clearancejoinjavelin.com/e4/76/2f/e4762f9b24d98cd34d2eff6f8ae3dfa0.js
200 OK 23 kB URL GET HTTP/1.1 clearancejoinjavelin.com/e4/76/2f/e4762f9b24d98cd34d2eff6f8ae3dfa0.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectclearancejoinjavelin.com
FingerprintA5:C8:B2:2E:58:4B:5E:6B:A8:49:4D:EE:2F:EF:90:2D:22:D6:36:E2
ValidityThu, 16 Nov 2023 06:16:00 GMT - Wed, 14 Feb 2024 06:15:59 GMT
File type ASCII text, with very long lines (59227)
Hash 414004737426b1df08523d4487873ed4
ee732ffbd2631d86fed392dcb720ddd12a5e35f5
40a951c6f85e522555bac09a8ef7809302ff50066cbfb01c54d3c27e75218172
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /e4/76/2f/e4762f9b24d98cd34d2eff6f8ae3dfa0.js HTTP/1.1
Host: clearancejoinjavelin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:19:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_AN-1159_layer=0; expires=Fri, 08 Dec 2023 23:19:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41e1e91ccbcf393caf7b1df0377a8dc1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
clearancejoinjavelin.com/6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js
200 OK 16 kB URL GET HTTP/1.1 clearancejoinjavelin.com/6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectclearancejoinjavelin.com
FingerprintA5:C8:B2:2E:58:4B:5E:6B:A8:49:4D:EE:2F:EF:90:2D:22:D6:36:E2
ValidityThu, 16 Nov 2023 06:16:00 GMT - Wed, 14 Feb 2024 06:15:59 GMT
File type ASCII text, with very long lines (42846), with no line terminators
Hash 1bcfd32cdbc573ef69a00e9c75712f7d
d7ad12763125dec57050506df4e7e61d4ed7d02a
4301636751de343aeba3981c294fc9e41a039ed255d6ef8b8821ba841a8c67db
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js HTTP/1.1
Host: clearancejoinjavelin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:19:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2c76497f46619f742a96dff6b5c674ce
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 24a776b1f2e9d3fff472472cff5e9b16
38a6b9ce7b18c9204f5ace875325ca74c863d1a9
108f3caa2c7db8c122fcea5f02f4f0f1e058d4da8e913dc2b4e8ace4e5a50e81
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 04 Dec 2023 19:19:16 GMT
Last-Modified: Mon, 04 Dec 2023 18:22:23 GMT
Server: ECAcc (ska/F6D2)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xcCqHONGEttIpIiT4aK9yxwtdk-oCo5XaunpXndpC-0SZwA4kRAiNQ==
Age: 3413
proftrafficcounter.com/stats
200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash d991f156a2d1f531739a5dbc82906223
458f3f8c0a4388df22066613d0f8bd66dc29c421
302f743aa6b02d2919ceda8254dc5edbc505292f5d1c3e03cf4d4bd94bf7965c
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
Origin: https://gamesaddasc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://gamesaddasc.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f0d506a6-2237-4312-91b4-64e77fb807dc:2:1; expires=Thu, 01 Dec 2033 19:19:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
explodemedicine.com/pixel/purst?dl=0&th=0&sc=0&rs=2287&rd=2287&fd=1207&bv=23.12.v.2&tmpl=70
200 OK 0 B URL GET HTTP/1.1 explodemedicine.com/pixel/purst?dl=0&th=0&sc=0&rs=2287&rd=2287&fd=1207&bv=23.12.v.2&tmpl=70
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectexplodemedicine.com
Fingerprint86:26:A2:7B:43:1B:87:DC:19:B5:13:08:9B:D4:12:0B:97:83:69:4E
ValidityTue, 28 Nov 2023 08:09:42 GMT - Mon, 26 Feb 2024 08:09:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2287&rd=2287&fd=1207&bv=23.12.v.2&tmpl=70 HTTP/1.1
Host: explodemedicine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:19:16 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL GET HTTP/2 banquetunarmedgrater.com/advertisers.js
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:17 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 984ba88fba5a5b7904940d1fc6d6a659
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 19:19:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2fDk6YlBjeEXhw4fihbJvA%2Fb2TrXWIwZI55uhSN0zf4K9aY1nisS7mSEcfSpQEkGK0kEdIaNnYYR0d9eO3vigdJ%2F3byezVEerN6Lf80%2B8kcQxXKoXE8IaytpGZnnzNCk0zEYTZbISBUhxU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306666ace09b50c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=f0d506a6-2237-4312-91b4-64e77fb807dc&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=e4762f9b24d98cd34d2eff6f8ae3dfa0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=f0d506a6-2237-4312-91b4-64e77fb807dc&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=e4762f9b24d98cd34d2eff6f8ae3dfa0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=f0d506a6-2237-4312-91b4-64e77fb807dc&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=e4762f9b24d98cd34d2eff6f8ae3dfa0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:19:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6149a1e8ad4bea68bc0ff3c38bbeca87
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=f0d506a6-2237-4312-91b4-64e77fb807dc&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=6e2dfcd302096687d74df82cf0da4496&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=f0d506a6-2237-4312-91b4-64e77fb807dc&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=6e2dfcd302096687d74df82cf0da4496&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=f0d506a6-2237-4312-91b4-64e77fb807dc&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=6e2dfcd302096687d74df82cf0da4496&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:19:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 510ad508c64dba48c2ea7dbc52c15773
Strict-Transport-Security: max-age=0; includeSubdomains
awaydefinitecreature.com/sbar.json?key=6e2dfcd302096687d74df82cf0da4496&uuid=f0d506a6-2237-4312-91b4-64e77fb807dc%3A2%3A1
200 OK 4.3 kB URL GET HTTP/1.1 awaydefinitecreature.com/sbar.json?key=6e2dfcd302096687d74df82cf0da4496&uuid=f0d506a6-2237-4312-91b4-64e77fb807dc%3A2%3A1
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectawaydefinitecreature.com
FingerprintC6:95:70:F7:D6:25:46:2B:9F:7D:35:31:B3:A2:59:37:9A:7C:A5:4D
ValidityTue, 28 Nov 2023 10:43:09 GMT - Mon, 26 Feb 2024 10:43:08 GMT
File type JSON data\012- , ASCII text, with very long lines (6046), with no line terminators
Hash 21b9e09cc0b6b7b04f0b4bb9d24baac8
6011a3c3c76d1a6b495c0338833720ea2250d58a
2d7a2d6f099a42755f4ffe069ab1df17ad434a05c5e85be545f86d6442b7c642
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=6e2dfcd302096687d74df82cf0da4496&uuid=f0d506a6-2237-4312-91b4-64e77fb807dc%3A2%3A1 HTTP/1.1
Host: awaydefinitecreature.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
Origin: https://gamesaddasc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:19:17 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://gamesaddasc.pages.dev
Access-Control-Allow-Origin: https://gamesaddasc.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18231100; expires=Tue, 05 Dec 2023 19:19:17 GMT; secure; SameSite=None
uid_id2=f0d506a6-2237-4312-91b4-64e77fb807dc:2:1; expires=Mon, 11 Dec 2023 19:19:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 05 Dec 2023 19:19:17 GMT; secure; SameSite=None
uncs=1; expires=Tue, 05 Dec 2023 19:19:17 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 05 Dec 2023 19:19:17 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 05 Dec 2023 19:19:17 GMT; secure; SameSite=None
slec6e2dfcd302096687d74df82cf0da4496=[4766299]; expires=Mon, 04 Dec 2023 19:19:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f3013b771971a6f2b632ba46086c5695
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
awaydefinitecreature.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwn8aAEIQdhDiIR3Nnqnp4%2FIwRjTFyMScgm7MFTdVX1bLnVXU1V9%2FTseFkMSI4jiHjsfbObRQ3BCF4EQWa9yILgeJA9uCDecxFyltkdGP0O%2Fb33vT5873316W5xQnwU7Pj2B2aotGarzTqtXdxQqTClq928W%2FNpnV6qbai0FV6qDWYf23%2FTp806fb12XfItsxpQn1Kf%2BrVrysrYDFZPVajsUdevd2k9DOp%2BM8TA%2Fp%2B7woNjHkT%2FhLwEJabPbf7yBIpPkCbfXpVuKzfZG%2B8mhWa5seiLg3vpVmrKFMkCxtZDnB7M%2F4ZxU0K%2BXIJJD%2BYOYPp7MweI1JR4f%2FiI0oP5moj6%2B2ebRhoyRSSeR9mfQOoJFJuAm%2FtQ4jcCcIGbt5AmD28aW7LtM5XN1ClZfvYPVDkly3%2BeR5o8vqLVoLZudJErkzoM4gpqMIHqTZAVh8iHHlR5CJ5%2FAiV%2BJavPbiBN9m45baDE8asxFU3aYq2VIGi0V8KGH6x0%2FShcaYWy3Y6jDm0LfhqRUhOoeAItR2BuCYXzUCgPReyhyDwk4rjGmt2Y0nYcxY1GJ%2BScNxqcNzst0RSNsBNTFHzmYYQ8G4HrEbjdQWZ3sKVGsMVPcJsVnPDgcoK%2BqFBKgtIRlIygVARlTlD2q32hXeCqh0K7IvLnPZj3RjU2eW%2BX7Zu8J1MCZke72Ql5cRae9%2FLqW9iSx7WWDETMRYMGtNtqddqiHYq4E%2FCYChaG3RacqqDcEpjzMFRTcmFtGZmakqUv1hGxQzh9CK7OgRWvgJXjdkDBNsdhh2KYfp%2BbLFeZcvVIm57LTF7nJoEwFbJ8Gfm2t6tPyIXTa773w4eQ%2FOjy58O%2Frj8%2B%2FzG4rZDZCh%2Bpnwl6%2BsH4jinJ3h1TOvLkVparRA3Z7NLrOcvlua%2Ffl9ulsWLtqht99TafCTP46K50%2BQ2WCpX2HPnmihJC2mvGckl%2BXHMbMrpduM0rhU2L7Mbtd66tJZmVzimTTsDUlJCn34GrKXnhqTt9xRfv%2FQ1lJ7BFhaQ4IvOCMofg2Q5ctpg5Q2D1gkeZh7KoxjaIFkOtCLRccBZVcP%2Fh0QLvugfoWQ8sv480qdC3Ffq6AtMjuOLcOM%2Fs0eXfG6eFSHvjSFtvL9JWf3YWrlPHNdmMaSxpIKO4G8VtRkU3DrsR6%2FqyHTWZj9xNZfpa818AAAD%2F%2FwEAAP%2F%2FI3y9sJ0EAAA%3D
200 OK 7 B URL GET HTTP/1.1 awaydefinitecreature.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwn8aAEIQdhDiIR3Nnqnp4%2FIwRjTFyMScgm7MFTdVX1bLnVXU1V9%2FTseFkMSI4jiHjsfbObRQ3BCF4EQWa9yILgeJA9uCDecxFyltkdGP0O%2Fb33vT5873316W5xQnwU7Pj2B2aotGarzTqtXdxQqTClq928W%2FNpnV6qbai0FV6qDWYf23%2FTp806fb12XfItsxpQn1Kf%2BrVrysrYDFZPVajsUdevd2k9DOp%2BM8TA%2Fp%2B7woNjHkT%2FhLwEJabPbf7yBIpPkCbfXpVuKzfZG%2B8mhWa5seiLg3vpVmrKFMkCxtZDnB7M%2F4ZxU0K%2BXIJJD%2BYOYPp7MweI1JR4f%2FiI0oP5moj6%2B2ebRhoyRSSeR9mfQOoJFJuAm%2FtQ4jcCcIGbt5AmD28aW7LtM5XN1ClZfvYPVDkly3%2BeR5o8vqLVoLZudJErkzoM4gpqMIHqTZAVh8iHHlR5CJ5%2FAiV%2BJavPbiBN9m45baDE8asxFU3aYq2VIGi0V8KGH6x0%2FShcaYWy3Y6jDm0LfhqRUhOoeAItR2BuCYXzUCgPReyhyDwk4rjGmt2Y0nYcxY1GJ%2BScNxqcNzst0RSNsBNTFHzmYYQ8G4HrEbjdQWZ3sKVGsMVPcJsVnPDgcoK%2BqFBKgtIRlIygVARlTlD2q32hXeCqh0K7IvLnPZj3RjU2eW%2BX7Zu8J1MCZke72Ql5cRae9%2FLqW9iSx7WWDETMRYMGtNtqddqiHYq4E%2FCYChaG3RacqqDcEpjzMFRTcmFtGZmakqUv1hGxQzh9CK7OgRWvgJXjdkDBNsdhh2KYfp%2BbLFeZcvVIm57LTF7nJoEwFbJ8Gfm2t6tPyIXTa773w4eQ%2FOjy58O%2Frj8%2B%2FzG4rZDZCh%2Bpnwl6%2BsH4jinJ3h1TOvLkVparRA3Z7NLrOcvlua%2Ffl9ulsWLtqht99TafCTP46K50%2BQ2WCpX2HPnmihJC2mvGckl%2BXHMbMrpduM0rhU2L7Mbtd66tJZmVzimTTsDUlJCn34GrKXnhqTt9xRfv%2FQ1lJ7BFhaQ4IvOCMofg2Q5ctpg5Q2D1gkeZh7KoxjaIFkOtCLRccBZVcP%2Fh0QLvugfoWQ8sv480qdC3Ffq6AtMjuOLcOM%2Fs0eXfG6eFSHvjSFtvL9JWf3YWrlPHNdmMaSxpIKO4G8VtRkU3DrsR6%2FqyHTWZj9xNZfpa818AAAD%2F%2FwEAAP%2F%2FI3y9sJ0EAAA%3D
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectawaydefinitecreature.com
FingerprintC6:95:70:F7:D6:25:46:2B:9F:7D:35:31:B3:A2:59:37:9A:7C:A5:4D
ValidityTue, 28 Nov 2023 10:43:09 GMT - Mon, 26 Feb 2024 10:43:08 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwn8aAEIQdhDiIR3Nnqnp4%2FIwRjTFyMScgm7MFTdVX1bLnVXU1V9%2FTseFkMSI4jiHjsfbObRQ3BCF4EQWa9yILgeJA9uCDecxFyltkdGP0O%2Fb33vT5873316W5xQnwU7Pj2B2aotGarzTqtXdxQqTClq928W%2FNpnV6qbai0FV6qDWYf23%2FTp806fb12XfItsxpQn1Kf%2BrVrysrYDFZPVajsUdevd2k9DOp%2BM8TA%2Fp%2B7woNjHkT%2FhLwEJabPbf7yBIpPkCbfXpVuKzfZG%2B8mhWa5seiLg3vpVmrKFMkCxtZDnB7M%2F4ZxU0K%2BXIJJD%2BYOYPp7MweI1JR4f%2FiI0oP5moj6%2B2ebRhoyRSSeR9mfQOoJFJuAm%2FtQ4jcCcIGbt5AmD28aW7LtM5XN1ClZfvYPVDkly3%2BeR5o8vqLVoLZudJErkzoM4gpqMIHqTZAVh8iHHlR5CJ5%2FAiV%2BJavPbiBN9m45baDE8asxFU3aYq2VIGi0V8KGH6x0%2FShcaYWy3Y6jDm0LfhqRUhOoeAItR2BuCYXzUCgPReyhyDwk4rjGmt2Y0nYcxY1GJ%2BScNxqcNzst0RSNsBNTFHzmYYQ8G4HrEbjdQWZ3sKVGsMVPcJsVnPDgcoK%2BqFBKgtIRlIygVARlTlD2q32hXeCqh0K7IvLnPZj3RjU2eW%2BX7Zu8J1MCZke72Ql5cRae9%2FLqW9iSx7WWDETMRYMGtNtqddqiHYq4E%2FCYChaG3RacqqDcEpjzMFRTcmFtGZmakqUv1hGxQzh9CK7OgRWvgJXjdkDBNsdhh2KYfp%2BbLFeZcvVIm57LTF7nJoEwFbJ8Gfm2t6tPyIXTa773w4eQ%2FOjy58O%2Frj8%2B%2FzG4rZDZCh%2Bpnwl6%2BsH4jinJ3h1TOvLkVparRA3Z7NLrOcvlua%2Ffl9ulsWLtqht99TafCTP46K50%2BQ2WCpX2HPnmihJC2mvGckl%2BXHMbMrpduM0rhU2L7Mbtd66tJZmVzimTTsDUlJCn34GrKXnhqTt9xRfv%2FQ1lJ7BFhaQ4IvOCMofg2Q5ctpg5Q2D1gkeZh7KoxjaIFkOtCLRccBZVcP%2Fh0QLvugfoWQ8sv480qdC3Ffq6AtMjuOLcOM%2Fs0eXfG6eFSHvjSFtvL9JWf3YWrlPHNdmMaSxpIKO4G8VtRkU3DrsR6%2FqyHTWZj9xNZfpa818AAAD%2F%2FwEAAP%2F%2FI3y9sJ0EAAA%3D HTTP/1.1
Host: awaydefinitecreature.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18231100; uid_id2=f0d506a6-2237-4312-91b4-64e77fb807dc:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:19:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e9318b2aabf47b5273d47cc7491b676e
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
200 OK 591 B URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/big1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:18 GMT
content-type: image/png
content-length: 591
last-modified: Mon, 21 Feb 2022 10:06:44 GMT
etag: "62136434-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1956620
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gYA3c5B%2BOVfmtIAMI43SD%2FOYI13C23%2Fx2A10l%2BpL5PvJjUU3A381cZpyXXjBMRgR1aeIAwowOvKQmNWw6aIiHMngLoCGIBtyAPNUe6UwS69whvICe%2BxSvQpSo0YqYWPb7HRVG3EWv6J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306667599fe527a-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png
200 OK 9.0 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a56f06ca83ee06488a213b352e00bd90
aec437b74eb6f1143683872fb2d664286da4a664
7144c526762a9d91bdde1939194c2835f2cb1afe0ebac298bbdf1e9239b539ec
GET /si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:18 GMT
content-type: image/png
content-length: 9016
server: nginx/1.21.6
last-modified: Mon, 20 Nov 2023 14:51:52 GMT
etag: "655b7288-2338"
expires: Wed, 06 Dec 2023 19:19:18 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png
200 OK 20 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 320 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash ea31001ce8fa95eb2ac1617515105332
d505ca04808c25cfa33a555c96886f421ddbbde7
0267f5cd21fe5609405724c20d6f021b8932a696ada766b8e86e42c670000ab3
GET /si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:18 GMT
content-type: image/png
content-length: 20001
server: nginx/1.21.6
last-modified: Mon, 20 Nov 2023 14:52:40 GMT
etag: "655b72b8-4e21"
expires: Wed, 06 Dec 2023 19:19:18 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
gamesaddasc.pages.dev/%3Clink%20/%20abs%20url%3E
404 Not Found 8.2 kB URL GET HTTP/3 gamesaddasc.pages.dev/%3Clink%20/%20abs%20url%3E
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectgamesaddasc.pages.dev
Fingerprint34:87:B4:8C:19:94:CF:98:47:66:A7:7D:6E:E3:DE:17:A3:72:90:53
ValiditySun, 03 Dec 2023 15:08:30 GMT - Sat, 02 Mar 2024 15:08:29 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4762)
Hash 99ea85ac4a2f6e55f17c13f167e73117
a5ad5732d04532fb49df287e785ed5f74436cd2c
69e67255ff6bac2f795ea0b351a8cab5761f5826a8c34c28958c98754073e0b1
GET /%3Clink%20/%20abs%20url%3E HTTP/1.1
Host: gamesaddasc.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=f0d506a6-2237-4312-91b4-64e77fb807dc%3A2%3A1; pp_main_e4762f9b24d98cd34d2eff6f8ae3dfa0=1; sb_main_6e2dfcd302096687d74df82cf0da4496=1; sb_count_6e2dfcd302096687d74df82cf0da4496=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Mon, 04 Dec 2023 19:19:17 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BSUXaaaRXQv50%2Bx5DmU3HFyQcRvaF8Hj97rX7GbrypA%2FP0g3On2bJWQFezoQKhswterdswb3UyAp0S0Z3h3TJFu%2B2N%2B8VDzl4zHm0mozetMyKHSXywtshTV9ljafYeSGn64rutGWTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306666c6e9456b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gamesaddasc.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 425123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gamesaddasc.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 397305
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js
200 OK 31 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (32025)
Hash 4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /sb/ssp/vpn/classic-push/big1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:18 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 10:06:46 GMT
etag: W/"62136436-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 393337
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5765tjef6JVkSahezrX0GHBJiYXQZ4kO4PBSlqDYIkHICyf1DahKHvi8zr3qyreXEH1KuzdjbGVIeXBTwtpGVWdFIZ6%2BrJSGiH4IaMGMRPFTQI8L%2Bh1jgmU%2B5%2FQYilwGBWy8RlP%2Bt7%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830666759a0c527a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
awaydefinitecreature.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTP/1.1 awaydefinitecreature.com/pixel/sbs?c=1
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectawaydefinitecreature.com
FingerprintC6:95:70:F7:D6:25:46:2B:9F:7D:35:31:B3:A2:59:37:9A:7C:A5:4D
ValidityTue, 28 Nov 2023 10:43:09 GMT - Mon, 26 Feb 2024 10:43:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: awaydefinitecreature.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18231100; uid_id2=f0d506a6-2237-4312-91b4-64e77fb807dc:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:19:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
gamesaddasc.pages.dev/apple-touch-icon.png
404 Not Found 6.8 kB URL GET HTTP/3 gamesaddasc.pages.dev/apple-touch-icon.png
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectgamesaddasc.pages.dev
Fingerprint34:87:B4:8C:19:94:CF:98:47:66:A7:7D:6E:E3:DE:17:A3:72:90:53
ValiditySun, 03 Dec 2023 15:08:30 GMT - Sat, 02 Mar 2024 15:08:29 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7061), with no line terminators
Hash 0a39d84bff2a6c1ecfac9978a8017eef
e9b02d87752ba267e813ce7f330c1822c1086af6
4845e3a78d483064046726d29c67d8b0576bc37764c16af25be3519454594a19
GET /apple-touch-icon.png HTTP/1.1
Host: gamesaddasc.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Mon, 04 Dec 2023 19:19:15 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0Mci9O7PJ3Kr5e%2F0cyvpxWCKDE7cWvV%2FNNSii0HzRZckuzb5bfHBlW4HyQeXTC6QUp982Y0VolxileyjXqhWJS%2BZPVVzgb%2FxR1E64EFBvRmkL41RGWaUSeA9M7P6dXcGOJyvQUQdN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306665f0dd356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
200 OK 1.5 kB URL GET HTTP/2 cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (1639), with no line terminators
Hash 97b357c624104a8e915d01424dfe16ce
6bd7fcedfb7986b149601b1bc840f525b67a8f06
8d010e7163298acf3671bb429a2e0b1d69033a5adc314fa4bddebf74b9775e6e
GET /sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
Origin: https://gamesaddasc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:18 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:10 GMT
etag: W/"6242c2de-602"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 04 Dec 2023 20:19:18 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css
200 OK 4.2 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (4404), with no line terminators
Hash 68b1992666e9738c9fe476446c9554c6
7ed918e75115fd3be8bd1df1f6106d3f53129c78
c3ca1c3bc15dfab20c6c3733049214afc18b2deaba8d9685c57cc3f238b687d8
GET /sb/ssp/vpn/classic-push/big1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
Origin: https://gamesaddasc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:18 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 10:59:09 GMT
etag: W/"6213707d-1048"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACXNNu38n4LbCCPKadsWcHmoKv%2FwgF9onSldKktqsQ68NPS82bjshCAc8iO1kna6cqOmFeca4JD9YKECv3zMygU0RFBsWeNzXQ491uF34KYb19millM2%2Bu0BOyX2izHJFkaVV%2FfqJ%2BOb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306667579ea527a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 6.8 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (7013), with no line terminators
Hash 49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 19:19:18 GMT
date: Mon, 04 Dec 2023 19:19:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gamesaddasc.pages.dev/assets/css/stylesheet.bc1149f4a72aa4858d3a9f71462f75e5884ffe8073ea9d6d5761d5663d651e20.css
200 OK 15 kB URL GET HTTP/3 gamesaddasc.pages.dev/assets/css/stylesheet.bc1149f4a72aa4858d3a9f71462f75e5884ffe8073ea9d6d5761d5663d651e20.css
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectgamesaddasc.pages.dev
Fingerprint34:87:B4:8C:19:94:CF:98:47:66:A7:7D:6E:E3:DE:17:A3:72:90:53
ValiditySun, 03 Dec 2023 15:08:30 GMT - Sat, 02 Mar 2024 15:08:29 GMT
File type ASCII text, with very long lines (14974)
Hash f2585a3240eff2c2de7a37b188221113
7878a32028df4af6d9379f470e4974e3719b6024
bc1149f4a72aa4858d3a9f71462f75e5884ffe8073ea9d6d5761d5663d651e20
GET /assets/css/stylesheet.bc1149f4a72aa4858d3a9f71462f75e5884ffe8073ea9d6d5761d5663d651e20.css HTTP/1.1
Host: gamesaddasc.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 19:19:16 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f108b214fb6120365bec7dd12fdc643d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74uqylNje5rGr%2BN9YsNyXkudX2Z1HbigPqq1tDaW%2FK0msOMXKaZyk5AQeejK7kZs%2BuQ2qZHzHXPcbYckPLAADcovnIaWSmJXGvrEUQS2qyBQxuIlJxeWDSWGAUy22cZG3C62GjSmuuk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83066666ab0c56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js
200 OK 958 B URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (1009), with no line terminators
Hash 04835fd7dd7f8cfbad901bee8cff2170
38e9ed1e93f8f0beba9447a99afe3995e63b6f3e
be63bbd38c66ca9a9ee1c8abfed042fd5fc090c40b91ad561e922744ece47c41
GET /sb/ssp/vpn/classic-push/big1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
Origin: https://gamesaddasc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:19 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 10:06:46 GMT
etag: W/"62136436-3be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEw50Pu4dKlTXiJDfsAKzaTZabpWkF%2FqtfUCvQQrnUSlpsVa9z5Z0AgjZk%2F%2BUPHxTshS4ggOBtQZ4eQKMotkDLNlScbj49YLSG6%2FzUucRZqODEj1M2wqzs1ktwQtRvRUKpqZgjQP8kzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830666763acd527a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ea49d2b08f807078395cd661ced41fb9
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 19:19:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIN%2FbBTEAeumNg3Hex1ijWPhEsM2yWPGkoxO2HJyKCEzAnY0eNCUQTW2HYd7zaeBJc%2B3AkRxovt8uJ3CrbmHi7dApgnC7CpEGbCTAIUlgN8yq8UxJR58TjhUhTuAIqTWI1KLdVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830666677f916442-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css
200 OK 79 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a
GET /sb/ssp/vpn/classic-push/big1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
Origin: https://gamesaddasc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:18 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 10:06:42 GMT
etag: W/"62136432-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuIU%2FkZwLFtttbSy62pA7PmcYvuYgINWPRtf4XeOv5kbn76%2BGlacrHEP2hLrIURvUqAalxdkSfufQVsUWeBXy0RPoi0xiuL63lMGcarSJt6U4ULjMP7oVfxEBiYAbVbkEESpU1M1Ogqx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306667579e7527a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
200 OK 28 kB URL User Request GET HTTP/2 IP
Certificate IssuerLet's Encrypt
Subjectgamesaddasc.pages.dev
Fingerprint34:87:B4:8C:19:94:CF:98:47:66:A7:7D:6E:E3:DE:17:A3:72:90:53
ValiditySun, 03 Dec 2023 15:08:30 GMT - Sat, 02 Mar 2024 15:08:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: gamesaddasc.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:14 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"bccee83ddcac28c559af28130fe7e52c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAG7Y8gY2iR6qp2NpNaQk%2BJavN1jAmfMCO%2F12cf3hSxqOvVoBlQqHzuBhvo010VKkY0G08VmDIsgEo5jCD0FjpVghOHAEl%2FTRpg3%2FsGj9M9j2xsaKbr8SCdQyVVPYiYVKnWdf%2FqzzOQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83066658e9d6b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:19:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 365728d1f6b1a110e53ddd3b2d8b59cc
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 19:19:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV5XN6O63QArQTsg1LvXs8TIGOAYHvqNTGBx%2Fci%2BzlXSkfsNhmKaOBsNQ9Q%2BmXUKVUTAc7cjAMGBX6WUDk7QVEboJG37cHp5XoSSKI9zacOaN5yXDBaWdsDpfMHC0lfSHL79Egk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830666689a1d6442-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
gamesaddasc.pages.dev/apple-touch-icon.png
404 Not Found 6.8 kB URL GET HTTP/3 gamesaddasc.pages.dev/apple-touch-icon.png
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectgamesaddasc.pages.dev
Fingerprint34:87:B4:8C:19:94:CF:98:47:66:A7:7D:6E:E3:DE:17:A3:72:90:53
ValiditySun, 03 Dec 2023 15:08:30 GMT - Sat, 02 Mar 2024 15:08:29 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7061), with no line terminators
Hash 0a39d84bff2a6c1ecfac9978a8017eef
e9b02d87752ba267e813ce7f330c1822c1086af6
4845e3a78d483064046726d29c67d8b0576bc37764c16af25be3519454594a19
GET /apple-touch-icon.png HTTP/1.1
Host: gamesaddasc.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=f0d506a6-2237-4312-91b4-64e77fb807dc%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Mon, 04 Dec 2023 19:19:16 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bl%2FLzG%2Fwmqy3yK2msYKe6zvs1ge2i%2FMsRbaSOWgiMhJSYfj0vji5OlURbiqva%2F1tlcoSmSZvdn40scLYJ3ZTNrtGFkgsM%2Fo0xY32nw%2BmycMVh6fcaxKEcrI15HuCmRyZwDySDaLsOh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830666687e9d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
awaydefinitecreature.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzsaTeFAWYQ%2FCHERWMJP%2Bmz9XWFzXXYMxCZtdcvBUXVU9KVPd1VR1T0%2FGS3BB9jiCiMfOm2SDuiyu4EUQZOJFAoLjQXIwIN73IuxZJhkY%2FQ79vfe9PnzvffXpfnFGPBT0dOMDPZBK0eVG3a1d3ZIp16Wtrd2teW7dvVbbkmkzvFbrTz%2Bm96bnNuru67Xbgu3oZd%2F1XNdzvdotaUSs%2B8vnKmT2qOPVO2499OteI0Tf%2FJ%2FbwoGlDnjvjLwEySfPbf%2FyBJKNkSbf3hR2J9fZG%2B8mhaK5Nujxo3vpTqrLFMkcxsZBnB7N%2Foa2E0K%2BXIBOj2YOoHsHUweI5IQ4f3iI0qPZmoh6hxebRgoiRcSfR9kbQ6gxJB2D6fuQ%2FDcCMI61daTJwzVtSrp7odKpOiGLz%2F6BLCdk8c%2FLSJPHN5Ts1za1KnKpU4t%2BXEH2x5DdMbLiGPnAgSyPwfJPIPmvZPnZKtLkYN0qDclPX41d3nCbtLnk%2B0FrKQw8f6njReFSMxStVhy13RZn5xFJOYaMx1BiCGoXUFgHhXRQxA6KzEHCT2u00YldtxVHcRC0Q8ZYEDDWaDd5gwdhO3ZRsKmHIfJsCKaGYGYPmdnDjhzCFD%2FBblew3IHNCXq8QikISktQUoJSEpQ5QdmrDrmyvq0ecmWLyJt1f9aDaqTz7j491HlXpATUDPezM%2FLiNDzn5eW3sCNOa03h85jxwPXdTrPZbvFWyOO2z2KX0zDsNGFlBWkXQK2DgZyQKyuLyOSELHyxiYgew6pjMHkJtHgFtBy1fBd0exS2XQzS73Od5TKTth4p3bWZzutMJ%2BC6QpYvIt919tUZuXJ%2Bzfd%2B%2BBCCnVz%2FfPDX7ceXPwYzFTJT4SP5M0FXPRjd0SU5uKNLS56sZ7lM5IBOL72Z01xc%2Bvp9sVtqw1du2uFXb7OpMIWP7gqbr9KUy7RryTc3JOfC3NKGCfLjit0S0UZht28UJi2y1Y13bq0kmRHWSp2OQeWEkKffgckJeeGpPX%2FFV%2B%2F9DWnGMEWFpDghs4LUx2DZHmw2n1lNYNScR5mDsqhGxo%2FmQyUJlJhzGlWw%2F%2BHRHO%2FbB%2BgaBzS%2FjzSp0DMVeqoCVUPY4tIoz8zJ9d%2BD80KknFGkjHMQKaM%2BuwjXytNawwtFO2q3GOeRYNxr%2BUE7cF2f87DVEV4HuZ2I9LXGvwAAAP%2F%2FAQAA%2F%2F83dDNWnQQAAA%3D%3D
200 OK 0 B URL GET HTTP/1.1 awaydefinitecreature.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzsaTeFAWYQ%2FCHERWMJP%2Bmz9XWFzXXYMxCZtdcvBUXVU9KVPd1VR1T0%2FGS3BB9jiCiMfOm2SDuiyu4EUQZOJFAoLjQXIwIN73IuxZJhkY%2FQ79vfe9PnzvffXpfnFGPBT0dOMDPZBK0eVG3a1d3ZIp16Wtrd2teW7dvVbbkmkzvFbrTz%2Bm96bnNuru67Xbgu3oZd%2F1XNdzvdotaUSs%2B8vnKmT2qOPVO2499OteI0Tf%2FJ%2FbwoGlDnjvjLwEySfPbf%2FyBJKNkSbf3hR2J9fZG%2B8mhaK5Nujxo3vpTqrLFMkcxsZBnB7N%2Foa2E0K%2BXIBOj2YOoHsHUweI5IQ4f3iI0qPZmoh6hxebRgoiRcSfR9kbQ6gxJB2D6fuQ%2FDcCMI61daTJwzVtSrp7odKpOiGLz%2F6BLCdk8c%2FLSJPHN5Ts1za1KnKpU4t%2BXEH2x5DdMbLiGPnAgSyPwfJPIPmvZPnZKtLkYN0qDclPX41d3nCbtLnk%2B0FrKQw8f6njReFSMxStVhy13RZn5xFJOYaMx1BiCGoXUFgHhXRQxA6KzEHCT2u00YldtxVHcRC0Q8ZYEDDWaDd5gwdhO3ZRsKmHIfJsCKaGYGYPmdnDjhzCFD%2FBblew3IHNCXq8QikISktQUoJSEpQ5QdmrDrmyvq0ecmWLyJt1f9aDaqTz7j491HlXpATUDPezM%2FLiNDzn5eW3sCNOa03h85jxwPXdTrPZbvFWyOO2z2KX0zDsNGFlBWkXQK2DgZyQKyuLyOSELHyxiYgew6pjMHkJtHgFtBy1fBd0exS2XQzS73Od5TKTth4p3bWZzutMJ%2BC6QpYvIt919tUZuXJ%2Bzfd%2B%2BBCCnVz%2FfPDX7ceXPwYzFTJT4SP5M0FXPRjd0SU5uKNLS56sZ7lM5IBOL72Z01xc%2Bvp9sVtqw1du2uFXb7OpMIWP7gqbr9KUy7RryTc3JOfC3NKGCfLjit0S0UZht28UJi2y1Y13bq0kmRHWSp2OQeWEkKffgckJeeGpPX%2FFV%2B%2F9DWnGMEWFpDghs4LUx2DZHmw2n1lNYNScR5mDsqhGxo%2FmQyUJlJhzGlWw%2F%2BHRHO%2FbB%2BgaBzS%2FjzSp0DMVeqoCVUPY4tIoz8zJ9d%2BD80KknFGkjHMQKaM%2BuwjXytNawwtFO2q3GOeRYNxr%2BUE7cF2f87DVEV4HuZ2I9LXGvwAAAP%2F%2FAQAA%2F%2F83dDNWnQQAAA%3D%3D
IP
Requested by https://gamesaddasc.pages.dev/
Certificate IssuerLet's Encrypt
Subjectawaydefinitecreature.com
FingerprintC6:95:70:F7:D6:25:46:2B:9F:7D:35:31:B3:A2:59:37:9A:7C:A5:4D
ValidityTue, 28 Nov 2023 10:43:09 GMT - Mon, 26 Feb 2024 10:43:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzsaTeFAWYQ%2FCHERWMJP%2Bmz9XWFzXXYMxCZtdcvBUXVU9KVPd1VR1T0%2FGS3BB9jiCiMfOm2SDuiyu4EUQZOJFAoLjQXIwIN73IuxZJhkY%2FQ79vfe9PnzvffXpfnFGPBT0dOMDPZBK0eVG3a1d3ZIp16Wtrd2teW7dvVbbkmkzvFbrTz%2Bm96bnNuru67Xbgu3oZd%2F1XNdzvdotaUSs%2B8vnKmT2qOPVO2499OteI0Tf%2FJ%2FbwoGlDnjvjLwEySfPbf%2FyBJKNkSbf3hR2J9fZG%2B8mhaK5Nujxo3vpTqrLFMkcxsZBnB7N%2Foa2E0K%2BXIBOj2YOoHsHUweI5IQ4f3iI0qPZmoh6hxebRgoiRcSfR9kbQ6gxJB2D6fuQ%2FDcCMI61daTJwzVtSrp7odKpOiGLz%2F6BLCdk8c%2FLSJPHN5Ts1za1KnKpU4t%2BXEH2x5DdMbLiGPnAgSyPwfJPIPmvZPnZKtLkYN0qDclPX41d3nCbtLnk%2B0FrKQw8f6njReFSMxStVhy13RZn5xFJOYaMx1BiCGoXUFgHhXRQxA6KzEHCT2u00YldtxVHcRC0Q8ZYEDDWaDd5gwdhO3ZRsKmHIfJsCKaGYGYPmdnDjhzCFD%2FBblew3IHNCXq8QikISktQUoJSEpQ5QdmrDrmyvq0ecmWLyJt1f9aDaqTz7j491HlXpATUDPezM%2FLiNDzn5eW3sCNOa03h85jxwPXdTrPZbvFWyOO2z2KX0zDsNGFlBWkXQK2DgZyQKyuLyOSELHyxiYgew6pjMHkJtHgFtBy1fBd0exS2XQzS73Od5TKTth4p3bWZzutMJ%2BC6QpYvIt919tUZuXJ%2Bzfd%2B%2BBCCnVz%2FfPDX7ceXPwYzFTJT4SP5M0FXPRjd0SU5uKNLS56sZ7lM5IBOL72Z01xc%2Bvp9sVtqw1du2uFXb7OpMIWP7gqbr9KUy7RryTc3JOfC3NKGCfLjit0S0UZht28UJi2y1Y13bq0kmRHWSp2OQeWEkKffgckJeeGpPX%2FFV%2B%2F9DWnGMEWFpDghs4LUx2DZHmw2n1lNYNScR5mDsqhGxo%2FmQyUJlJhzGlWw%2F%2BHRHO%2FbB%2BgaBzS%2FjzSp0DMVeqoCVUPY4tIoz8zJ9d%2BD80KknFGkjHMQKaM%2BuwjXytNawwtFO2q3GOeRYNxr%2BUE7cF2f87DVEV4HuZ2I9LXGvwAAAP%2F%2FAQAA%2F%2F83dDNWnQQAAA%3D%3D HTTP/1.1
Host: awaydefinitecreature.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesaddasc.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18231100; uid_id2=f0d506a6-2237-4312-91b4-64e77fb807dc:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:19:19 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 433e430354fb17442957a69d43d7de78
Strict-Transport-Security: max-age=0; includeSubdomains
172.66.45.17
18.157.140.81