3NVVd05OcgguyBw9z8KKL0Hkm2aDGRf8ARSZeJLCQEYUI5iB4F4TgUWY2OPpC1fs%2B9TyH533f%2BmDPnRMfjp6tvKF3pFJ0odnw68%2B9EwRX62syc%2F16v7307lJ0tW56LwZ%2Bp%2BE%2FX39NsC29EPqB7wd%2BUF%2BRRiS6vxAEQcOHzI86QaPjN6KwETQj9M1%2FsXUeLPXAe%2BfkCUg%2Bnj96EEGyEbL0q%2BvCbhU6f%2BHV1ClaaIMeP3wr28p0mSGdlYnxkGSHl2poe7ryLXR2MDUM3ftHGMsx8X7%2FDXF2eOkSce%2FgkdFYQWSI%2BWMoeyMINYKkIzB9B5KfEoBxrG8gS%2B%2Bva1PS7UcsnbBjUrv4E7Ick9qvTyJLHywr2a%2Ff1soVUmcW%2FaSC7I8guyPk7hjFzhxkeQxWvA%2FJH5KFizVk6f6GVRqSV9PmpRxBJiMoMQC1HtzkSA8u8eByDyk%2Fq7dY1G7zdpNTwVgYJ0E7iZKoQ5mfMH%2BxE8Kxib0BinwApgZgZhe52cWWHMC472A3K1juwRZj4t3cRY9XKAVBaQlKSlBKgrIgKHvVAVc2tNV9rqyLg8scXubFaqiL7h490EVXZGQvPyePT%2BbiPXVvHVvirM6aiR80uUjiKFhq%2BzFfatOo0251wmbSbC62YGUFaeemre7IMbnyjEMux4T8%2FBAxPYZVx2DSA3UBaDlshT7o5jBq%2B9jJvkylMdrEdLuhTRdcV8iLGoptb0%2Bdk6enC3pp4y8IdnLtx8VpgJkKuanwnvyeoKvuDm%2Fpkuzf0qUlX2%2FkhUzlDp0s73ZBC%2FG%2Fz18X26U2fPW6HXz2MpsQk%2FLoTWGLNZpxmXUt%2BWJZci7MijZMkG9W7dsivuHs5rIzmcvXbryysprmRlgrdTYClaf2QzA5JvPpL9NveeXZ%2F0OaEYyrkLoTchmQegSW78LmM%2FdWExg108T5HEpXDU0Yzx6VJFBihmlcwf4Lx7N6z95F19RAizvI0go9U6GnKlA1gHXzwyI3J9d%2B%2BHgSnyBWtWGsTG0%2FVkZ9NCadnz6dzndyXUzgPVh5VhctsdTpRH7U4r4fRzwMg6ZgdDGiHRqGSQuFHfOb7T%2F%2BBgAA%2F%2F8BAAD%2F%2F0bNA29yBAAA HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: u_pl=18193230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 02 May 2023 16:23:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 573c7ade823db467bbe95bfa28e54340
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXucUT4oevMgIHhRk0t3pycy4yGJcI8GY7A9Fb1JdVT0pU93VVHVNT3IKLsgePMzBiy5C55tkgxoX%2FQMUmXiRwEJGFCKag%2BBdEIJHmUlw9EHVe6%2B%2B7%2FC979UHu%2B6M%2BHD0dPkNvS2VovPNhl9%2F7p0guFpflZnr1%2FvtxXcXo6t103sx8DsN%2F%2Fn6a4Jt6vnQD3w%2F8IP6sjQi0f35IAgaPmR%2B2AkaHb8RhY2gGaFv%2Ft9b58FSD7x3Rh6H5OO5wwcRJBshS7%2B6LuxmofMXXk2dooU26PGDt7LNTJcZ0lmZGA9JdnDJhrYny99CZ%2FtTwdC9f4mxHBPvj98RZweXKhH39i%2BExgoiQ8wfRdkbQagRJB2B6TuQ%2FIQAjGNtHVl6f02bkm5doHSCjknt%2FC%2FIckxqvz2BLH2wpGS%2FflsrV0idWfSTCrI%2FguyOkLsjFNtXIMsjsOJ9SP6QzJ%2BvIkv31q3SkLyaDi%2FlCDIZQYkBqPXgJkd6cIkHl3tI%2BWm9xaJ2m7ebnArGwjgJ2kmURB3K%2FIT5C50Qjk3kDVDkAzA1ADM7yM0ONuUAxn0Hu1HBcg%2B2GBPv5g56vEIpCEpLUFKCUhKUBUHZq%2Fa5sqGt7nNlXRxc5vAyL1RDXXR36b4uuiIju%2FkZeWzii%2FfkvTVsitM6ayZ%2B0OQiiaNgse3HfLFNo0671QmbSbO50IKVFaS9Mh11W47JM8865HJMyM8PEdMjWHUEJj1QF4CWw1bog24Mo7aP7ezLVBqjTUy3Gtp0wXWFvKih2PJ21Rl5arqgzk%2F3INjxtR8XpgFmKuSmwnvye4Kuuju8pUuyd0uXlny9nhcyldt0srzbBS3EI5%2B%2FLrZKbfjKdTv47GU2ASbl4ZvCFqs04zLrWvLFkuRcmGVtmCDfrNi3RXzD2Y0lZzKXr954ZXklzY2wVupsBCpP7Idgckzm0l%2Bm3%2FLpXwtIM4JxFVJ3TC4DUo%2FA8h3YfKbeagKjZpw4r6F01dCE8exRSQIlZj2NK9j%2F9PGs3rV30TU10OIOsrRCz1ToqQpUDWDd3LDIzfG1Hz6exCeIVW0YK1Pbi5VRH02s%2FXRMXlr%2Fe3KdXzht5WldtMRipxP5UYv7fhzxMAyagtGFiHZoGCYtFHbMb7b%2F%2FAcAAP%2F%2FAQAA%2F%2F%2BTJGr0cgQAAA%3D%3D | 192.243.61.227 | 200 OK | 7 B |
URL GET HTTP/1.1greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXucUT4oevMgIHhRk0t3pycy4yGJcI8GY7A9Fb1JdVT0pU93VVHVNT3IKLsgePMzBiy5C55tkgxoX%2FQMUmXiRwEJGFCKag%2BBdEIJHmUlw9EHVe6%2B%2B7%2FC979UHu%2B6M%2BHD0dPkNvS2VovPNhl9%2F7p0guFpflZnr1%2FvtxXcXo6t103sx8DsN%2F%2Fn6a4Jt6vnQD3w%2F8IP6sjQi0f35IAgaPmR%2B2AkaHb8RhY2gGaFv%2Ft9b58FSD7x3Rh6H5OO5wwcRJBshS7%2B6LuxmofMXXk2dooU26PGDt7LNTJcZ0lmZGA9JdnDJhrYny99CZ%2FtTwdC9f4mxHBPvj98RZweXKhH39i%2BExgoiQ8wfRdkbQagRJB2B6TuQ%2FIQAjGNtHVl6f02bkm5doHSCjknt%2FC%2FIckxqvz2BLH2wpGS%2FflsrV0idWfSTCrI%2FguyOkLsjFNtXIMsjsOJ9SP6QzJ%2BvIkv31q3SkLyaDi%2FlCDIZQYkBqPXgJkd6cIkHl3tI%2BWm9xaJ2m7ebnArGwjgJ2kmURB3K%2FIT5C50Qjk3kDVDkAzA1ADM7yM0ONuUAxn0Hu1HBcg%2B2GBPv5g56vEIpCEpLUFKCUhKUBUHZq%2Fa5sqGt7nNlXRxc5vAyL1RDXXR36b4uuiIju%2FkZeWzii%2FfkvTVsitM6ayZ%2B0OQiiaNgse3HfLFNo0671QmbSbO50IKVFaS9Mh11W47JM8865HJMyM8PEdMjWHUEJj1QF4CWw1bog24Mo7aP7ezLVBqjTUy3Gtp0wXWFvKih2PJ21Rl5arqgzk%2F3INjxtR8XpgFmKuSmwnvye4Kuuju8pUuyd0uXlny9nhcyldt0srzbBS3EI5%2B%2FLrZKbfjKdTv47GU2ASbl4ZvCFqs04zLrWvLFkuRcmGVtmCDfrNi3RXzD2Y0lZzKXr954ZXklzY2wVupsBCpP7Idgckzm0l%2Bm3%2FLpXwtIM4JxFVJ3TC4DUo%2FA8h3YfKbeagKjZpw4r6F01dCE8exRSQIlZj2NK9j%2F9PGs3rV30TU10OIOsrRCz1ToqQpUDWDd3LDIzfG1Hz6exCeIVW0YK1Pbi5VRH02s%2FXRMXlr%2Fe3KdXzht5WldtMRipxP5UYv7fhzxMAyagtGFiHZoGCYtFHbMb7b%2F%2FAcAAP%2F%2FAQAA%2F%2F%2BTJGr0cgQAAA%3D%3D IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerLet's Encrypt Subjectgreedevolution.com Fingerprint56:6A:8F:B1:B0:73:15:A8:75:6B:08:C8:8A:63:3B:BF:27:16:12:FD ValidityThu, 23 Mar 2023 06:21:03 GMT - Wed, 21 Jun 2023 06:21:02 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXucUT4oevMgIHhRk0t3pycy4yGJcI8GY7A9Fb1JdVT0pU93VVHVNT3IKLsgePMzBiy5C55tkgxoX%2FQMUmXiRwEJGFCKag%2BBdEIJHmUlw9EHVe6%2B%2B7%2FC979UHu%2B6M%2BHD0dPkNvS2VovPNhl9%2F7p0guFpflZnr1%2FvtxXcXo6t103sx8DsN%2F%2Fn6a4Jt6vnQD3w%2F8IP6sjQi0f35IAgaPmR%2B2AkaHb8RhY2gGaFv%2Ft9b58FSD7x3Rh6H5OO5wwcRJBshS7%2B6LuxmofMXXk2dooU26PGDt7LNTJcZ0lmZGA9JdnDJhrYny99CZ%2FtTwdC9f4mxHBPvj98RZweXKhH39i%2BExgoiQ8wfRdkbQagRJB2B6TuQ%2FIQAjGNtHVl6f02bkm5doHSCjknt%2FC%2FIckxqvz2BLH2wpGS%2FflsrV0idWfSTCrI%2FguyOkLsjFNtXIMsjsOJ9SP6QzJ%2BvIkv31q3SkLyaDi%2FlCDIZQYkBqPXgJkd6cIkHl3tI%2BWm9xaJ2m7ebnArGwjgJ2kmURB3K%2FIT5C50Qjk3kDVDkAzA1ADM7yM0ONuUAxn0Hu1HBcg%2B2GBPv5g56vEIpCEpLUFKCUhKUBUHZq%2Fa5sqGt7nNlXRxc5vAyL1RDXXR36b4uuiIju%2FkZeWzii%2FfkvTVsitM6ayZ%2B0OQiiaNgse3HfLFNo0671QmbSbO50IKVFaS9Mh11W47JM8865HJMyM8PEdMjWHUEJj1QF4CWw1bog24Mo7aP7ezLVBqjTUy3Gtp0wXWFvKih2PJ21Rl5arqgzk%2F3INjxtR8XpgFmKuSmwnvye4Kuuju8pUuyd0uXlny9nhcyldt0srzbBS3EI5%2B%2FLrZKbfjKdTv47GU2ASbl4ZvCFqs04zLrWvLFkuRcmGVtmCDfrNi3RXzD2Y0lZzKXr954ZXklzY2wVupsBCpP7Idgckzm0l%2Bm3%2FLpXwtIM4JxFVJ3TC4DUo%2FA8h3YfKbeagKjZpw4r6F01dCE8exRSQIlZj2NK9j%2F9PGs3rV30TU10OIOsrRCz1ToqQpUDWDd3LDIzfG1Hz6exCeIVW0YK1Pbi5VRH02s%2FXRMXlr%2Fe3KdXzht5WldtMRipxP5UYv7fhzxMAyagtGFiHZoGCYtFHbMb7b%2F%2FAcAAP%2F%2FAQAA%2F%2F%2BTJGr0cgQAAA%3D%3D HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: u_pl=18193230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 02 May 2023 16:23:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b428a7872fd8544fd44bc4188aea155a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| proxyspare3.latestcache.com/cdn-cgi/rum? | 104.21.36.134 | 204 No Content | 0 B |
URL POST HTTP/3proxyspare3.latestcache.com/cdn-cgi/rum? IP104.21.36.134:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerGoogle Trust Services LLC Subject*.latestcache.com Fingerprint76:A1:56:E1:7D:73:58:DA:29:73:F5:2B:BC:CE:E2:A5:8E:02:F4:7D ValidityTue, 07 Mar 2023 06:05:02 GMT - Mon, 05 Jun 2023 06:05:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
POST /cdn-cgi/rum? HTTP/1.1
Host: proxyspare3.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://proxyspare3.latestcache.com/
Content-Type: application/json
Content-Length: 462
Origin: https://proxyspare3.latestcache.com
Alt-Used: proxyspare3.latestcache.com
Connection: keep-alive
Cookie: _ga_H55MMD7MCD=GS1.1.1683044597.1.0.1683044597.0.0.0; _ga=GA1.1.1987698737.1683044597; dom3ic8zudi28v8lr6fgphwffqoz0j6c=704e0782-9927-4189-ba2e-03ba07c16c84%3A2%3A1; ppu_main_6c1f3c85c99e62eb028505b3f6b22cd4=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Tue, 02 May 2023 16:23:23 GMT
access-control-allow-origin: https://proxyspare3.latestcache.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7c119bc13efeb500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| proxyspare3.latestcache.com/cdn-cgi/apps/body/0u8bev7r7LyK2fjruYWKC6_8D8A.js | 104.21.36.134 | 200 OK | 3.7 kB |
URL GET HTTP/3proxyspare3.latestcache.com/cdn-cgi/apps/body/0u8bev7r7LyK2fjruYWKC6_8D8A.js IP104.21.36.134:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerGoogle Trust Services LLC Subject*.latestcache.com Fingerprint76:A1:56:E1:7D:73:58:DA:29:73:F5:2B:BC:CE:E2:A5:8E:02:F4:7D ValidityTue, 07 Mar 2023 06:05:02 GMT - Mon, 05 Jun 2023 06:05:01 GMT
File typeASCII text, with very long lines (3740), with no line terminators Hash2f4910f93d25a85f5aad8ab46339a4c3 431514f26c79cb359f0a52c454d5dbb3bc4c2444 3a977f056e371be3b5928f4d1b3425cf20bf8a3cf700af309190efac527d246d
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /cdn-cgi/apps/body/0u8bev7r7LyK2fjruYWKC6_8D8A.js HTTP/1.1
Host: proxyspare3.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://proxyspare3.latestcache.com/
Alt-Used: proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: s1vChA49ErpyQu9HJaeOoGCeBxxSyJIKy/JLLe36nZ9fONDn/9Hq0VUxq+FiJ8EttcOH37QlKQY=
x-amz-request-id: YB82A2BDCD4J3VX1
cache-control: public, max-age=31536000
last-modified: Wed, 15 Mar 2023 02:06:52 GMT
x-amz-version-id: ssrzx5W2q8xknXmAPe.uy.ZXqLRcmRWy
etag: W/"0b9381048044b3207a2e9371ecb4b0fc"
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8LzZjkYl4EEqBcnGWYH5XPUb5RtsoNpyaln99GQRxo9yZuZq9C5WEoM2ipiiaLNIFlKPzdcRgmGrlurG9agVQgvN%2BjD5oGlcaJt1W1CIlx%2BYS6QtAoQdP12276R91qa7eM8aiVfArh6mrgdX4w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c119b789e18b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| proxyspare3.latestcache.com/static/images/favicon.ico | 104.21.36.134 | 200 OK | 318 B |
URL GET HTTP/3proxyspare3.latestcache.com/static/images/favicon.ico IP104.21.36.134:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerGoogle Trust Services LLC Subject*.latestcache.com Fingerprint76:A1:56:E1:7D:73:58:DA:29:73:F5:2B:BC:CE:E2:A5:8E:02:F4:7D ValidityTue, 07 Mar 2023 06:05:02 GMT - Mon, 05 Jun 2023 06:05:01 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors\012- data Hash6f8382abb1625bccd829eceb7f56ded6 279a65392ca05d6be3e01857d76919119f2461e1 e8f5a7e23dd5f0534221ed7923b8caaab0c397dffe083f7fbf4cbe55a84adad8
GET /static/images/favicon.ico HTTP/1.1
Host: proxyspare3.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://proxyspare3.latestcache.com/
Alt-Used: proxyspare3.latestcache.com
Connection: keep-alive
Cookie: _ga_H55MMD7MCD=GS1.1.1683044597.1.0.1683044597.0.0.0; _ga=GA1.1.1987698737.1683044597; dom3ic8zudi28v8lr6fgphwffqoz0j6c=704e0782-9927-4189-ba2e-03ba07c16c84%3A2%3A1; ppu_main_6c1f3c85c99e62eb028505b3f6b22cd4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 02 May 2023 16:23:13 GMT
content-type: image/x-icon
etag: W/"63e1c766-13e"
last-modified: Tue, 07 Feb 2023 03:37:10 GMT
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GReg%2Biy5US8zucyz0TMNANzMTipHnZQiz3EEdLgEJvT6y9JDHATPjqX8AHaM3dVFt%2B%2By%2B0Jo4Haufe0%2FM5nm3F4idXeX37%2BLUNRb7b5ImW8ZBMD9KhZhB%2F4aG3EihAPgfxCzFqDt%2F64oRe%2BpK9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c119b7e8852b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| proxyspare3.latestcache.com/cdn-cgi/apps/head/q6VigkzHh5xGbmd0GX6edfKnNmE.js | 104.21.36.134 | 200 OK | 9.7 kB |
URL GET HTTP/3proxyspare3.latestcache.com/cdn-cgi/apps/head/q6VigkzHh5xGbmd0GX6edfKnNmE.js IP104.21.36.134:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerGoogle Trust Services LLC Subject*.latestcache.com Fingerprint76:A1:56:E1:7D:73:58:DA:29:73:F5:2B:BC:CE:E2:A5:8E:02:F4:7D ValidityTue, 07 Mar 2023 06:05:02 GMT - Mon, 05 Jun 2023 06:05:01 GMT
File typeASCII text, with very long lines (9853), with no line terminators Hasha2f2bf6c4d33a72606ac2d8d41206d75 76254108c6fe2c3a5394ba17fd957f34ed519ceb e280775ab9c6ae519574acdd25fca0999c42214f7dd68eed4536b5ddb86a2e84
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /cdn-cgi/apps/head/q6VigkzHh5xGbmd0GX6edfKnNmE.js HTTP/1.1
Host: proxyspare3.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://proxyspare3.latestcache.com/
Alt-Used: proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: JZHTW3vHIbrFSC5yIUhl1t8m9CmC/aqwg7zoric5t8CNw0J0iuFLd6kPbBZOK+DTRlx3SwsPmE0=
x-amz-request-id: YB89ATGAZ6214WEQ
cache-control: public, max-age=31536000
last-modified: Wed, 15 Mar 2023 02:06:52 GMT
x-amz-version-id: zM4u_59zAj8rPmX3qgu0ez9JA1MXRRrK
etag: W/"2bd55c12a937916233a15f3608de6a92"
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkm2%2F%2BOP1l7JZWuDps6fLeJQY77rw6mKFokacRedZvspxFCYTKlM%2Bu4FX41GiQpa3JYhncBJ%2B%2BpgPiS8aZ8PCNFI39jIaqus6r3s6ChqumJQuV9Y5ELWlcdQVosP8Yv%2B50uV8G96KhhZtBTq4%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c119b75d9f5b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Dosis | 142.250.74.74 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Dosis IP142.250.74.74:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60 ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File typeASCII text, with very long lines (1213), with no line terminators Hash94c016bf52a8251bd0db6bbc1526db30 7b9256bd1814f80214b4212b9023f83136d9e82c 5e46485986857659c74bf14e3a568834aa19acd96798bb516e9b8fb179a71a23
GET /css?family=Dosis HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 02 May 2023 16:23:11 GMT
date: Tue, 02 May 2023 16:23:11 GMT
cache-control: private, max-age=86400
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css | 104.18.11.207 | 200 OK | 125 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css IP104.18.11.207:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (65320) Size125 kB (124962 bytes) Hash3ffbab350748e841d3768b5d1ca48933 262e04cab3c1a51024d4f3960c72ebd3968476a7 9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d
GET /bootstrap/4.0.0-beta/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"3ffbab350748e841d3768b5d1ca48933"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 05/04/2022 04:18:25
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 3bb9fba26360a9ac3341890ee35c7b2f
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7c119b764f681c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| addresseepaper.com/sfp.js | 0.0.0.0 | | 0 B |
URL GET addresseepaper.com/sfp.js IP0.0.0.0:0
Requested byhttps://proxyspare3.latestcache.com/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FWallpapers.Hq&send=false&layout=button_count&width=450&show_faces=false&action=like&colorscheme=light&font&height=21&appId=223442217781615 |  31.13.72.36 | 200 OK | 0 B |
URL GET HTTP/2www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FWallpapers.Hq&send=false&layout=button_count&width=450&show_faces=false&action=like&colorscheme=light&font&height=21&appId=223442217781615 IP31.13.72.36:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerDigiCert Inc Subject*.facebook.com Fingerprint88:81:81:32:20:A7:A6:69:02:67:8C:EE:13:B3:19:2D:0E:31:3C:B1 ValidityThu, 09 Feb 2023 00:00:00 GMT - Wed, 10 May 2023 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FWallpapers.Hq&send=false&layout=button_count&width=450&show_faces=false&action=like&colorscheme=light&font&height=21&appId=223442217781615 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 0mye/iSbXZJ5Mh/+hVxqIMRZPSQuMxmVcYxiNySbBZEvnni5CFrhQaReEPd8ds8/ql992eDaTunZfO868dwvgA==
content-length: 0
date: Tue, 02 May 2023 16:23:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/dosis/v27/HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xME.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/dosis/v27/HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xME.woff2 IP216.58.207.227:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15548, version 1.0\012- data Hash72f419b6583f0c15692ee5267f26e75e 640f336a8ae14388e68aac134f0cf7bc0532f93b ffcaf935e7915d062e0fafff6b452e48b14fc34433deae075ca25df0d0a8185c
GET /s/dosis/v27/HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xME.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://proxyspare3.latestcache.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Apr 2023 17:11:13 GMT
expires: Mon, 29 Apr 2024 17:11:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:56:46 GMT
content-type: font/woff2
age: 169918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| staticbay.pages.dev/proxy/js/ads/banner.js | 172.66.47.92 | 200 OK | 27 kB |
URL GET HTTP/3staticbay.pages.dev/proxy/js/ads/banner.js IP172.66.47.92:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint99:B8:08:37:9E:8C:AE:74:DF:9E:6D:A7:9E:A2:7B:34:A4:9F:17:AC ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT
File typeexported SGML document, ASCII text, with very long lines (27037), with no line terminators Hashcdcb5b8abbc9d532c62e2022032a0253 4f6537fd997995d839641dd20ee24fbf4577356b 72b0d92784cba20ae8f6c5f4b5e75dd9baadd1bcbe0a4551443985dd1b2dd268
GET /proxy/js/ads/banner.js HTTP/1.1
Host: staticbay.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: staticbay.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2fc9a82ae39d89f0426be1690662d533"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7xJw48aB0C7l57cszzQ6uF%2FYtqJrhuho4Ud8w6otc%2BvjRcOR2KFUWlEh6bAuw8eCOJv0vnK4b00FllFWUfwOriU10zvvvQJXwNJ44so%2BfS3wINNlqS4wojjOdawfjiFD5XT8VUP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c119b7a9b6db4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 | 104.16.56.101 | 200 OK | 20 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 IP104.16.56.101:443
Requested byhttps://proxyspare3.latestcache.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8 ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT
File typeASCII text, with very long lines (19927), with no line terminators Hashd294b48fb7400508953205265f95d2e1 fd545d38241c9c56e81f61e45cd239976ecd0b46 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
GET /beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proxyspare3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 16:23:11 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.4.2
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c119b765f43b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|