| 133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj | 194.67.71.131 | | 3.3 kB |
URL User Request GET 133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj IP194.67.71.131:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4854) Hashcc8f9f9d82b00eb5af673c62e6b78870 e289326970065ff968be27451bec59d661d92e9b 2491f64cd68f38e81d3802c2d914b3f1d1f8166c8fb865172ca9b7be126e43a4
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj HTTP/1.1
Host: 133455789.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 28 Mar 2024 14:37:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| 133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/parking-crew.js | 194.67.71.131 | 503 Service Temporarily Unavailable | 3.3 kB |
URL GET HTTP/1.1133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/parking-crew.js IP194.67.71.131:80 ASN#197695 Domain names registrar REG.RU, Ltd
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4854) Hashcc8f9f9d82b00eb5af673c62e6b78870 e289326970065ff968be27451bec59d661d92e9b 2491f64cd68f38e81d3802c2d914b3f1d1f8166c8fb865172ca9b7be126e43a4
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /updates/ya/wrtzr_ytab_a_1/win/parking-crew.js HTTP/1.1
Host: 133455789.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 28 Mar 2024 14:37:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| 133455789.xyz/manifest.js | 194.67.71.131 | 200 OK | 1.5 kB |
URL GET HTTP/1.1133455789.xyz/manifest.js IP194.67.71.131:80 ASN#197695 Domain names registrar REG.RU, Ltd
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
File typeASCII text, with very long lines (1457), with no line terminators Hashe231bb24eaea0a31a21a3586f3ee0b18 8b3adb1ceacb5abf1ceb9c274770c25f427e176b 8b90733e3284f5ba32dbf7d635b0bde02a45c0363aa1f464cc5f91887077adb5
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /manifest.js HTTP/1.1
Host: 133455789.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Mar 2024 14:37:58 GMT
Content-Type: application/javascript
Content-Length: 1457
Last-Modified: Thu, 05 Dec 2019 11:00:37 GMT
Connection: keep-alive
ETag: "5de8e355-5b1"
Expires: Fri, 06 Dec 2019 11:00:37 GMT
Cache-Control: no-cache
Accept-Ranges: bytes
|
|
| 133455789.xyz/parking-crew.css | 194.67.71.131 | 200 OK | 54 kB |
URL GET HTTP/1.1133455789.xyz/parking-crew.css IP194.67.71.131:80 ASN#197695 Domain names registrar REG.RU, Ltd
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
File typeASCII text, with very long lines (65536), with no line terminators Hash384a9c4d473ba0dc6c376d600da1724e f6f5fb0ff7ba165d3dcb2a779195cc47cc75ed50 167c91e0f2ac6d56bfd1932310a69f95ea5b94e7b79449495fbe7ffc4ad3e818
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /parking-crew.css HTTP/1.1
Host: 133455789.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Mar 2024 14:37:58 GMT
Content-Type: text/css
Content-Length: 53929
Last-Modified: Mon, 05 Apr 2021 10:48:02 GMT
Connection: keep-alive
ETag: "606aeae2-d2a9"
Content-Encoding: gzip
Expires: Tue, 06 Apr 2021 10:48:02 GMT
Cache-Control: no-cache
|
|
| 133455789.xyz/head-scripts-content.js | 194.67.71.131 | 200 OK | 18 kB |
URL GET HTTP/1.1133455789.xyz/head-scripts-content.js IP194.67.71.131:80 ASN#197695 Domain names registrar REG.RU, Ltd
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (54079), with no line terminators Hash0c16187eb2d9cb5356135a70a5fececb e57c0d2fdb4f949e2e55a03a978d7a6177c9514d c8dea0721b23f97e022851d05f2f428131e9d9f5d2d6d143029c87a550d2799a
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /head-scripts-content.js HTTP/1.1
Host: 133455789.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Mar 2024 14:37:58 GMT
Content-Type: application/javascript
Content-Length: 18407
Last-Modified: Mon, 05 Apr 2021 10:48:02 GMT
Connection: keep-alive
ETag: "606aeae2-47e7"
Content-Encoding: gzip
Expires: Tue, 06 Apr 2021 10:48:02 GMT
Cache-Control: no-cache
|
|
| 133455789.xyz/head-scripts.js | 194.67.71.131 | 200 OK | 37 kB |
URL GET HTTP/1.1133455789.xyz/head-scripts.js IP194.67.71.131:80 ASN#197695 Domain names registrar REG.RU, Ltd
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasheb8dea178b16038f873b0476650c344b 03cf2882970721b8ee20dc25ef36092a5139bd16 1619b262b410f453fa141d094ba10e4eb8352ad9f54a258947d1a0ea36914c71
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /head-scripts.js HTTP/1.1
Host: 133455789.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Mar 2024 14:37:58 GMT
Content-Type: application/javascript
Content-Length: 36640
Last-Modified: Thu, 02 Aug 2018 12:09:22 GMT
Connection: keep-alive
ETag: "5b62f472-8f20"
Content-Encoding: gzip
Expires: Fri, 03 Aug 2018 12:09:22 GMT
Cache-Control: no-cache
|
|
| i.cdnpark.com/themes/registrar/035524.css | 143.204.55.116 | 412 Precondition Failed | 35 B |
URL GET HTTP/1.1i.cdnpark.com/themes/registrar/035524.css IP143.204.55.116:80
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
File typeASCII text, with no line terminators Hash7ebb535e2d55ed28492aaf67ab35aaa3 fc2bc209e2a4b8b11c38f34174f7496c04f8ed36 ac75abc43e7355185abad70f5fafabca40e4d7608f5b8d1ac4a5f97a064af619
GET /themes/registrar/035524.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 412 Precondition Failed
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Thu, 28 Mar 2024 14:37:58 GMT
X-Error: Domain unknown
X-Cache: Error from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R5ZrP5SPn1U6rtKqNhwrgJc9fMpXFKfLbDtwfLjTEXdh4YaY6hLZRg==
|
|
| www.googletagmanager.com/gtag/js?id=UA-55552418-3 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-55552418-3 IP142.250.74.168:443
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash14f237fbe6326d00efee8a6493d357fc 4a7c165ad7cf9f46d32ede686bdc32aa55856347 0f751d1a1a64ae478d46e2193d650285d084ce1edb78b3dd4bb6ef09d5e15a52
GET /gtag/js?id=UA-55552418-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 28 Mar 2024 14:37:58 GMT
expires: Thu, 28 Mar 2024 14:37:58 GMT
cache-control: private, max-age=900
last-modified: Thu, 28 Mar 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75311
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/parking-crew.js | 194.67.71.131 | 503 Service Temporarily Unavailable | 206 B |
URL GET HTTP/1.1133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/parking-crew.js IP194.67.71.131:80 ASN#197695 Domain names registrar REG.RU, Ltd
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
File typeHTML document, ASCII text, with CRLF line terminators Hash7772594fc0fcc01b962246dff814fcfd 95a192cbae5e0156e647d22c1e200af103d0c2d6 1e2ea44c8bb71ad3a3195b4625c66b931827a2eb5e4099533860bf4270f67bcb
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /updates/ya/wrtzr_ytab_a_1/win/parking-crew.js HTTP/1.1
Host: 133455789.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx
Date: Thu, 28 Mar 2024 14:37:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| www.googletagmanager.com/gtag/js?id=G-2V970VRYXW&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-2V970VRYXW&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hashb5a074ac53c701a190aa28a1d8ae8010 60e2606f4998456f51dc3cbd2ec718078ea69937 98fb58fa37a1eaede1959abd68e1cad5ab915b801b33a6391e1a2e3f063819d1
GET /gtag/js?id=G-2V970VRYXW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 28 Mar 2024 14:37:59 GMT
expires: Thu, 28 Mar 2024 14:37:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90419
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| parking.reg.ru/script/get_domain_data?domain_name=133455789.xyz&rand=0.8416122707499976&callback=ondata | 194.58.112.166 | 200 OK | 78 B |
URL GET HTTP/1.1parking.reg.ru/script/get_domain_data?domain_name=133455789.xyz&rand=0.8416122707499976&callback=ondata IP194.58.112.166:443 ASN#197695 Domain names registrar REG.RU, Ltd
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj CertificateIssuerGlobalSign nv-sa Subject*.reg.ru Fingerprint33:E4:2B:56:55:E7:18:C3:BE:B7:69:ED:B2:D4:B8:9D:29:F1:A3:23 ValidityThu, 29 Feb 2024 06:29:54 GMT - Tue, 01 Apr 2025 06:29:53 GMT
File typeASCII text, with no line terminators Hash1cb87bed56b858717d8a7b7c750e8af8 b059219d2af3238f58c59baacff9669b8b6c879f afce94b50f1cbda2048bc2eb7c04bad9613b425cf69d907e065a12344b386815
GET /script/get_domain_data?domain_name=133455789.xyz&rand=0.8416122707499976&callback=ondata HTTP/1.1
Host: parking.reg.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Mar 2024 14:37:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=86400
Expires: Fri, 29 Mar 2024 14:37:59 GMT
Content-Encoding: gzip
|
|
| 133455789.xyz/favicon.ico | 194.67.71.131 | 503 Service Temporarily Unavailable | 206 B |
URL GET HTTP/1.1133455789.xyz/favicon.ico IP194.67.71.131:80 ASN#197695 Domain names registrar REG.RU, Ltd
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
File typeHTML document, ASCII text, with CRLF line terminators Hash7772594fc0fcc01b962246dff814fcfd 95a192cbae5e0156e647d22c1e200af103d0c2d6 1e2ea44c8bb71ad3a3195b4625c66b931827a2eb5e4099533860bf4270f67bcb
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 133455789.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj
Cookie: _ga_2V970VRYXW=GS1.1.1711636679.1.0.1711636679.60.0.0; _ga=GA1.1.1386635873.1711636679
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx
Date: Thu, 28 Mar 2024 14:37:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2V970VRYXW&cid=1386635873.1711636679>m=45je43p0v9135208388za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1180420607 | 172.217.21.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2V970VRYXW&cid=1386635873.1711636679>m=45je43p0v9135208388za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1180420607 IP172.217.21.163:443
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj CertificateIssuerGoogle Trust Services LLC Subject*.google.no FingerprintBD:FC:1B:6B:7D:09:A2:62:4F:C6:C8:69:25:38:B5:AC:B1:42:C8:2E ValidityMon, 26 Feb 2024 08:21:28 GMT - Mon, 20 May 2024 08:21:27 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2V970VRYXW&cid=1386635873.1711636679>m=45je43p0v9135208388za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1180420607 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 28 Mar 2024 14:37:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-2V970VRYXW>m=45je43p0v9135208388za200&_p=1711636679003&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1386635873.1711636679&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1711636679&sct=1&seg=0&dl=http%3A%2F%2F133455789.xyz%2Fupdates%2Fya%2Fwrtzr_ytab_a_1%2Fwin%2Fversion.txt%3FQrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj&dt=%D0%A1%D1%80%D0%BE%D0%BA%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%C2%A0133455789.xyz%20%D0%B8%D1%81%D1%82%D1%91%D0%BA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=711 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-2V970VRYXW>m=45je43p0v9135208388za200&_p=1711636679003&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1386635873.1711636679&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1711636679&sct=1&seg=0&dl=http%3A%2F%2F133455789.xyz%2Fupdates%2Fya%2Fwrtzr_ytab_a_1%2Fwin%2Fversion.txt%3FQrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj&dt=%D0%A1%D1%80%D0%BE%D0%BA%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%C2%A0133455789.xyz%20%D0%B8%D1%81%D1%82%D1%91%D0%BA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=711 IP216.239.34.36:443
Requested byhttp://133455789.xyz/updates/ya/wrtzr_ytab_a_1/win/version.txt?QrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2V970VRYXW>m=45je43p0v9135208388za200&_p=1711636679003&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1386635873.1711636679&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1711636679&sct=1&seg=0&dl=http%3A%2F%2F133455789.xyz%2Fupdates%2Fya%2Fwrtzr_ytab_a_1%2Fwin%2Fversion.txt%3FQrYPQJwKMiabQgqfPqwvvPRFNBsZsnTWj&dt=%D0%A1%D1%80%D0%BE%D0%BA%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%C2%A0133455789.xyz%20%D0%B8%D1%81%D1%82%D1%91%D0%BA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=711 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://133455789.xyz
DNT: 1
Connection: keep-alive
Referer: http://133455789.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://133455789.xyz
date: Thu, 28 Mar 2024 14:37:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|