atlaq.com/logo.png
200 OK 117 kB IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint1E:C6:84:53:3B:FF:CE:FF:8F:8C:9D:8B:3A:69:3F:E5:28:C8:F4:A5
ValidityWed, 26 Apr 2023 00:00:00 GMT - Thu, 25 Apr 2024 23:59:59 GMT
File type PNG image data, 500 x 446, 8-bit/color RGBA, non-interlaced\012- data
Size 117 kB (117433 bytes)
Hash 792b74959e26cd37fd05dfcd0ef07770
c6e3ed2dd9771b077daf93eda5773cd10d621147
7ae2cb133588b7a2926b71630869d602c294840f6c1379666e82b25f3354623b
GET /logo.png HTTP/1.1
Host: atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Nov 2023 12:07:05 GMT
content-type: image/png
content-length: 117433
cache-control: public, max-age=31536000
expires: Thu, 24 Oct 2024 05:27:08 GMT
last-modified: Wed, 29 Jan 2020 11:21:42 GMT
vary: User-Agent,Origin, Accept-Encoding
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1924797
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcNVOdleYBbkhYnDJ0cMS1UFe4D3a6BqNKW5kzuRXGociuuubcesKovSBb%2B%2FbL3VD7nRWjsIre%2BftDrE52ktQl7Ku5SvB%2FATVLH7DbRSYt%2Fcya5UCWvYU23kHRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 826f9c922835b524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-85346163-2
200 OK 52 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-85346163-2
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT
File type ASCII text, with very long lines (2213)
Hash ffb08f5c3041afa27a968817ce563788
f83c3cfa63e5d29cf6d9d0f45c90c2d25756ac36
0c194ff58c38464af5ca5606d48b9e67caa630700435a7e51957b8744ba0bc27
GET /gtag/js?id=UA-85346163-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 16 Nov 2023 12:07:05 GMT
expires: Thu, 16 Nov 2023 12:07:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51491
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c
200 OK 90 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT
File type ASCII text, with very long lines (5955)
Hash 3d54cae773bf7049f70e5fe296da1f58
f756e94acde4759a7563d51877af0472082c251f
6414a29c9cc48536227272d2ebb0bf26cc4d099134e2ff605490bdc51c0dfb99
GET /gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 16 Nov 2023 12:07:05 GMT
expires: Thu, 16 Nov 2023 12:07:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90042
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
itweepinbelltor.com/zone?pub=0&zone_id=5490114&is_mobile=false&domain=pyoneplay.com.atlaq.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
200 OK 888 B URL GET HTTP/2 itweepinbelltor.com/zone?pub=0&zone_id=5490114&is_mobile=false&domain=pyoneplay.com.atlaq.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT
File type JSON data\012- , ASCII text, with very long lines (887)
Hash 5800ebd5fac46023ee5ce159af185039
69130d428356b977ec0a5bb70fe95ce3bc947b85
b299942a863006c6c8227371cc765b6eaef53616b56613001feda66f9667444f
GET /zone?pub=0&zone_id=5490114&is_mobile=false&domain=pyoneplay.com.atlaq.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:05 GMT
content-type: application/json; charset=utf-8
content-length: 888
x-trace-id: a5a17b4b2da4d24991617e72e3c76b6d
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
itweepinbelltor.com/pfe/current/universal.min.js?v=3.1.471
200 OK 33 kB URL GET HTTP/2 itweepinbelltor.com/pfe/current/universal.min.js?v=3.1.471
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash d46d2997ab218d1dba1ab614422ed53f
3f1f6b9847c8ad209835db366c62fcb209b83a67
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42
GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:05 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 11:00:38 GMT
etag: W/"654e0d56-1572c"
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
itweepinbelltor.com/custom
200 OK 39 B URL POST HTTP/2 itweepinbelltor.com/custom
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Content-Type: application/json
Content-Length: 383
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e77c189b95afa9d368ab530b1dda7763
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
whulsaux.com/tag.min.js
200 OK 26 kB IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectwhulsaux.com
Fingerprint29:C6:16:FB:8B:54:C5:1B:65:18:3D:96:39:33:73:B5:D3:8C:6D:48
ValidityFri, 01 Sep 2023 05:32:42 GMT - Thu, 30 Nov 2023 05:32:41 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash f2e2bbac9956f90deb8bb8620b4e6a34
92e196a6e8b21e835aeb47d0123fbad2c9c1bc2c
785e6fa651312a3f819529c5fa32cd529e74c771f73929ed85cdf424a462144f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tag.min.js HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:05 GMT
content-type: text/javascript; charset=utf-8
content-length: 25542
content-encoding: br
x-trace-id: 33483b5cc7aa73c5a823c79b78ec1414
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 15 Nov 2023 11:41:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
danseamanmotors.ie/favicon.ico
404 Not Found 191 B URL GET HTTP/1.1 danseamanmotors.ie/favicon.ico
IP
ASN #39122 Blacknight Internet Solutions Limited
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerSectigo Limited
Subjectdanseamanmotors.ie
Fingerprint41:BD:88:04:A6:44:32:98:2A:1D:E5:B9:D2:2E:14:11:1E:FB:33:81
ValidityWed, 15 Nov 2023 00:00:00 GMT - Sun, 15 Dec 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 98241d53089d89aa77fda417a0eb0c1a
c9c1b49d09f06d8c054ccc446036fdc8362b463e
8564c86d9ae689e821d020dbf473e74f1eaa5dfee3c7356196755bf1dc7ab908
GET /favicon.ico HTTP/1.1
Host: danseamanmotors.ie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Thu, 16 Nov 2023 12:07:05 GMT
Server: Apache
X-SERVER: 2911
Last-Modified: Tue, 26 Aug 2014 07:24:45 GMT
ETag: "bf-50183329c4940"
Accept-Ranges: bytes
Content-Length: 191
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
atlaq.com/style.css
200 OK 14 kB IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint1E:C6:84:53:3B:FF:CE:FF:8F:8C:9D:8B:3A:69:3F:E5:28:C8:F4:A5
ValidityWed, 26 Apr 2023 00:00:00 GMT - Thu, 25 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (6732)
Hash 611e414a545a0c84fe6c111b9a4c3722
7fe2addc3373777aeb6de31caaf66f800049dd59
b5fc73fd3ef4ac8eda80826c1f684294f136c3d03c4afed7e7cd59a3f6a5a146
GET /style.css HTTP/1.1
Host: atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 16 Nov 2023 12:07:05 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 06:07:01 GMT
last-modified: Tue, 25 Oct 2022 04:42:27 GMT
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1922404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbE9kcpFVxVoEtP6n6rYc7OFLOR%2BSw1uSxfs6Xi5m3kkOwwXr%2BG2WDAZO%2BAP%2FA4jDpcBgMCQvtjb6zHpDzLH24cq18X2lOpL39KmtfaQMCCzRYR%2Bv0e464aePqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 826f9c92081ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
200 OK 94 B IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT
File type JSON data\012- , ASCII text
Hash e0f235ae36d01692c9ccddd7f5625cca
24e11951dbcabbe71d006bfe8a508292b45e5c6c
02ddc0d8a9617ea7346c47cacf3c54b62c8f2226c05e954d48dcabec44d4d31f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Content-Type: application/json
Content-Length: 508
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:05 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dawmanpicks.com/favicon.ico
404 Not Found 1.2 kB URL GET HTTP/2 dawmanpicks.com/favicon.ico
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectdawmanpicks.com
FingerprintA3:B0:50:6F:D2:21:29:15:49:13:F1:D5:E7:81:BB:BC:35:10:88:84
ValidityTue, 14 Nov 2023 08:28:55 GMT - Mon, 12 Feb 2024 08:28:54 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: dawmanpicks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 16 Nov 2023 12:07:05 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=7080904a19f24841a686f53ce28affca
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=7080904a19f24841a686f53ce28affca
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT
File type JSON data\012- , ASCII text
Hash 093a460f6a22b51149bfeb47863b55e4
69b335b560ce701c8975d4d67c0c5933aaa29ac6
c07fabb94e6f60057880d00156be2eab664622805667723fedcdf3186d6bc280
GET /gid.js?userId=7080904a19f24841a686f53ce28affca HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7080904a19f24841a686f53ce28affca; expires=Fri, 15 Nov 2024 12:07:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cvdev.co.uk/favicon.ico
404 Not Found 200 B IP
ASN #31463 4D Data Centres Limited
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectclubview.co.uk
Fingerprint72:28:CF:C3:D2:1F:31:47:4A:7C:AB:7F:38:AC:5D:E5:EE:BD:F4:FB
ValidityFri, 29 Sep 2023 08:45:26 GMT - Thu, 28 Dec 2023 08:45:25 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 863cab1f9d6e214e050bb4cc17507aa0
e7a5c44e8bf13d78682092bf3e20d4e8327f6bf6
119008e0acc27964926674285429ebcaf3d1665a3c0979b7c4841ab578037208
GET /favicon.ico HTTP/1.1
Host: cvdev.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Thu, 16 Nov 2023 12:07:06 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; preload
X-Frame-Options: SAMEORIGIN
MIME-Version: 1.0
Content-Length: 200
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Forwarded-Port: 443
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
itweepinbelltor.com/pfe/current/tag.min.js?z=5490114
200 OK 5.8 kB URL GET HTTP/2 itweepinbelltor.com/pfe/current/tag.min.js?z=5490114
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT
File type C source, ASCII text, with very long lines (13300), with no line terminators
Hash 258578af3c107ccb907f73c3a2f4c25f
7a192edea829968fb7f57f2a2fc4cb5b612598be
1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75
GET /pfe/current/tag.min.js?z=5490114 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:05 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 11:00:38 GMT
etag: W/"654e0d56-33f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
pyoneplay.com.atlaq.com/
200 OK 0 B IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint76:15:CE:DE:39:63:81:C5:4E:4A:13:3D:70:6B:AE:85:FA:98:9A:38
ValidityFri, 25 Aug 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: pyoneplay.com.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=2592000
cf-railgun: direct (waiting for pending WAN connection)
expires: Sat, 16 Dec 2023 12:07:01 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: User-Agent,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3qgo6zXkW1SsF75KcEMfYnVB2ZNovT4%2BDfAKgObyfOg2sHCDhWSWHkbPJZ0YvTzFiqjznX31i62KBqxGzZg%2BnG4vTxX9zDyQQyUbrdsZwykFt87pBVj3yOiMM5WGvaTMqL9FxsKxNNE7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 826f9c93dfad5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cyberschool.ie/wp-content/uploads/2023/08/logo-500-1-36x36.png
200 OK 1.7 kB URL GET HTTP/1.1 cyberschool.ie/wp-content/uploads/2023/08/logo-500-1-36x36.png
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuercPanel, Inc.
Subjectcyberschool.ie
FingerprintF0:5B:07:BB:05:84:74:8C:F9:20:A0:1F:EE:90:1B:5B:23:43:FD:1F
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT
File type PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 379e40d9d7711e613880562d1d2f65f9
db68959414a7dcf062c42580af3a762acb875ade
7b0f0a7e766442d1dc06c5b3b2c9da4e8ba783805768a31815a46375ac25c654
GET /wp-content/uploads/2023/08/logo-500-1-36x36.png HTTP/1.1
Host: cyberschool.ie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 16 Nov 2023 12:07:06 GMT
Server: Apache
Last-Modified: Thu, 24 Aug 2023 11:56:34 GMT
Accept-Ranges: bytes
Content-Length: 1651
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
itweepinbelltor.com/event
200 OK 0 B URL POST HTTP/2 itweepinbelltor.com/event
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pyoneplay.com.atlaq.com/
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
preview.atlaq.com/4414ff36b5554ac1326459c9d29e7618_pyoneplay.com.png
200 OK 473 kB URL GET HTTP/2 preview.atlaq.com/4414ff36b5554ac1326459c9d29e7618_pyoneplay.com.png
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint1E:C6:84:53:3B:FF:CE:FF:8F:8C:9D:8B:3A:69:3F:E5:28:C8:F4:A5
ValidityWed, 26 Apr 2023 00:00:00 GMT - Thu, 25 Apr 2024 23:59:59 GMT
File type PNG image data, 683 x 384, 8-bit/color RGBA, non-interlaced\012- data
Size 473 kB (473410 bytes)
Hash 88f0ea45b78f5eb6487130a2b850bad7
cbaa10db10a337e1ea840cd6114388d65ba099b5
d0441a17caa26040f1dc4cc1c24cd57a3640ea42fbf5dae2debeee776eb6308c
GET /4414ff36b5554ac1326459c9d29e7618_pyoneplay.com.png HTTP/1.1
Host: preview.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 16 Nov 2023 12:07:05 GMT
content-type: image/png
content-length: 473410
x-powered-by: Express
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 10:54:38 GMT
etag: W/"73942-18b8fabbb5c"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HD1VArNwPFEhV3xeFVjYLn139jxxp4QnHOPFjmtcsoL%2FNRwUdu1eD3BFk9HnKqOQQvE8lWINfHnr9z3KfFbYIvYxlQ00ehg1ANiYcs0fdQo54gWmdR1W0sXBQX2r7R4dpTcnOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 826f9c91fff3b524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
itweepinbelltor.com/event
200 OK 94 B URL POST HTTP/2 itweepinbelltor.com/event
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT
File type JSON data\012- , ASCII text
Hash 829f287107acd9a2fca8d917d7ea0737
7ff6dff2c298a721bb2b5d5d0b626e122af51ee4
1ffe7a49fe53e0d7d54ff1b235b4093722f9c5a327b27e6a3c1e8bed5b46468c
POST /event HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Content-Type: application/json
Content-Length: 1651
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=4e36ae2dd6bf4a6983fea701ae4b5256&zoneId=5490114&checkDuplicate=true&ymid=&var=
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?pub=0&userId=4e36ae2dd6bf4a6983fea701ae4b5256&zoneId=5490114&checkDuplicate=true&ymid=&var=
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT
File type JSON data\012- , ASCII text
Hash 093a460f6a22b51149bfeb47863b55e4
69b335b560ce701c8975d4d67c0c5933aaa29ac6
c07fabb94e6f60057880d00156be2eab664622805667723fedcdf3186d6bc280
GET /gid.js?pub=0&userId=4e36ae2dd6bf4a6983fea701ae4b5256&zoneId=5490114&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Cookie: ID=7080904a19f24841a686f53ce28affca
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7080904a19f24841a686f53ce28affca; expires=Fri, 15 Nov 2024 12:07:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ>m=45je3b81v894672372&_p=1700136426072&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1585321400.1700136426&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1700136426&sct=1&seg=0&dl=https%3A%2F%2Fpyoneplay.com.atlaq.com%2F&dt=Pyone%20Play%3A%20MRTV-4%2C%20Channel7%2C%20Maharbawdi%20Channel%2C%20Live%20TV%2C%20and%20Replay&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1674
204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ>m=45je3b81v894672372&_p=1700136426072&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1585321400.1700136426&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1700136426&sct=1&seg=0&dl=https%3A%2F%2Fpyoneplay.com.atlaq.com%2F&dt=Pyone%20Play%3A%20MRTV-4%2C%20Channel7%2C%20Maharbawdi%20Channel%2C%20Live%20TV%2C%20and%20Replay&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1674
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-FPZ0VEL1WQ>m=45je3b81v894672372&_p=1700136426072&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1585321400.1700136426&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1700136426&sct=1&seg=0&dl=https%3A%2F%2Fpyoneplay.com.atlaq.com%2F&dt=Pyone%20Play%3A%20MRTV-4%2C%20Channel7%2C%20Maharbawdi%20Channel%2C%20Live%20TV%2C%20and%20Replay&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1674 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://pyoneplay.com.atlaq.com
date: Thu, 16 Nov 2023 12:07:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
amunfezanttor.com/event
200 OK 94 B IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT
File type JSON data\012- , ASCII text
Hash f9d4af19733f3b4bb1e8dffd780e6b39
cb4260e847ca0ce0744b8d110646919c9fd77596
83311062ae83342a577b90da98f1d041d3ff06c490195e6011b918bd18c1bd3c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Content-Type: application/json
Content-Length: 508
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cwi.ie/favicon.ico
200 OK 15 kB IP
ASN #39122 Blacknight Internet Solutions Limited
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerSectigo Limited
Subjectcwi.ie
FingerprintA7:CC:56:FF:34:C8:87:3B:88:10:1C:D9:F4:3F:18:43:B4:5F:48:83
ValidityFri, 23 Jun 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash eaaf9d02d43a7328e8dea7d62d3a79c4
5bdddb3ef26f12d4094e566335412d8598f99cad
71fb2c0164620ebb7578173d65597bd0957d7001c3ddb7a7fc4878c45030f2df
GET /favicon.ico HTTP/1.1
Host: cwi.ie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:06:43 GMT
content-type: image/vnd.microsoft.icon
content-length: 15086
last-modified: Mon, 05 Jul 2021 18:19:46 GMT
etag: "60e34d42-3aee"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
pyoneplay.com.atlaq.com/sw-5490114.js
404 Not Found 2.3 kB URL GET HTTP/3 pyoneplay.com.atlaq.com/sw-5490114.js
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint76:15:CE:DE:39:63:81:C5:4E:4A:13:3D:70:6B:AE:85:FA:98:9A:38
ValidityFri, 25 Aug 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (759)
Hash 1cd0dc47d3e2f48b6b08271db853f864
587e5ab16328b402b584a07e31d479c315f557f4
6ea970bd989b4e47ba7af34cfbf10de8e0f91fa2dcdea107613048c497113201
GET /sw-5490114.js HTTP/1.1
Host: pyoneplay.com.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31536000
expires: Sat, 16 Dec 2023 12:07:06 GMT
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-expose-headers: Content-Disposition
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1R7xMU59uHmQoK2k8k34pYrt7DXvBwoDZtNoIkRCPq7OdkroAGtcwL2wpiPVZ646uHgyw5zH6cDbLfNkuAZsIRIoWHRdlKM387yCR9DYXMom%2BvarigSvmmxB1DUfvqGFaVs3VO9CJRpKTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 826f9c94e8fb5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=1585321400.1700136426>m=45je3b81v894672372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1650081871
200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=1585321400.1700136426>m=45je3b81v894672372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1650081871
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint29:58:11:F3:D3:18:F5:CB:E0:44:F2:26:7E:93:2F:BD:DE:27:0C:EB
ValidityMon, 16 Oct 2023 08:13:02 GMT - Mon, 08 Jan 2024 08:13:01 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=1585321400.1700136426>m=45je3b81v894672372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1650081871 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 12:07:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://cvdev.co.uk
404 Not Found 726 B URL GET HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://cvdev.co.uk
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://cvdev.co.uk HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 12:07:06 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
itweepinbelltor.com/custom
200 OK 39 B URL POST HTTP/2 itweepinbelltor.com/custom
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Content-Type: application/json
Content-Length: 380
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6cbe0f0ab7cb7bfb0f5fd40efdd0934d
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://dawmanpicks.com
200 OK 1.6 kB URL GET HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://dawmanpicks.com
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 54b776380f0983c3d30660330550cc18
2669918b7d4c4c18839ffca64d71fd57ce4c9a4b
59397733fcb1b8b1be2892ef888704d3ee07985dcf6f15aac6cc21887206f711
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://dawmanpicks.com HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://dawmanpicks.com/wp-content/uploads/2022/03/cropped-%D0%A0%D0%B5%D0%B7%D0%B5%D1%80%D0%B2%D0%BD%D0%B0%D1%8F_%D0%BA%D0%BE%D0%BF%D0%B8%D1%8F_%D0%91%D0%B5%D0%B7%D1%8B%D0%BC%D1%8F%D0%BD%D0%BD%D1%8B%D0%B9-1-180x180.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 1576
date: Thu, 16 Nov 2023 12:07:06 GMT
expires: Thu, 23 Nov 2023 12:07:06 GMT
cache-control: public, max-age=604800
last-modified: Fri, 18 Mar 2022 02:01:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://danseamanmotors.ie
200 OK 1.2 kB URL GET HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://danseamanmotors.ie
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 8f7a236cf659e2e81659803a71577845
39c91197bb7a6c15e51cbbdafdcb2fa21a427374
7611b7b7d4b416a8b6922963281bbec8f53d13dda44a4b2b1056a33d6e7c5fe7
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://danseamanmotors.ie HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://www.danseamanmotors.ie/images/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 1220
date: Thu, 16 Nov 2023 12:07:06 GMT
expires: Thu, 23 Nov 2023 12:07:06 GMT
cache-control: public, max-age=604800
last-modified: Sun, 13 Feb 2022 02:35:32 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://pyoneplay.com
200 OK 777 B URL GET HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://pyoneplay.com
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 48b0b098ccd90613c462fa264ae496a4
810ee1bebc6e18bc4097c36278d078b9fc4cf2b3
8eb48f5bc21fcf12182161bad411a7adb7f80dc10340ba50bf9af69796ad8024
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://pyoneplay.com HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://www.pyoneplay.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 777
date: Thu, 16 Nov 2023 12:07:06 GMT
expires: Thu, 23 Nov 2023 12:07:06 GMT
cache-control: public, max-age=604800
last-modified: Sat, 10 Oct 2020 14:43:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
itweepinbelltor.com/custom
200 OK 39 B URL POST HTTP/2 itweepinbelltor.com/custom
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Content-Type: application/json
Content-Length: 741
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7b63ee18031793ec430d72b050566b40
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=pyoneplay.com
0 B URL GET traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=pyoneplay.com
IP
Requested by https://pyoneplay.com.atlaq.com/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=pyoneplay.com HTTP/1.1
Host: traffic.alexa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
pyoneplay.com.atlaq.com/badk.txt
200 OK 44 kB URL GET HTTP/3 pyoneplay.com.atlaq.com/badk.txt
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint76:15:CE:DE:39:63:81:C5:4E:4A:13:3D:70:6B:AE:85:FA:98:9A:38
ValidityFri, 25 Aug 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT
Hash f4245877e1f9b8764acbac7b475ebf2d
7471a9d7354637651fa5d0200febe7ab162fb69a
bd300473a295a173716b1b182aed7c14e3551f7400360dd5f694115683ccd41c
GET /badk.txt HTTP/1.1
Host: pyoneplay.com.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=2592000
cf-railgun: direct (starting new WAN connection)
expires: Sat, 16 Dec 2023 12:07:06 GMT
last-modified: Mon, 13 Apr 2020 08:00:16 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding,User-Agent,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ku6nG52bysksKGoH439dNRxvWH%2F2GztDtrlQoJZ7BMDKIHsVu7%2BUyGB61VfIgj330H7jFGyuyuPxyVk4UVZ7ZHeVCZF1ufF9i3GcCXLpibQdB1h7W8FH2GfBuGtnmSgVxepF6aiVg%2Ftbrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 826f9c934f205688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
whulsaux.com/5/6577958/?oo=1&aab=1
200 OK 2.8 kB URL GET HTTP/2 whulsaux.com/5/6577958/?oo=1&aab=1
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectwhulsaux.com
Fingerprint29:C6:16:FB:8B:54:C5:1B:65:18:3D:96:39:33:73:B5:D3:8C:6D:48
ValidityFri, 01 Sep 2023 05:32:42 GMT - Thu, 30 Nov 2023 05:32:41 GMT
File type troff or preprocessor input, ASCII text, with very long lines (3011), with no line terminators
Hash ff4b31e9db830b18ab97bd8ee626be5e
e30daa9be54eddc0c8c7aed558c339d8a4413d82
1de410f4122a6a6df854f92ef94130564957b62d588ab0e3e243ba0dec44ec3c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /5/6577958/?oo=1&aab=1 HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:05 GMT
content-type: application/json
x-trace-id: 9bb7b0ec2e3daa8d947dff12637ffea2
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=7080904a19f24841a686f53ce28affca; expires=Fri, 15 Nov 2024 12:07:05 GMT; path=/; secure; SameSite=None
oaidts=1700136425; expires=Fri, 15 Nov 2024 12:07:05 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cyberschool.ie/favicon.ico
302 Found 1.7 kB URL GET HTTP/1.1 cyberschool.ie/favicon.ico
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuercPanel, Inc.
Subjectcyberschool.ie
FingerprintF0:5B:07:BB:05:84:74:8C:F9:20:A0:1F:EE:90:1B:5B:23:43:FD:1F
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: cyberschool.ie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 16 Nov 2023 12:07:05 GMT
Server: Apache
Link: <https://cyberschool.ie/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Location: https://cyberschool.ie/wp-content/uploads/2023/08/logo-500-1-36x36.png
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
itweepinbelltor.com/pfe/current/defaultSkin.min.js
200 OK 57 kB URL GET HTTP/2 itweepinbelltor.com/pfe/current/defaultSkin.min.js
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 11:00:38 GMT
etag: W/"654e0d56-df63"
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
whulsaux.com/?rb=ZstA5pVlc-2ahK-rYjm_aGSwiCSbWqqc5jXxRhEjvsiArGp23B-9mOy-cpLuotZ4hoSxdk5U0iKJ7HHSIkcQ89un-0g-Es5YRwVydlEK-h49vciUMsJDr_KImhxdknNjypHSb-csg5KDYzm3HW99VYSSmoByWAhE2BTptpQ_HnkJK89k1_Xc69ydi-LS8vM84SMMzCBvF90_4Axiyib2ccniYh-thlCHh2TksxYbVAo%3D&request_ab2=0&zoneid=6577958&js_build=iclick-1.629.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fpyoneplay.com.atlaq.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-1.629.0&bs=4fcf1941-6c1c-48f4-850d-b061573438e3&userId=7080904a19f24841a686f53ce28affca&m=link
200 OK 2.3 kB URL GET HTTP/2 whulsaux.com/?rb=ZstA5pVlc-2ahK-rYjm_aGSwiCSbWqqc5jXxRhEjvsiArGp23B-9mOy-cpLuotZ4hoSxdk5U0iKJ7HHSIkcQ89un-0g-Es5YRwVydlEK-h49vciUMsJDr_KImhxdknNjypHSb-csg5KDYzm3HW99VYSSmoByWAhE2BTptpQ_HnkJK89k1_Xc69ydi-LS8vM84SMMzCBvF90_4Axiyib2ccniYh-thlCHh2TksxYbVAo%3D&request_ab2=0&zoneid=6577958&js_build=iclick-1.629.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fpyoneplay.com.atlaq.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-1.629.0&bs=4fcf1941-6c1c-48f4-850d-b061573438e3&userId=7080904a19f24841a686f53ce28affca&m=link
IP
Requested by https://pyoneplay.com.atlaq.com/
Certificate IssuerLet's Encrypt
Subjectwhulsaux.com
Fingerprint29:C6:16:FB:8B:54:C5:1B:65:18:3D:96:39:33:73:B5:D3:8C:6D:48
ValidityFri, 01 Sep 2023 05:32:42 GMT - Thu, 30 Nov 2023 05:32:41 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2299), with no line terminators
Hash 80ba31d815742dcb03485bfc48a9a3be
515181fe66a552b704fd543a8715e5787f013a31
69a69554f97aa3286cceac1dbcf7e0fba64bae685537fc988d1e103a315d951d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?rb=ZstA5pVlc-2ahK-rYjm_aGSwiCSbWqqc5jXxRhEjvsiArGp23B-9mOy-cpLuotZ4hoSxdk5U0iKJ7HHSIkcQ89un-0g-Es5YRwVydlEK-h49vciUMsJDr_KImhxdknNjypHSb-csg5KDYzm3HW99VYSSmoByWAhE2BTptpQ_HnkJK89k1_Xc69ydi-LS8vM84SMMzCBvF90_4Axiyib2ccniYh-thlCHh2TksxYbVAo%3D&request_ab2=0&zoneid=6577958&js_build=iclick-1.629.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fpyoneplay.com.atlaq.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-1.629.0&bs=4fcf1941-6c1c-48f4-850d-b061573438e3&userId=7080904a19f24841a686f53ce28affca&m=link HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pyoneplay.com.atlaq.com/
Origin: https://pyoneplay.com.atlaq.com
DNT: 1
Connection: keep-alive
Cookie: OAID=7080904a19f24841a686f53ce28affca; oaidts=1700136425
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 16 Nov 2023 12:07:06 GMT
content-type: application/json
x-trace-id: d08dee6bfa880b44dc1feab8ce63c247
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://pyoneplay.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=7080904a19f24841a686f53ce28affca; expires=Fri, 15 Nov 2024 12:07:06 GMT; path=/; secure; SameSite=None
oaidts=1700136426; expires=Fri, 15 Nov 2024 12:07:06 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 23 Nov 2023 12:07:06 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=pyoneplay.com
0 B URL GET traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=pyoneplay.com
IP
Requested by https://pyoneplay.com.atlaq.com/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=pyoneplay.com HTTP/1.1
Host: traffic.alexa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyoneplay.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
188.114.97.1
139.45.197.250
216.239.32.36
0.0.0.0
185.87.197.87
173.212.227.182
185.2.67.16
0.0.0.0