Report - zee.gl/GgHy2

Report Overview

Submitted URL
zee.gl/GgHy2
IP
104.21.46.123
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-27 07:09:08
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.36.77.32
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	771 B	18 kB	104.17.25.14
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	31 kB	142.250.74.10
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.61.227
polyfill.io	102644	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	713 B	151.101.1.26
za.gl	404755	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	14 kB	172.67.73.23
fishermanslush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	776 B	36 kB	173.233.137.44
yearbookhobblespinal.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	441 B	467 B	173.233.137.44
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	393 B	104.16.57.101
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	8.0 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	54.230.245.110
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	608 B	552 B	216.239.34.36
soldierreproduceadmiration.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.9 kB	8.7 kB	173.233.137.44
zee.gl	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	692 B	104.21.46.123
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	946 B	39 kB	216.58.207.195
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	23.36.77.32
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	742 B	796 B	18.185.190.54
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	21 kB	142.250.74.174
friendshipmale.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	29 kB	172.64.202.23
cdn.creative-bars1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	62 kB	172.64.109.13
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	746 B	142.250.74.10
openfpcdn.io	238589	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	695 B	54.230.111.49
cdn.barscreative1.com	25648	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	425 B	386 B	45.133.44.3
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	34 kB	142.250.74.35
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.187.31.159
opticlygremio.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	1.1 kB	172.255.6.92
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	164 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	1.2 kB	142.250.74.164
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	748 B	121 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-27	medium	cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-27	medium	opticlygremio.com	Sinkholed
2022-11-27	medium	yearbookhobblespinal.com	Sinkholed
2022-11-27	medium	unseenreport.com	Sinkholed
2022-11-27	medium	unseenreport.com	Sinkholed
2022-11-27	medium	soldierreproduceadmiration.com	Sinkholed
2022-11-27	medium	soldierreproduceadmiration.com	Sinkholed
2022-11-27	medium	soldierreproduceadmiration.com	Sinkholed
2022-11-27	medium	soldierreproduceadmiration.com	Sinkholed
2022-11-27	medium	soldierreproduceadmiration.com	Sinkholed
2022-11-27	medium	soldierreproduceadmiration.com	Sinkholed
2022-11-27	medium	soldierreproduceadmiration.com	Sinkholed

JavaScript (40)

	URL	Size	First Seen	Last Seen
	za.gl/vendor/jquery.min.js?ver=6.0.35	86 kB	2023-03-07	2024-04-19
Pretty URL za.gl/vendor/jquery.min.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:18 Last Seen2024-04-19 20:40:43 Times Seen4028 Hash b354cc9d56a1da6b0c77604d1b153850 a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732 fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46 Loading...

	za.gl/GgHy2	1.4 kB	2023-03-08	2023-03-13
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:36 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 859794606223894bcc0c033cc6d869b8 ce6138e2db820287dab798492cd66b7b91945073 373181fd41a0a85596fa2358d0dc8ba96bb77e0784df6ea831bceb0470a67770 Loading...

	za.gl/GgHy2	40 B	2023-03-08	2023-07-09
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-07-09 00:24:52 Times Seen19 Hash 00a8959367484a89f6f33be799163e5b 6912808a17da65b33a3e44d493d9f9012d7d4f27 6b5f923a8b0eb209f662cd1c131791e43049b8c0d8605246a7985a7a1faabcc9 Loading...

	za.gl/GgHy2	1.0 kB	2023-03-08	2023-03-13
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 9c4368099ae1afa4449542fdecea1235 48283d40685295250d6134df89d8a4f2941ad3d8 798b1f960d2e857d7ed3d768d723312efad32e416ff83ee87c8eb1b047b8a317 Loading...

	www.googletagmanager.com/gtag/js?id=UA-120643151-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-120643151-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:12:53 Last Seen2023-03-11 21:12:53 Times Seen1 Hash c861eaf19d09269cce7023ca8ab1ed98 b12e90423df1778d14439cebef4c3afcd6c0a10e 2fbf94c948cde73b62b34e1b65decff20eab9774d1eaaa83bfa554f951684143 Loading...

	fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js	37 kB	2023-03-11	2023-03-11
Pretty URL fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:12:53 Last Seen2023-03-11 21:12:53 Times Seen1 Hash 621df878e4472b609dabbf3931a61235 d8a4eb72f42c609c1e481dae3e438e1e1046aff3 889b56f04142dc6d7102d2153f1d2523d6d63a60a1c7ebc73c4a062d0fbe67e4 Loading...

	za.gl/vendor/owl/owl.carousel.min.js?ver=6.0.35	40 kB	2023-03-07	2024-04-18
Pretty URL za.gl/vendor/owl/owl.carousel.min.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:47 Last Seen2024-04-18 14:45:29 Times Seen4702 Hash ffaa3c82ad2c6e216e68aca44746e1be 2fa7c468110fa68f1f3df6718daf971871623ee9 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91 Loading...

	za.gl/js/app.js?ver=6.0.35	26 kB	2023-03-08	2023-03-13
Pretty URL za.gl/js/app.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash b44faf1ba9736ac14c2959df771a764a 2820c342f40786d732b3288a6a794b4c929af991 5a197dd9b64afe3117da8ba22f23306f379ab6470929b2ef9486b7b1af7a2847 Loading...

	za.gl/GgHy2	593 B	2023-03-08	2024-02-11
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:45 Times Seen24 Hash 6b69f5e370ada113969be71ca3be15b8 5ea3c5bb08cf7ab6e5b964bc9da5067ea12ed719 5b17e2375e47787d826e08cb17065fa75929abf182c86a485dc5709ea798f2be Loading...

	za.gl/GgHy2	1.2 kB	2023-03-08	2023-07-09
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-07-09 00:24:52 Times Seen19 Hash c2c39ad276f809c05f995d2edbd79868 3f97924c66a8edff461321e2bb23070d5a71047b 89b401b6706b2dcb9a0d61e182c218c6f88099480ce4a85befc1727be1c79645 Loading...

	za.gl/GgHy2	475 B	2023-03-08	2023-03-13
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash c957004791a1c88f07fad443c4cf0103 df387f0103a68a8cd002a610e143dedc7dda46ef c61f91249095af7ad1ad3d083acbee9b76ca918e3a9380402d8d87289e5b5476 Loading...

	za.gl/new_vision_theme/js/front.js?ver=6.0.35	3.7 kB	2023-03-08	2024-02-11
Pretty URL za.gl/new_vision_theme/js/front.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:45 Times Seen30 Hash 127aa9c6e58812d0e4360189267f1af3 8107917380f6cd8f1b4c792c85e9b6d46d5f85bd b684a38a32bead7640659be8be6e21bb1318b7dbee16544c9c6a671d12f7deac Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	za.gl/vendor/bootstrap/js/bootstrap.min.js?ver=6.0.35	37 kB	2023-03-07	2024-04-20
Pretty URL za.gl/vendor/bootstrap/js/bootstrap.min.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-20 00:16:23 Times Seen54370 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js	13 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-19 12:55:25 Times Seen12929 Hash 4ff108e4584780dce15d610c142c3e62 77e4519962e2f6a9fc93342137dbb31c33b76b04 fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a Loading...

	za.gl/lz-string.min.js	4.7 kB	2023-03-08	2024-03-08
Pretty URL za.gl/lz-string.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-03-08 15:15:00 Times Seen51 Hash 20a5177b861a4e4523664d689412d0b7 d0f9a1b384ac8517e80c90d937782a30cb06e00b 4c09d32507760252ea4fd3364d4ec61639e88fd4887f02de667a44b4b90feb6e Loading...

	za.gl/GgHy2	270 B	2023-03-08	2024-02-11
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:44 Times Seen24 Hash 584b5071f7bd3d88115d366f9a770392 8d5ff888d7d332c36206ba5c664e940a9ff17c29 71d0b62bdf8965a3ea83bf5ef8c0c82fa6a4900f3541fa7f1bc7134462828d1a Loading...

	za.gl/GgHy2	153 B	2023-03-08	2024-02-11
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:36 Last Seen2024-02-11 16:06:45 Times Seen24 Hash 5ab6cc4334cb5477b8f21e3df5e4a2a4 97060e6cf8bec11b2c42404871e77d4679c15b6a d39f57e21dd6f05e4fd71da9bcf563cee4211b05a461ec2b182135189e43ccc2 Loading...

	cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.js	84 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:42 Last Seen2024-04-18 12:19:00 Times Seen1563 Hash 99cf8430b8d81c268269760118ec31a4 3fec23eeb6e45407f1fa1d38cf1cd3d463dd1f7a 430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d Loading...

	www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	918 B	2023-03-08	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:38:05 Last Seen2023-03-11 22:02:16 Times Seen1 Hash 4d9a9c1c82fbfdcdd4de93aaebe09a7d 04febd494033093553b805a7fa01c1d8c7e7a346 7dff9673bd36312ea408b4ddf99d8c8a99addcc729cc4b11ee6334c932c9f51c Loading...

	www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3	217 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:12:53 Last Seen2023-03-11 21:12:53 Times Seen1 Hash a116344412f61cc9dad168bc3c465c1f ab88b01342608d42366141a87ee9325605e02b62 adb19caace6b385717f191a758f0c45c70851fe83a813c994442b7116bc476e9 Loading...

	cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js	84 kB	2023-03-07	2024-03-31
Pretty URL cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:11 Last Seen2024-03-31 06:06:50 Times Seen542 Hash 6326c600df01e3bfb9b40e1aa08176f8 6b4fb754d29b297b539bf62ba9b4eaf0f33f314a df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3 Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	za.gl/GgHy2	1.9 kB	2023-03-08	2023-03-13
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 04af0cf88784e79ae00066bc2057a378 cf96b66fbd1a5c518f40d27adc555650cc75b747 0fcde6f92a9dbfb42ea0a8115ded92978bf4c3876fc312346b6d3030c9e603c7 Loading...

	za.gl/js/ads.js	106 B	2023-03-08	2024-04-14
Pretty URL za.gl/js/ads.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2024-04-14 20:13:59 Times Seen141 Hash 31129bbaf6802ed0bdd11a024afe7646 22ea0726f15adb8b677d9b4b829b39ce61da1bfc 42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee Loading...

	za.gl/sha256.js	6.6 kB	2023-03-08	2024-02-11
Pretty URL za.gl/sha256.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:45 Times Seen29 Hash 2cc365cf226fcd03e5f84c9f5351666e 2c2d4a57092d0b72f873aa158f9e78a8652d3e28 58248b6ef6302e6acb8173fe9a35918794e1a6a86d0bdb006927d8ec01ffcd35 Loading...

	za.gl/vendor/wow.min.js?ver=6.0.35	8.2 kB	2023-03-07	2024-04-19
Pretty URL za.gl/vendor/wow.min.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:38 Last Seen2024-04-19 07:51:17 Times Seen2080 Hash a26a117ff59c944bbb654bf506f69786 237c90127c99e91347536835096276b0add6d018 cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5 Loading...

	za.gl/vendor/clipboard.min.js?ver=6.0.35	11 kB	2023-03-07	2024-04-06
Pretty URL za.gl/vendor/clipboard.min.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:51 Last Seen2024-04-06 21:42:50 Times Seen234 Hash e77a83c01eb89942d5ae12a79183a741 d4c23f3a7e2f18585ea69e626a77fac782ea6f23 125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-20 02:38:42 Times Seen61221 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	polyfill.io/v3/polyfill.js?features=Intl%2Cfetch	241 B	2023-03-08	2023-03-13
Pretty URL polyfill.io/v3/polyfill.js?features=Intl%2Cfetch IP 151.101.1.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 0e5edc55f117cad930f46aa2e7cbd9a9 9992329c4599d663e1772f9a2a582b223ac67e35 b8fd7397496fb050cbb4dc9282804dd0ac75276477ec1b8603e23ed4d22d6f28 Loading...

	za.gl/GgHy2	190 B	2023-03-08	2023-03-13
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 634eb787db60294a36ac24b0efc33ae1 2daac292e935a98d610964ae083424134e689d82 7d725a37fb033206f74e81a7e584f17f8f27d17ea6ee4833527b915e7ea7d869 Loading...

	za.gl/GgHy2	155 B	2023-03-08	2023-03-13
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash d702c9cac95a57aeede12903e6d3445e 2a93876bc1f5fbb76840644c2c98695b735b5386 d016ae1e57c6e60777647838b5bdd0b5ccd96204c42c2a1b220d2e394e21c1d1 Loading...

	opticlygremio.com/1clkn/14927	6 B	2023-03-07	2024-04-19
Pretty URL opticlygremio.com/1clkn/14927 IP 172.255.6.92 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-04-19 19:49:35 Times Seen13417 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	http:blank	10 kB	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:18 Last Seen2023-03-11 22:02:16 Times Seen1 Hash f3551f27c6677dbee72151c355c65dcf 3a6cc6e909e7bc8d6b235a269edb212d5e634b85 55acbbb6233a9748f3035d35ef5eacba6f8b58a6a6d44378c0f52eaa8edfc03e Loading...

	za.gl/GgHy2	997 B	2023-03-08	2024-02-11
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:45 Times Seen24 Hash 7f6a591687ce7bb0ec71965509db2853 89abf0ce59a41a224ba84406c4af02666da81bc7 dcabc010a8573c50f9e4e944e50570a3acbad7a5b0613e50b3d7df417d56c3be Loading...

	za.gl/GgHy2	231 B	2023-03-08	2023-07-09
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-07-09 00:24:52 Times Seen19 Hash 8dc5c566219cfcc854b4532904fb6990 5bb002a4d9b6e58f933a39f0f5dd872626277109 c1a2fdd3aa9fd6093fbfc584a8cce0c073c05eb13ddafc54d781cebefc34296b Loading...

	za.gl/GgHy2	243 B	2023-03-08	2024-02-11
Pretty URL za.gl/GgHy2 IP 172.67.73.23 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:45 Times Seen24 Hash 52542741c81f8ecc39a79d0f92259e6f b06faaa0c462ea352b48b5dbc82a8b7a00726eaf aa0f41ba6b2262956ae19cc60609450a7da7851f15cc1e99110b48743c6f6d53 Loading...

	www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3&l=dataLayer&cx=c	217 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:12:53 Last Seen2023-03-11 21:12:53 Times Seen1 Hash 6cde14d0141864010fab3d90e48c7173 d199f9b0d4a8fb4c5aed5a55cc2ee97f9c8d6bea 50547820f9e60cec8563654b9b8a2825c98cb478353e754f964f05f86ef82d98 Loading...

	fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js	60 kB	2023-03-11	2023-03-11
Pretty URL fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:12:53 Last Seen2023-03-11 21:12:53 Times Seen1 Hash 8f4e74a36d3d95493e1b15db6ed75a93 f18b3dbda01687cfd8c8293c01d694fed48db24b b1392f0020731b07086e27a53df9a25f1fc89f9af193d48ab2e649b1d7530d5e Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 19:03:21 Times Seen1521 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (83)

URL IP Response Size

zee.gl/GgHy2

104.21.46.123

302 Found

0 B

URL HTTP/1.1
zee.gl/GgHy2
IP
104.21.46.123:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /GgHy2 HTTP/1.1
Host: zee.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sun, 27 Nov 2022 07:08:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
location: https://za.gl/GgHy2
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lwxk%2BXLx%2BV6fgauUrw7wRXLZxWSay%2B3z162mslC1RnsM1QoB0dQk7IaGc6qIn1mSbj%2BRFhoK9nVtZFsOE3gZz9bnzqTCFTWVfvR0DDe4m7I3Cm57qLLfT4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770909167c940b51-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10734
Expires: Sun, 27 Nov 2022 10:07:50 GMT
Date: Sun, 27 Nov 2022 07:08:56 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6120
Cache-Control: max-age=104652
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:56 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 12:13:08 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13826
Expires: Sun, 27 Nov 2022 10:59:22 GMT
Date: Sun, 27 Nov 2022 07:08:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 06:17:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3080
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: CcwUjnyr/KqUQZl9ynIXtbBPuVDrN1kZvib3YTnoT4EZfwb/ZbTZl7ol27omjVSEKkbacUIRIDc=
x-amz-request-id: 77ZCNNCJA0VYYBRJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 06:44:32 GMT
age: 1464
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 07:08:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
749d2ba574a4577b875a690517f0af02
6b9a21c2a93e2fa4bbde7a0ebd84b23879e9a7ab
698bc3ae709879b9822509bc08147b3d084ea70c2d98bf0197bf9dea5369617a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125525
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Etag: "6382545e-116"
Expires: Mon, 28 Nov 2022 18:01:02 GMT
Last-Modified: Sat, 26 Nov 2022 18:01:02 GMT
Server: nginx
Content-Length: 278

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 07:08:54 GMT
cache-control: public,max-age=3600
age: 3
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
749d2ba574a4577b875a690517f0af02
6b9a21c2a93e2fa4bbde7a0ebd84b23879e9a7ab
698bc3ae709879b9822509bc08147b3d084ea70c2d98bf0197bf9dea5369617a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=125525
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Etag: "6382545e-116"
Expires: Mon, 28 Nov 2022 18:01:02 GMT
Last-Modified: Sat, 26 Nov 2022 18:01:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

1.0 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
1.0 kB (1011 bytes)
Hash
95a91afb48e4a3c732a6677e4e9cd656
27070bbf8a48df31857d832ddf82465d10a88908
b9234c07280093040eef88d8760b7a3ffc90a5d5e0d2504a52be164a441b0b17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4618
Cache-Control: max-age=138788
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:42:05 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4618
Cache-Control: max-age=138788
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:42:05 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js

104.17.25.14

200 OK

4.3 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (548)
Size
4.3 kB (4256 bytes)
Hash
4dc1890d39b14772f9579894d823296e
ae5c8609bcf332695e4669f817c91a20a81e3208
e8280ea3c6c000fb1d319cc116e7ebe934818e2091fcf87dd6cc450b62d00b48

HTTP Headers

GET /ajax/libs/crypto-js/3.1.2/rollups/aes.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 4256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-3430"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 381619
expires: Fri, 17 Nov 2023 07:08:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lcas5ZKJ8TU2%2BESFi%2FngQHBiVGfnUDmu%2FA8FBvAI4U7E%2BrURlChLEaszpTevtcbpUEkdE%2BsNwEqio38fpgiL7ukY6pSRu91hkan1Tu99AJ%2F1j7HBrpvSBop0Wg2S389nJSc7VwQs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7709091c7f3eb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

polyfill.io/v3/polyfill.js?features=Intl%2Cfetch

151.101.1.26

200 OK

142 B

URL HTTP/2
polyfill.io/v3/polyfill.js?features=Intl%2Cfetch
IP
151.101.1.26:0
ASN
#54113 FASTLY

File type
ASCII text
Size
142 B (142 bytes)
Hash
0029422a03c75d739c3591816bdefde0
bf4af2e7c626fa715e179d4a726c6afb30e29e90
290c315adf54b46aa291ed06a69cd4d9111c08a83b265fbd57897cef29f003f0

HTTP Headers

GET /v3/polyfill.js?features=Intl%2Cfetch HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Sat, 19 Nov 2022 11:32:20 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Sun, 27 Nov 2022 07:08:57 GMT
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1655, PASS, fastly;desc="Edge time";dur=10
content-length: 142
X-Firefox-Spdy: h2

za.gl/GgHy2

172.67.73.23

200 OK

12 kB

URL HTTP/2
za.gl/GgHy2
IP
172.67.73.23:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6810), with CRLF, LF line terminators
Size
12 kB (11585 bytes)
Hash
2f65c25bbeb7627994c827bd135025ce
eb7e8a2c02fd3a53127c23a2817257ffe359f4eb
b2e33bdca93827487e407086c2bf870c49c9fae86716f09f7cb1184d3380bc40

HTTP Headers

GET /GgHy2 HTTP/1.1
Host: za.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=h5ffgsl8o9v6puufiejcnld5d6; path=/; HttpOnly; secure
zagl_publisher=865410; expires=Sun, 27-Nov-2022 07:09:57 GMT; Max-Age=60; path=/; secure
scr=0.45; expires=Sun, 27-Nov-2022 07:09:57 GMT; Max-Age=60; path=/; secure
zagl_publisher=865410; expires=Sun, 27-Nov-2022 07:09:57 GMT; Max-Age=60; path=/; secure
scr=0.45; expires=Sun, 27-Nov-2022 07:09:57 GMT; Max-Age=60; path=/; secure
csrfToken=bfb6b5d28732f202111d27179e9859fccbc8b3aa449cf2664afe0f4d3c7304f45472d068e5c49f6370d2c6cdb25303ad9df85a8758e84364aeaecc179aeaf612; path=/; secure
visitor=Q2FrZQ%3D%3D.NDUxMzQ1OWU0M2U2ZDM1NTg2NmFkOTRjOGEyMjE5ZjVhZWFjNWNhMDEyMDJkNDU2ZTM4ZDQ1NDk0MjAyODA0Ni1IdtYqMb6ct9g3zERmGDVq0v4UR03PHP1JJJCbV8aeDonIZBn8ZMbDU%2FFNd8NY2KMXiai%2F0Bki7dW4t2Gxs4z%2BN%2BzTQBBLNu%2FKTkuz4QrK; expires=Mon, 28-Nov-2022 07:08:57 GMT; Max-Age=86400; path=/; HttpOnly; secure
hash=Q2FrZQ%3D%3D.ZGU0MTdlZTkwMjE3YmExZGJiZmQ1YmQ1NjkwNTU4NTg3NzYxMTZjYWMyZDAyMmE2YzViOTc3NmJmOGZmOGNiY9PKg6KlT%2FSAsLxVXC41F3afHivdN5XpLLzsFZoTAi7T%2B5FyLpurJLVESUIQwJe79EJaKgqMjt8VGBHc9c%2Fhivw%3D; expires=Tue, 27-Dec-2022 07:08:57 GMT; Max-Age=2592000; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqKiQ1LXc1QJPYTBwvEoUbv3TcaNOQqP7g2AUWu3txaofyjTWYf%2FK%2FYWFzjbUiHvcP7vnS2bUKdx%2BAHjrqcFy%2F4dSbSNr6jOvFBFl8zW01t2U%2BUluOBm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770909197fd5b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

3.2 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
3.2 kB (3212 bytes)
Hash
2b8b3c6fc98199268cf3770d3fa5cc0d
b8d16d8e76f35564b6e7fb7493b71deaa3bff413
58beb03428aa0db7d75c0605afba9baeac598f69bee91c68f3f3fc0fc4eecc2b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1986
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Last-Modified: Sun, 27 Nov 2022 06:35:52 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

22 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
22 kB (22445 bytes)
Hash
8197e3bbea5e80dd217632a359d725be
dd235d840a7bda78ffb48167296a2e319fd8e996
589751b96a5722a685c0736ba7cfc92a914e1667976a1ef6dc994350a99d7a7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.js

104.17.25.14

200 OK

12 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
12 kB (12032 bytes)
Hash
fab824518fd82853ed2698f39d8ec43e
df19bf45131085a88eb2cd4c07e2bda44cef0e98
d55908906f498a577e0f9cc6ffeac157765acb67643c23d22c0d51b352e208c4

HTTP Headers

GET /ajax/libs/slick-carousel/1.6.0/slick.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 12032
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-14929"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5154053
expires: Fri, 17 Nov 2023 07:08:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7EnavMsNtTPPF%2BPGCK53tSmHdxNyTUSaLXctNGwuJ2nVhZar6%2F5mCc%2BLgPkWUVOH4MbrQvkwJN6bcFcG41XrSThV%2B19MEIjytmktYEgkbKiTKhp62omN3uuGxmbw0IfNJCXpHNI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7709091cdf75b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4618
Cache-Control: max-age=138788
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:42:05 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

142.250.74.10

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32058)
Size
30 kB (30306 bytes)
Hash
fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:19:00 GMT
expires: Wed, 22 Nov 2023 14:19:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 406197
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.164

200 OK

580 B

URL HTTP/2
www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (918), with no line terminators
Size
580 B (580 bytes)
Hash
dbf518f97165d213611f9e6f762bf876
a8529116d76204a0420a8c244723466310787f79
bc0692ecebd5884ea21d4bd3cd0ef1aa05f8a8439ea5f8ea7ebfe8110b603082

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sun, 27 Nov 2022 07:08:57 GMT
date: Sun, 27 Nov 2022 07:08:57 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 580
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-120643151-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-120643151-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43595 bytes)
Hash
0ad01b29a92eb5b6023d9ee4a125292b
d6f046042f8e361e46bfd5eaebbf7e85aaedb81f
9cf4a66d7d8c2f08bda12b5df3dbb1a0d3fbac822df126407423a94f62a86b9f

HTTP Headers

GET /gtag/js?id=UA-120643151-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 07:08:57 GMT
expires: Sun, 27 Nov 2022 07:08:57 GMT
cache-control: private, max-age=900
last-modified: Sun, 27 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3

142.250.74.168

200 OK

76 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19102)
Size
76 kB (75941 bytes)
Hash
3411d0ecb67bb3251733f7880c6f919e
395094b7eca7ae1331f536013887e1e21ce990e7
590d975e5d324fa5ac08915b8231758441d464f2e7db318bfbc70edbc6392b06

HTTP Headers

GET /gtag/js?id=G-6QVVMFTPT3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 07:08:57 GMT
expires: Sun, 27 Nov 2022 07:08:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed8f63f2e8f22dad9b4136d9cce331c
1350d313f70ac041f587467a35c8ceb794d830eb
dfa43e8f86dd3ff722ba6326ff53918a2c85607f679f21feed2d3607ce89c08b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFA43E8F86DD3FF722BA6326FF53918A2C85607F679F21FEED2D3607CE89C08B"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9079
Expires: Sun, 27 Nov 2022 09:40:16 GMT
Date: Sun, 27 Nov 2022 07:08:57 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

opticlygremio.com/1clkn/14927

172.255.6.92

200 OK

26 B

URL HTTP/1.1
opticlygremio.com/1clkn/14927
IP
172.255.6.92:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /1clkn/14927 HTTP/1.1
Host: opticlygremio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 07:08:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 28-Nov-2022 07:08:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 28-Nov-2022 07:08:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
70d13dbff7ec0930c387ac6ddb403251
c56e868cf2def175720c52c5f32d792ee2f749f9
17b8faf2988649ceaeecefa46842ad15d89caef8833f0e949011088f11e56de7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102012
Date: Sun, 27 Nov 2022 07:08:57 GMT
Etag: "6381e966-1d7"
Expires: Mon, 28 Nov 2022 11:29:09 GMT
Last-Modified: Sat, 26 Nov 2022 10:24:38 GMT
Server: ECS (dcb/7FA8)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3DS7HN_9vj8C5TpHkJVTpaCsmDY9J8ebigGNuxotPNG9IAC_Ll6VYA==
Age: 3871

push.services.mozilla.com/

54.187.31.159

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.31.159:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1ZEur4R+Oxhd2IdiP+u/CQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G3DXIhTET/eJUlFJ/HGGQj59K40=

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

3.9 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
3.9 kB (3904 bytes)
Hash
5f3a375983638cddc96dda3eb7bb4bdf
962d7e07c26c7c56f1684739b0b35faace7bec8f
18cfa287ea9f7126df915a50481f2acab75dec041e265b31c2020ad47ff3a0c2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2

216.58.207.195

200 OK

19 kB

URL HTTP/2
fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
19 kB (19028 bytes)
Hash
66b066bacfd6a21a9afa23d94b9786a6
bf29497ff8585866e7e3a199270d3808090c4b9c
cd15d8412e7307d4e20fd303fd0512a1da9227c5a4b5a108c37bb1ca7134f784

HTTP Headers

GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 20:33:10 GMT
expires: Fri, 24 Nov 2023 20:33:10 GMT
cache-control: public, max-age=31536000
age: 210948
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2

216.58.207.195

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18212, version 1.0\012- data
Size
18 kB (18212 bytes)
Hash
ca72fb4e277e59be50b8850190822581
159b97b22006fe2a483da0a13d33cfb3cc5aa031
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c

HTTP Headers

GET /s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 00:51:09 GMT
expires: Mon, 27 Nov 2023 00:51:09 GMT
cache-control: public, max-age=31536000
age: 22669
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4c2c38b64f782454fc2c0d60252ad15
b98ee83c4d3af302a828b6eac065426a7d6501cf
80b7f9ea618164d015aa82826116f37f06dd06a6ebe6492405bd9e503c557a93

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80B7F9EA618164D015AA82826116F37F06DD06A6EBE6492405BD9E503C557A93"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4152
Expires: Sun, 27 Nov 2022 08:18:10 GMT
Date: Sun, 27 Nov 2022 07:08:58 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

1.4 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
1.4 kB (1381 bytes)
Hash
976b0a66e3f2ce4dd07d652242072e0c
f4ba51761690cdef2c78f72a5f9f0a18c95b07db
aa0891c1ea695c7c04072f54b5d5902c393284c36ac724607b8f782af6242aca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js

173.233.137.44

200 OK

14 kB

URL HTTP/1.1
fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37190), with no line terminators
Size
14 kB (13458 bytes)
Hash
b0098a7e51949125c8748c2e0d122b05
f9cbf78c263f5511a57bdd6e828beafe5325655a
e70402b1f90454e48900c02025fb1d8d8342c2d921c8ea900eae6b21e708eb7a

HTTP Headers

GET /3e/c0/90/3ec0905094195898e97f189a6f59b52b.js HTTP/1.1
Host: fishermanslush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 07:08:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6b7de532f827326eeb069feb99d1f98
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d08d079d04458028065ddfa315e8ca41
146b9eb370f649d3a230226ab373e05f39fd80af
c108c7e6ef9d790abca48344401f4b5a2204fe16287908f48a865181f711f000

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C108C7E6EF9D790ABCA48344401F4B5A2204FE16287908F48A865181F711F000"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6309
Expires: Sun, 27 Nov 2022 08:54:07 GMT
Date: Sun, 27 Nov 2022 07:08:58 GMT
Connection: keep-alive

fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js

173.233.137.44

200 OK

21 kB

URL HTTP/1.1
fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (60155), with no line terminators
Size
21 kB (20700 bytes)
Hash
981bad21fcc30225bb62d83569fa75c4
5cd9468fe7183befd140c4cd17402e2c5c0cf528
ffe2a16ab9d4ab6d88a64596708ac78d01bddf81a7caf9476fc1707e48f082d2

HTTP Headers

GET /ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js HTTP/1.1
Host: fishermanslush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 07:08:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 19dd22bebf876aa73ad2461b223b47b9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 07:08:58 GMT
Last-Modified: Sun, 27 Nov 2022 05:46:04 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uY4bfn5_XORdXxm31aGM8yigP47Zqo6aycD6COkAvde-bsGg6GVuFw==
Age: 4974

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
5a3038df3e03301161beb6062b48d654
f2db56ad872c53427e58c50c44feebbc3376f322
276c1c795b81185d3fe46df55f595d98794b6b6bf7d1b10c57d4d09cf0cebc8c

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://za.gl
access-control-allow-credentials: true
set-cookie: uid_id2=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba:1:1; expires=Wed, 24 Nov 2032 07:08:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3bd18c87d547edc9b455d63b8b3dc556
f6a0a9caf6ca008dcf84dbb4ef010f92ea23fc62
5be0053bc5e7ffd39f7564254f78cee39f67ff664730eea34a9d583b57896250

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://za.gl
access-control-allow-credentials: true
set-cookie: uid_id2=54139eb7-5099-4e08-9bcd-d32f541132de:3:1; expires=Wed, 24 Nov 2032 07:08:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d08d079d04458028065ddfa315e8ca41
146b9eb370f649d3a230226ab373e05f39fd80af
c108c7e6ef9d790abca48344401f4b5a2204fe16287908f48a865181f711f000

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C108C7E6EF9D790ABCA48344401F4B5A2204FE16287908F48A865181F711F000"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6309
Expires: Sun, 27 Nov 2022 08:54:07 GMT
Date: Sun, 27 Nov 2022 07:08:58 GMT
Connection: keep-alive

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 27 Nov 2022 06:41:08 GMT
expires: Sun, 27 Nov 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 1670
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.163

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 34974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&a=828949205&t=pageview&_s=1&dl=https%3A%2F%2Fza.gl%2FGgHy2&ul=en-us&de=UTF-8&dt=za.gl&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=374235614&gjid=1646461673&cid=1027143027.1669532938&tid=UA-120643151-1&_gid=886734814.1669532938&_r=1&gtm=2oub90&z=954951592

142.250.74.174

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=828949205&t=pageview&_s=1&dl=https%3A%2F%2Fza.gl%2FGgHy2&ul=en-us&de=UTF-8&dt=za.gl&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=374235614&gjid=1646461673&cid=1027143027.1669532938&tid=UA-120643151-1&_gid=886734814.1669532938&_r=1&gtm=2oub90&z=954951592
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j98&a=828949205&t=pageview&_s=1&dl=https%3A%2F%2Fza.gl%2FGgHy2&ul=en-us&de=UTF-8&dt=za.gl&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=374235614&gjid=1646461673&cid=1027143027.1669532938&tid=UA-120643151-1&_gid=886734814.1669532938&_r=1&gtm=2oub90&z=954951592 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://za.gl
date: Sun, 27 Nov 2022 07:08:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-6QVVMFTPT3&gtm=2oeb90&_p=828949205&cid=1027143027.1669532938&ul=en-us&sr=1280x1024&_s=1&sid=1669532937&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2FGgHy2&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-6QVVMFTPT3&gtm=2oeb90&_p=828949205&cid=1027143027.1669532938&ul=en-us&sr=1280x1024&_s=1&sid=1669532937&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2FGgHy2&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-6QVVMFTPT3&gtm=2oeb90&_p=828949205&cid=1027143027.1669532938&ul=en-us&sr=1280x1024&_s=1&sid=1669532937&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2FGgHy2&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://za.gl
date: Sun, 27 Nov 2022 07:08:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.202.23

200 OK

28 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
172.64.202.23:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27622 bytes)
Hash
5394fa1f2ef9af7dd685d8b6632ada02
5d75cde709cdca022cabddf731e5f8b7bcd84502
09ffa6608a86392ea34af948461246fe36b16e6f4f31b8765c8f591b545857da

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 53b5ef5ab4bb445ebbacb9d1909ef3fd
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 27 Nov 2022 07:08:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQhdE%2Fh7ZeNQBsCAyth9tCemSA%2FY5wqsoW3Q5OC%2BKOIjigoAOPu0abH9rVfWoqvLwi2RuQYIYVyK%2F1fGA%2BSOMxkti%2FsidJCDmozy%2BfB5ZgXyJmRiNMu%2Bi0msnP1PAuT5p%2BpwGxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77090920e9560672-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

yearbookhobblespinal.com/pixel/purst?dl=0&th=0&sc=0&rs=1783&rd=1783&fd=514&bv=22.10.v.9&tmpl=70

173.233.137.44

200 OK

0 B

URL HTTP/1.1
yearbookhobblespinal.com/pixel/purst?dl=0&th=0&sc=0&rs=1783&rd=1783&fd=514&bv=22.10.v.9&tmpl=70
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1783&rd=1783&fd=514&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 07:08:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14186
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 07:08:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
98eaecd9f0e022d4b9b424cb0ec55799
53276f3d6b49cba36107c5bbad4b975b62f1d345
ac20339846844f8e6595584114a9c389a838d3773d27d2fd25d2591bdfbc3507

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC20339846844F8E6595584114A9C389A838D3773D27D2FD25D2591BDFBC3507"
Last-Modified: Thu, 24 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14005
Expires: Sun, 27 Nov 2022 11:02:24 GMT
Date: Sun, 27 Nov 2022 07:08:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14186
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 07:08:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14186
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 07:08:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4374 bytes)
Hash
514b4077fad50ba782e4bbb2c95c6852
4770f56d4d9489df43f33952e4bfa84d8e46414e
a97ce7c911625345342731b96cf423ee36182e101e3039694a666d6508a702ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4374
x-amzn-requestid: 16fa9401-4b57-4300-9377-3a7d96de3a38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGB7uFWJIAMFfTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f16b1-3386c7b54d828c3b1393b9ce;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:01:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6XMNeYqDwM9yHZf1rkBRhZ6k_iZE92MWKavu0vlQnT2jZ--tswQwWw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 08:08:31 GMT
age: 82828
etag: "4770f56d4d9489df43f33952e4bfa84d8e46414e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
8.4 kB (8420 bytes)
Hash
5334f5de7376c8b090641b2291831f4d
f8159e69864b0a46b068b748bbde1d453207fc23
c111e011fdcd33edfa4f73a8513fff6295bbe266d97221365232ad9f80a8fdc2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8145
x-amzn-requestid: ff37a7a0-ac51-4629-bb45-8983c4bcdd96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFFCuFL4oAMFpRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb544-7644e0183e2abc225f5e0938;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0oFg5UqP5KArhT2955eVqJsGhcnVoe7Je9nf6yTA7BLSsMVT2mXXUA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:26:21 GMT
age: 38558
etag: "1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9926 bytes)
Hash
892849386662d30042f01ab952a3ec14
3b349ac17a00d68875e64bee110ec85d07cffda2
893797d55f15081d45af7a31af9fefe106ace9ba236e9b113787d07ab416faf9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9926
x-amzn-requestid: b03f4d3b-b144-4466-ab11-96c8201d75a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Je2G_NIAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b22c5-5ef5e11a198cd8202372d8da;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:03:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Eeu-CbRcm2Zv8ZVXNO3vhUt2shbKNQZ1YqsxCMk96twd7zL_rceGYg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:05:31 GMT
age: 32608
etag: "3b349ac17a00d68875e64bee110ec85d07cffda2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 33442
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7380 bytes)
Hash
76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 33531
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10199 bytes)
Hash
2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 33438
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9131e8d3f3d4cb75936096e0bed676f1
6004d602e55df4312a11da35d0f56fe0a029b1f3
ac8636d95cc774c776dfbc2facb52a79bed6e29bce86d2745db64a1dcdb08240

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC8636D95CC774C776DFBC2FACB52A79BED6E29BCE86D2745DB64A1DCDB08240"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17248
Expires: Sun, 27 Nov 2022 11:56:27 GMT
Date: Sun, 27 Nov 2022 07:08:59 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=54139eb7-5099-4e08-9bcd-d32f541132de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7

192.243.61.227

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=54139eb7-5099-4e08-9bcd-d32f541132de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=54139eb7-5099-4e08-9bcd-d32f541132de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 27 Nov 2022 07:08:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fa756ce32bd8199d7112158816dd0da8
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=54139eb7-5099-4e08-9bcd-d32f541132de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7

192.243.61.227

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=54139eb7-5099-4e08-9bcd-d32f541132de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=54139eb7-5099-4e08-9bcd-d32f541132de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 27 Nov 2022 07:08:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2d9887a4f3732cefed407aaa1ba74cb2
Strict-Transport-Security: max-age=0; includeSubdomains

soldierreproduceadmiration.com/sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba%3A1%3A1

173.233.137.44

200 OK

4.1 kB

URL HTTP/1.1
soldierreproduceadmiration.com/sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba%3A1%3A1
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (5796), with no line terminators
Size
4.1 kB (4118 bytes)
Hash
c65bb0df9cf4e933023d479935c0cb0b
d23fe45d055d498f8cc309b110368ce0bd192da0
47fd4689f46e3f4dded73d08a538514758fc4476d8c0750d71fd8debcd8acb06

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba%3A1%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 07:08:59 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://za.gl
Access-Control-Allow-Origin: https://za.gl
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16908321; expires=Mon, 28 Nov 2022 07:08:59 GMT; secure; SameSite=None
uid_id2=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba:1:1; expires=Sun, 04 Dec 2022 07:08:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 28 Nov 2022 07:08:59 GMT; secure; SameSite=None
uncs=1; expires=Mon, 28 Nov 2022 07:08:59 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 28 Nov 2022 07:08:59 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 28 Nov 2022 07:08:59 GMT; secure; SameSite=None
slec3ec0905094195898e97f189a6f59b52b=[3760946]; expires=Sun, 27 Nov 2022 07:09:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 82e9e8b176a69d2b6f853566a7ad89fc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c7afa63a2e765a5889feedb036228204
546d048429118d6ff49049b948a6d39c3706b4e1
ce33ebbd5115ffaac9721eacc50f458d369b30dbc875379c5602fe846d078207

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE33EBBD5115FFAAC9721EACC50F458D369B30DBC875379C5602FE846D078207"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6464
Expires: Sun, 27 Nov 2022 08:56:43 GMT
Date: Sun, 27 Nov 2022 07:08:59 GMT
Connection: keep-alive

soldierreproduceadmiration.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRitXuPFRVhFhD0oI3hQMJPumenMtHsIrmskmE3CZiXnqurqSZmarraqe3oyp2BAF%2FQw4sWbnTfJhl0XcX%2BAKJP1IAOLOx5kDubqVQjsHrzITAaCH3R%2FX9V7h%2B%2B9V58fZKfERUbHGzd1VypFF%2FyyW3prS8ahzm1p7XbJc8vutdKWjBdr10qdyc%2B03%2FVcv%2By%2BXfpQ8B29UHE91%2FVcr7QsjYh0Z2GKQiYPAq8cuOVapez5NXTM%2F882c2Cpg7B9Sl6GDEfPb%2F%2F2EJIPELd%2BvCHsTqqTdz5oZYqm2qAdHn8c78Q6j9G6GCPjIIqPZ2xoOyLk20vQ8fFMAXT7cKIATI6I86cHFh%2FP1gRrH51vyhREDBZeRt4eQKgBJB2A633I8AkBeIi1dcStu2va5HT3HKUTdETmnp5B5iMy99criFs%2FXFeyU9rUKkulji06UQHZGUA2B0iyE6RdBzI%2FAU8%2Fgwwfk4Wnq4hbh%2BtWachw%2FCav88UqC6N5GvjRfE0suvOszqJ5LqqUCs%2FnEaNTi6QcQEYDKNEDtQ6yyScdZJGDLHHQCscl6geR69YjFlWrjRrnvFrl3G8shn5YrTUiFxmfaOghTXrgqgdu9pCYPezIHkz2C%2Bx2ARs6sClBOyyQC4LcEuSUIJcEeUqQt4ujUNmKLe6GymbMm%2FXKrFeLvk6bB%2FRIp00Rk4PklLw0Mc65RN7AjhiXqoK7geu7Qc0L%2FEbQEEE98hoBXYz8gPkVBisLSHtpKrM7SfF3B8mk51fA6AmsOgGXV0Cz10Dzfr3igm73aw0X3fioS8tNhVAXSNI5pLvOgTolV6fJBbwCwYdLzzafPR6%2F%2BgW4KZCYAp%2FIRwRNdad%2FS%2Bfk8JbOLXm4nqSyJbt0kupmSlMxd%2F8jsZtrE67csL177%2FEJMBkf3BY2XaVxKOOmJd9fl2EozLI2XJCfVuyWYBuZ3b6emThLVjfeX15pJUZYK3U8AJVP6t%2BAyxF54ebe9L2%2B%2FtUjSDOAyQq0siGZFaQ%2BAU%2F2YJPh0tm9f%2F9WX96A1QRGXXBY4iDPir6psItLJUekcvYrlBgufbfyKb96fwjKClhxYQMTw5%2F%2FOecf2DtoGgc03UfcKtA2BdqqAFU92Oy5fpqY4dIf1WmBKafPlHEOmTLq63N7rRyXhB%2B5kXArgkUBi%2BrUDYOoFjAaeKLOfOohtSO%2B%2F%2BLl%2FwAAAP%2F%2FAQAA%2F%2F8gqjfpiwQAAA%3D%3D

173.233.137.44

200 OK

7 B

URL HTTP/1.1
soldierreproduceadmiration.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRitXuPFRVhFhD0oI3hQMJPumenMtHsIrmskmE3CZiXnqurqSZmarraqe3oyp2BAF%2FQw4sWbnTfJhl0XcX%2BAKJP1IAOLOx5kDubqVQjsHrzITAaCH3R%2FX9V7h%2B%2B9V58fZKfERUbHGzd1VypFF%2FyyW3prS8ahzm1p7XbJc8vutdKWjBdr10qdyc%2B03%2FVcv%2By%2BXfpQ8B29UHE91%2FVcr7QsjYh0Z2GKQiYPAq8cuOVapez5NXTM%2F882c2Cpg7B9Sl6GDEfPb%2F%2F2EJIPELd%2BvCHsTqqTdz5oZYqm2qAdHn8c78Q6j9G6GCPjIIqPZ2xoOyLk20vQ8fFMAXT7cKIATI6I86cHFh%2FP1gRrH51vyhREDBZeRt4eQKgBJB2A633I8AkBeIi1dcStu2va5HT3HKUTdETmnp5B5iMy99criFs%2FXFeyU9rUKkulji06UQHZGUA2B0iyE6RdBzI%2FAU8%2Fgwwfk4Wnq4hbh%2BtWachw%2FCav88UqC6N5GvjRfE0suvOszqJ5LqqUCs%2FnEaNTi6QcQEYDKNEDtQ6yyScdZJGDLHHQCscl6geR69YjFlWrjRrnvFrl3G8shn5YrTUiFxmfaOghTXrgqgdu9pCYPezIHkz2C%2Bx2ARs6sClBOyyQC4LcEuSUIJcEeUqQt4ujUNmKLe6GymbMm%2FXKrFeLvk6bB%2FRIp00Rk4PklLw0Mc65RN7AjhiXqoK7geu7Qc0L%2FEbQEEE98hoBXYz8gPkVBisLSHtpKrM7SfF3B8mk51fA6AmsOgGXV0Cz10Dzfr3igm73aw0X3fioS8tNhVAXSNI5pLvOgTolV6fJBbwCwYdLzzafPR6%2F%2BgW4KZCYAp%2FIRwRNdad%2FS%2Bfk8JbOLXm4nqSyJbt0kupmSlMxd%2F8jsZtrE67csL177%2FEJMBkf3BY2XaVxKOOmJd9fl2EozLI2XJCfVuyWYBuZ3b6emThLVjfeX15pJUZYK3U8AJVP6t%2BAyxF54ebe9L2%2B%2FtUjSDOAyQq0siGZFaQ%2BAU%2F2YJPh0tm9f%2F9WX96A1QRGXXBY4iDPir6psItLJUekcvYrlBgufbfyKb96fwjKClhxYQMTw5%2F%2FOecf2DtoGgc03UfcKtA2BdqqAFU92Oy5fpqY4dIf1WmBKafPlHEOmTLq63N7rRyXhB%2B5kXArgkUBi%2BrUDYOoFjAaeKLOfOohtSO%2B%2F%2BLl%2FwAAAP%2F%2FAQAA%2F%2F8gqjfpiwQAAA%3D%3D
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRitXuPFRVhFhD0oI3hQMJPumenMtHsIrmskmE3CZiXnqurqSZmarraqe3oyp2BAF%2FQw4sWbnTfJhl0XcX%2BAKJP1IAOLOx5kDubqVQjsHrzITAaCH3R%2FX9V7h%2B%2B9V58fZKfERUbHGzd1VypFF%2FyyW3prS8ahzm1p7XbJc8vutdKWjBdr10qdyc%2B03%2FVcv%2By%2BXfpQ8B29UHE91%2FVcr7QsjYh0Z2GKQiYPAq8cuOVapez5NXTM%2F882c2Cpg7B9Sl6GDEfPb%2F%2F2EJIPELd%2BvCHsTqqTdz5oZYqm2qAdHn8c78Q6j9G6GCPjIIqPZ2xoOyLk20vQ8fFMAXT7cKIATI6I86cHFh%2FP1gRrH51vyhREDBZeRt4eQKgBJB2A633I8AkBeIi1dcStu2va5HT3HKUTdETmnp5B5iMy99criFs%2FXFeyU9rUKkulji06UQHZGUA2B0iyE6RdBzI%2FAU8%2Fgwwfk4Wnq4hbh%2BtWachw%2FCav88UqC6N5GvjRfE0suvOszqJ5LqqUCs%2FnEaNTi6QcQEYDKNEDtQ6yyScdZJGDLHHQCscl6geR69YjFlWrjRrnvFrl3G8shn5YrTUiFxmfaOghTXrgqgdu9pCYPezIHkz2C%2Bx2ARs6sClBOyyQC4LcEuSUIJcEeUqQt4ujUNmKLe6GymbMm%2FXKrFeLvk6bB%2FRIp00Rk4PklLw0Mc65RN7AjhiXqoK7geu7Qc0L%2FEbQEEE98hoBXYz8gPkVBisLSHtpKrM7SfF3B8mk51fA6AmsOgGXV0Cz10Dzfr3igm73aw0X3fioS8tNhVAXSNI5pLvOgTolV6fJBbwCwYdLzzafPR6%2F%2BgW4KZCYAp%2FIRwRNdad%2FS%2Bfk8JbOLXm4nqSyJbt0kupmSlMxd%2F8jsZtrE67csL177%2FEJMBkf3BY2XaVxKOOmJd9fl2EozLI2XJCfVuyWYBuZ3b6emThLVjfeX15pJUZYK3U8AJVP6t%2BAyxF54ebe9L2%2B%2FtUjSDOAyQq0siGZFaQ%2BAU%2F2YJPh0tm9f%2F9WX96A1QRGXXBY4iDPir6psItLJUekcvYrlBgufbfyKb96fwjKClhxYQMTw5%2F%2FOecf2DtoGgc03UfcKtA2BdqqAFU92Oy5fpqY4dIf1WmBKafPlHEOmTLq63N7rRyXhB%2B5kXArgkUBi%2BrUDYOoFjAaeKLOfOohtSO%2B%2F%2BLl%2FwAAAP%2F%2FAQAA%2F%2F8gqjfpiwQAAA%3D%3D HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ec0905094195898e97f189a6f59b52b=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 07:08:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 88d062585f10eab9f248cce0fdcaa70d
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
3a1eb8e3d7b5e963c21e1905e849e570
fff8193edc6218562c5612b0e02f73dbcca98c0c
12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12DB50941A08926A1F14146C52B53CFC6ACC1DCB6AC858F6FCFB421330DFB12F"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15758
Expires: Sun, 27 Nov 2022 11:31:37 GMT
Date: Sun, 27 Nov 2022 07:08:59 GMT
Connection: keep-alive

soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=96

173.233.137.44

200 OK

0 B

URL HTTP/1.1
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=96
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=96 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ec0905094195898e97f189a6f59b52b=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 07:08:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png

172.64.109.13

200 OK

9.4 kB

URL HTTP/2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Size
9.4 kB (9360 bytes)
Hash
910542c04f8bf2f90ee33d17d538a006
18d5943e5d51539038f7988c34bccef2937c5545
5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:59 GMT
content-type: image/png
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1012463
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhRFZ8AoP4ZSmsTprhz0ZcwAFPP0ghJIJbjIVkWwAbKeXi4CUMACN13a3czmPRR8I3wJkczq3TZ109sX%2B0Np6psUR0g%2FY7ThlvLaFyfAnTZuSvKlUcZGN5lVTVP353R%2Fil2ATowdYyyP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7709092a8d1b72f4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css

172.64.109.13

200 OK

32 kB

URL HTTP/2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
32 kB (32347 bytes)
Hash
1b156c84dbefbbe04aaca23459c29e58
85c2930959bcce24a1ab689c908e05b52a6b84fc
e2fcf2555d3a6d087fbe458e00547736d5b621f9652da2e3987992343b5fbe7c

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:59 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 27921
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gftbiPoJJh0RgrehxoR72e2a7CsaWkQqUJfW1S0K4bT6PVd36TFItoI3azPoXgcb8za8kBJDVx1JwL1yP8U8OjNL%2FsqLA%2FUD19cDm2uyVsNtJk6iGZF7soWIxfdyQuEXD0UeFslqKGTC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7709092a5cf172f4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=100

173.233.137.44

200 OK

0 B

URL HTTP/1.1
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=100
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=100 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ec0905094195898e97f189a6f59b52b=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 07:08:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=107

173.233.137.44

200 OK

0 B

URL HTTP/1.1
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=107
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=107 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ec0905094195898e97f189a6f59b52b=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 07:09:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css

172.64.109.13

200 OK

16 kB

URL HTTP/2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
16 kB (16387 bytes)
Hash
0b28b815fd7ece073d8b9e74083aab1f
ffa9ccfafd9af3f80a5f808c03fc2466ba130d55
11c1977f4329adbbbc66c296e280f15a8c742c50d2b52d85bdff152d4fc97801

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:59 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 27921
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVYVZ5JMC1BWzbtzFaTBO8wWpLrqNNE%2BlYnG%2Fho7FIQA7Ds3%2FHyivGPDv4XDAn78uMxIRRPOHuLt8q0%2FSkKzXTLMFM9S%2Bl85RzsuU4z4uzqADwPVjrD2SEPz2KKAWT%2FbC3XAe9aUoLHE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7709092a4cf072f4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

soldierreproduceadmiration.com/pixel/sbs?c=1

173.233.137.44

200 OK

0 B

URL HTTP/1.1
soldierreproduceadmiration.com/pixel/sbs?c=1
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ec0905094195898e97f189a6f59b52b=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 07:09:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

soldierreproduceadmiration.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjuvFIEQRIQdlBA8K7mz39PTOtDksxhhZzC%2BSSM71q2fLrelqq7qnN3NaDGhADyNevNn7ZjdLYhDzB4gyGw8yEMx4kDm4V69CIDl4kZkdWPyg%2B%2Fuq3jt87736fKc4JD4KOr1y0fSV1nQlqvu1t26oVJjS1S5drwV%2B3T9Tu6HS1eaZ2tbsZ3vvBn5U99%2BufSj5pllp%2BIHvB35QO6%2BsTMzWyhyFyu7HQT32681GPYia2LL%2FP7vCg6MeRO%2BQvAwlJs9v%2FPYAio%2BQdn88J91mbrJ3PugWmubGoif2P043U1Om6B6PifWQpPsLNoybEPLtCZh0f6EAprc7UwCmJsT7MwBL9xdrgvX2jjZlGjIFEydR9kaQegRFR%2BDmFpR4TAAucOky0u6dS8aW9OYRSmfohCw9fQJVTsjSX68g7f5wVqut2jWji1yZ1GErqaC2RlCdEbLiAHnfgyoPwPPPoMQjsvL0AtLu7mWnDZSYvslbfDVkIlmmcZQsN%2BWqv8xaLFnmMqRUBhFPGJ1bpNQIKhlBywGo81DMPuWhSDwUmYeumNZoFCe%2B30pYEobtJuc8DDmP2qsiEmGznfgo%2BEzDAHk2ANcDcLuNzG5jUw1gi1%2FgNio44cHlBD1RoZQEpSMoKUGpCMqcoOxVe0K7hqvuCO0KFix6Y9HDamjyzg7dM3lHpmQnOyQvzYzzTpA3sCmntVByP%2FYjP24GcdSO2zJuJUE7pqtJFLOoweBUBeVOzGX2Zyn%2B7iGb9fIUGD2A0wfg6hRo8RpoOWw1fNCNYbPto5%2Fu9Wm9oyFMhSxfQn7T29GH5PQ8uZg3IPl47dm1Z4%2Bmr34BbitktsIn6iFBR98eXjUl2b1qSkceXM5y1VV9Okv1Wk5zuXTvI3mzNFasn3ODu%2B%2FxGTAb71%2BXLr9AU6HSjiPfn1VCSHveWC7JT%2BvuhmRXCrdxtrBpkV248v759W5mpXPKpCNQ9bj1DbiakBcubs%2Ff6%2BtfPYSyI9iiQrcYk0VBmQPwbBsuG689ufvv3%2FrLc3CGwOpjDss8lEU1tA12fKnVhDSe%2FAotx2vfrX%2FKT98bg7IKTh7bwOT453%2BO%2BDvuNjrWA81vIe1W6NkKPV2B6gFc8dwwz%2Bx47Y9wXmDaGzJtvV2mrf76yF6nprUoaMo2a7e4EExyEbQaYTv0%2FYYQzVYsgxi5m%2FBbL578DwAA%2F%2F8BAAD%2F%2FzSiuQ%2BLBAAA

173.233.137.44

200 OK

7 B

URL HTTP/1.1
soldierreproduceadmiration.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjuvFIEQRIQdlBA8K7mz39PTOtDksxhhZzC%2BSSM71q2fLrelqq7qnN3NaDGhADyNevNn7ZjdLYhDzB4gyGw8yEMx4kDm4V69CIDl4kZkdWPyg%2B%2Fuq3jt87736fKc4JD4KOr1y0fSV1nQlqvu1t26oVJjS1S5drwV%2B3T9Tu6HS1eaZ2tbsZ3vvBn5U99%2BufSj5pllp%2BIHvB35QO6%2BsTMzWyhyFyu7HQT32681GPYia2LL%2FP7vCg6MeRO%2BQvAwlJs9v%2FPYAio%2BQdn88J91mbrJ3PugWmubGoif2P043U1Om6B6PifWQpPsLNoybEPLtCZh0f6EAprc7UwCmJsT7MwBL9xdrgvX2jjZlGjIFEydR9kaQegRFR%2BDmFpR4TAAucOky0u6dS8aW9OYRSmfohCw9fQJVTsjSX68g7f5wVqut2jWji1yZ1GErqaC2RlCdEbLiAHnfgyoPwPPPoMQjsvL0AtLu7mWnDZSYvslbfDVkIlmmcZQsN%2BWqv8xaLFnmMqRUBhFPGJ1bpNQIKhlBywGo81DMPuWhSDwUmYeumNZoFCe%2B30pYEobtJuc8DDmP2qsiEmGznfgo%2BEzDAHk2ANcDcLuNzG5jUw1gi1%2FgNio44cHlBD1RoZQEpSMoKUGpCMqcoOxVe0K7hqvuCO0KFix6Y9HDamjyzg7dM3lHpmQnOyQvzYzzTpA3sCmntVByP%2FYjP24GcdSO2zJuJUE7pqtJFLOoweBUBeVOzGX2Zyn%2B7iGb9fIUGD2A0wfg6hRo8RpoOWw1fNCNYbPto5%2Fu9Wm9oyFMhSxfQn7T29GH5PQ8uZg3IPl47dm1Z4%2Bmr34BbitktsIn6iFBR98eXjUl2b1qSkceXM5y1VV9Okv1Wk5zuXTvI3mzNFasn3ODu%2B%2FxGTAb71%2BXLr9AU6HSjiPfn1VCSHveWC7JT%2BvuhmRXCrdxtrBpkV248v759W5mpXPKpCNQ9bj1DbiakBcubs%2Ff6%2BtfPYSyI9iiQrcYk0VBmQPwbBsuG689ufvv3%2FrLc3CGwOpjDss8lEU1tA12fKnVhDSe%2FAotx2vfrX%2FKT98bg7IKTh7bwOT453%2BO%2BDvuNjrWA81vIe1W6NkKPV2B6gFc8dwwz%2Bx47Y9wXmDaGzJtvV2mrf76yF6nprUoaMo2a7e4EExyEbQaYTv0%2FYYQzVYsgxi5m%2FBbL578DwAA%2F%2F8BAAD%2F%2FzSiuQ%2BLBAAA
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitjuvFIEQRIQdlBA8K7mz39PTOtDksxhhZzC%2BSSM71q2fLrelqq7qnN3NaDGhADyNevNn7ZjdLYhDzB4gyGw8yEMx4kDm4V69CIDl4kZkdWPyg%2B%2Fuq3jt87736fKc4JD4KOr1y0fSV1nQlqvu1t26oVJjS1S5drwV%2B3T9Tu6HS1eaZ2tbsZ3vvBn5U99%2BufSj5pllp%2BIHvB35QO6%2BsTMzWyhyFyu7HQT32681GPYia2LL%2FP7vCg6MeRO%2BQvAwlJs9v%2FPYAio%2BQdn88J91mbrJ3PugWmubGoif2P043U1Om6B6PifWQpPsLNoybEPLtCZh0f6EAprc7UwCmJsT7MwBL9xdrgvX2jjZlGjIFEydR9kaQegRFR%2BDmFpR4TAAucOky0u6dS8aW9OYRSmfohCw9fQJVTsjSX68g7f5wVqut2jWji1yZ1GErqaC2RlCdEbLiAHnfgyoPwPPPoMQjsvL0AtLu7mWnDZSYvslbfDVkIlmmcZQsN%2BWqv8xaLFnmMqRUBhFPGJ1bpNQIKhlBywGo81DMPuWhSDwUmYeumNZoFCe%2B30pYEobtJuc8DDmP2qsiEmGznfgo%2BEzDAHk2ANcDcLuNzG5jUw1gi1%2FgNio44cHlBD1RoZQEpSMoKUGpCMqcoOxVe0K7hqvuCO0KFix6Y9HDamjyzg7dM3lHpmQnOyQvzYzzTpA3sCmntVByP%2FYjP24GcdSO2zJuJUE7pqtJFLOoweBUBeVOzGX2Zyn%2B7iGb9fIUGD2A0wfg6hRo8RpoOWw1fNCNYbPto5%2Fu9Wm9oyFMhSxfQn7T29GH5PQ8uZg3IPl47dm1Z4%2Bmr34BbitktsIn6iFBR98eXjUl2b1qSkceXM5y1VV9Okv1Wk5zuXTvI3mzNFasn3ODu%2B%2FxGTAb71%2BXLr9AU6HSjiPfn1VCSHveWC7JT%2BvuhmRXCrdxtrBpkV248v759W5mpXPKpCNQ9bj1DbiakBcubs%2Ff6%2BtfPYSyI9iiQrcYk0VBmQPwbBsuG689ufvv3%2FrLc3CGwOpjDss8lEU1tA12fKnVhDSe%2FAotx2vfrX%2FKT98bg7IKTh7bwOT453%2BO%2BDvuNjrWA81vIe1W6NkKPV2B6gFc8dwwz%2Bx47Y9wXmDaGzJtvV2mrf76yF6nprUoaMo2a7e4EExyEbQaYTv0%2FYYQzVYsgxi5m%2FBbL578DwAA%2F%2F8BAAD%2F%2FzSiuQ%2BLBAAA HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=c7c63bdf-a95f-4e60-b7bf-ce3aae15cfba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ec0905094195898e97f189a6f59b52b=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 07:09:00 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b20f5167aad4b1beb69760e7ed91cd7e
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg

172.64.109.13

200 OK

576 B

URL HTTP/2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
576 B (576 bytes)
Hash
18f3547b5335a975f204deab07ab753a
5cf6d0d1749a2a97986c71071e87303b16267b2b
837d0d7cee53ef4b76f755260e9ac1b5d798ecc4671c82b57a40514590170791

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:59 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1012363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZChfewXRIk4IQrd7z%2BckudiMaUXgixKrQGRX2WyZ29DD322EwiZLiPR%2FZi5kk8VB0hcUz1liEAtawWMP%2B%2FLPtSO7mwuEqWuJnSMJXEp%2Fet737ZQhtMaKJqqwd2uuHjoirhF5iwwH2Kl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7709092a8d1872f4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=DM+Sans:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 07:08:57 GMT
date: Sun, 27 Nov 2022 07:08:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

openfpcdn.io/fingerprintjs/v3

54.230.111.49

200 OK

0 B

URL HTTP/2
openfpcdn.io/fingerprintjs/v3
IP
54.230.111.49:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fingerprintjs/v3 HTTP/1.1
Host: openfpcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: CloudFront
date: Sun, 27 Nov 2022 07:03:05 GMT
cache-control: public, max-age=581464, s-maxage=10572
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
etag: W/"iGPd/qM5rvpVhWvx3vVSNedX/OA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dGZbwAwBnh_BeapRb0jeXSxQl6O8joWm2t7nhPzbm8-W69U3fMNyxg==
age: 352
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html

45.133.44.3

200 OK

0 B

URL HTTP/2
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP
45.133.44.3:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:59 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 27 Nov 2022 08:08:59 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

104.16.57.101

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
104.16.57.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:08:57 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7709091cdc18b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations