Report - best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown

Report Overview

Submitted URL
best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown
IP
103.224.182.247
ASN
#133618 Trellian Pty. Limited
Submitted
2022-11-24 12:23:30
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.187.31.159
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.156
ayxvy.voluumtrk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	699 B	574 B	18.185.54.95
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	746 B	142.250.74.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ww16.best-targeted-traffic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	3.9 kB	64.190.63.136
img.sedoparking.com	54200	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	4.8 kB	205.234.175.175
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	64 kB	34.120.237.76
dipaka-ead.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.3 kB	3.208.247.235
adult-games.life	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	960 kB	194.87.208.13
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.3
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
xml.sedodna.com	278378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	183 B	173.239.53.32
best-targeted-traffic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	414 B	103.224.182.247
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
q2.quotes.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	816 B	710 B	23.19.76.168
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	476 B	24 kB	216.58.207.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	adult-games.life	Sinkholed
2022-11-24	medium	adult-games.life	Sinkholed
2022-11-24	medium	adult-games.life	Sinkholed
2022-11-24	medium	adult-games.life	Sinkholed
2022-11-24	medium	adult-games.life	Sinkholed
2022-11-24	medium	adult-games.life	Sinkholed
2022-11-24	medium	adult-games.life	Sinkholed
2022-11-24	medium	adult-games.life	Sinkholed
2022-11-24	medium	adult-games.life	Sinkholed
2022-11-24	medium	adult-games.life	Sinkholed

JavaScript (9)

	URL	Size	First Seen	Last Seen
	adult-games.life/media/adult-games/anime/js/jquery-2.2.4.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL adult-games.life/media/adult-games/anime/js/jquery-2.2.4.min.js IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 11:58:50 Times Seen384644 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	adult-games.life/media/adult-games/anime/js/main.js	281 B	2023-03-07	2024-03-03
Pretty URL adult-games.life/media/adult-games/anime/js/main.js IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:54:19 Last Seen2024-03-03 14:57:46 Times Seen25 Hash 794ca8800647447c210914e7a8aabaad 622859ac8c9e6b91df688598bdcb6d66cdf143e9 fd09f4099f8d32f10c4ebe71089ffded17c5dacf7aaa31a96f35b36d6410d975 Loading...

	ww16.best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown&sub1=20221124-2323-1830-b08d-15156da317a5	1.2 kB	2023-03-11	2023-03-11
Pretty URL ww16.best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown&sub1=20221124-2323-1830-b08d-15156da317a5 IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:05:45 Last Seen2023-03-11 19:05:45 Times Seen1 Hash f937a213c2592eadd0271d9629e9d058 dfb2f81514d0379f4ab21542220b870a3d78be82 fc5db08d9899ed793cea8e0bcde0c4ab0f23322c9d509943c3d356cc6bd4730a Loading...

	dipaka-ead.com/zcvisitor/c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97	850 B	2023-03-11	2023-03-11
Pretty URL dipaka-ead.com/zcvisitor/c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97 IP 3.208.247.235 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:05:45 Last Seen2023-03-11 19:05:45 Times Seen1 Hash 7e638cd2594c02e45b9db070b37efbaf 366f8bc0e54b88034394b2c5c721babc81fff490 8068bec86852aac2c59d09327e2c875194ee1487bafd87cbf6f2d68fb1ed81cb Loading...

	dipaka-ead.com/zcredirect?visitid=c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	285 B	2023-03-11	2023-03-11
Pretty URL dipaka-ead.com/zcredirect?visitid=c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 3.208.247.235 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:05:45 Last Seen2023-03-11 19:05:45 Times Seen1 Hash 9918fc8fb82a18dda837df18257b89ee df972af36c9f1d37cec5277e5196a53784e8d5de 7b2457b10403d3c23c90a1d33f32f819f951a8013492636871d0d7c0b76befd0 Loading...

	adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958	526 B	2023-03-11	2023-03-11
Pretty URL adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958 IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:05:45 Last Seen2023-03-11 19:05:45 Times Seen1 Hash 23b4e478e1091bc8ff43ae6471d68136 4756b54f6c6487b13449075c6541d5be21d2a423 1f35ba6d8b6a103d2ec9131b3e09e1bbe2045c07a97f12759c00afbbe7855c63 Loading...

	adult-games.life/util/utils.js	7.5 kB	2023-03-07	2024-04-26
Pretty URL adult-games.life/util/utils.js IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 10:41:26 Times Seen20667 Hash 01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea Loading...

	adult-games.life/cookie/js.cookie14.js	4.1 kB	2023-03-07	2024-03-03
Pretty URL adult-games.life/cookie/js.cookie14.js IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:33 Last Seen2024-03-03 14:57:46 Times Seen146 Hash 1db175e4bfc69fb748a1133be837df3a 438fb8aa10a650dcca4311cbad1340a10a7751b7 5805ab67adcb8c0420cba70ca8c75edc82ba6af03cfe7eff2a9f65ce95241ee7 Loading...

	adult-games.life/media/bbag.js	1.1 kB	2023-03-07	2024-03-03
Pretty URL adult-games.life/media/bbag.js IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:33 Last Seen2024-03-03 14:57:46 Times Seen146 Hash d5c49a896c44f3275333d95fb87e560a 12facada7ce68f6008df5cfbcff1c8cf7156b766 4f2ae318d39611ff8511b96bccb64f0ca07f0707eeefbfa1127d99a4fe560187 Loading...

HTTP Transactions (50)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8636
Expires: Thu, 24 Nov 2022 14:47:14 GMT
Date: Thu, 24 Nov 2022 12:23:18 GMT
Connection: keep-alive

best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown

103.224.182.247

302 Found

0 B

URL HTTP/1.1
best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown
IP
103.224.182.247:0
ASN
#133618 Trellian Pty. Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown HTTP/1.1
Host: best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 12:23:18 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1669292598.5400685; expires=Sun, 21-Nov-2032 12:23:18 GMT; Max-Age=315360000
Location: http://ww16.best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown&sub1=20221124-2323-1830-b08d-15156da317a5
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8099
Expires: Thu, 24 Nov 2022 14:38:18 GMT
Date: Thu, 24 Nov 2022 12:23:19 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5626
Cache-Control: max-age=171698
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:23:19 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:04:57 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 0PvX3PnVumnGnHX2ibNRkZEN6su+4B/hc4ntTUjUjK6kXX3E9jPCbdhX3Vzkrw39U5YfRWERfVE=
x-amz-request-id: KKNCMCQ6NN7GM5C0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 11:43:23 GMT
age: 2396
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 12:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 261
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 12:23:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 12:08:53 GMT
cache-control: public,max-age=3600
age: 866
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1719
Cache-Control: max-age=162729
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:23:19 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:35:28 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.187.31.159

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.31.159:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iONUSZ8r5l6QFQGhvNX95g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Bj06UJHehqhu54dYi9rBBP00u5U=

ww16.best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown&sub1=20221124-2323-1830-b08d-15156da317a5

64.190.63.136

200 OK

1.4 kB

URL HTTP/1.1
ww16.best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown&sub1=20221124-2323-1830-b08d-15156da317a5
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (740)
Size
1.4 kB (1375 bytes)
Hash
698c3bee946d3919c867a2d0bf4af711
e1249d659acbdf80e084bacb798b6fb10b5d0989
57af82a4bfe5c61ad88cfe4d19712567a9a42a43911a72909fad232b5655719a

HTTP Headers

GET /install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown&sub1=20221124-2323-1830-b08d-15156da317a5 HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 12:23:20 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_CT6y9P3DqbcRGYmwUoGEJmSsVLYwTWRY71LzH6zsLHojiPxnA7CrTQx3WJQr6Y92hFQTImaWR8oAZUvLVH4bDg==
last-modified: Thu, 24 Nov 2022 12:23:19 GMT
x-cache-miss-from: parking-5489797ddc-m2cmf
server: NginX
content-encoding: gzip

img.sedoparking.com/images/js_preloader.gif

205.234.175.175

200 OK

4.3 kB

URL HTTP/1.1
img.sedoparking.com/images/js_preloader.gif
IP
205.234.175.175:0
ASN
#30081 CACHENETWORKS

File type
GIF image data, version 89a, 16 x 16\012- data
Size
4.3 kB (4254 bytes)
Hash
90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a

HTTP Headers

GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/

HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 12:23:20 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 12:23:20 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 8ef4bda4682db070df20eca8cd7c7733
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes

ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2OTI5MjYwMGY5NzY1ZjkwNThkMjNlZThjYjUzMmMyMmJiNTZmMTk4&crc=7ed29b47dab2a589b93d200124e595877e9ca7df&cv=1

64.190.63.136

200 OK

0 B

URL HTTP/1.1
ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2OTI5MjYwMGY5NzY1ZjkwNThkMjNlZThjYjUzMmMyMmJiNTZmMTk4&crc=7ed29b47dab2a589b93d200124e595877e9ca7df&cv=1
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2OTI5MjYwMGY5NzY1ZjkwNThkMjNlZThjYjUzMmMyMmJiNTZmMTk4&crc=7ed29b47dab2a589b93d200124e595877e9ca7df&cv=1 HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown&sub1=20221124-2323-1830-b08d-15156da317a5

HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 12:23:20 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-5489797ddc-jjmrk
server: NginX

ww16.best-targeted-traffic.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DISnQTpIrRjg_0&v=OTQwZDU3ZDYwMDRkMWU3NjMzNzc0NjkyZGM2ZWZiMWIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE1ZmQ4MC4zNjc3MTM5Ngl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE2MDA5My42NjA2OTA4MQkxNjY5MjkyNjAwCWFkXzYzXzA=&l=OAk5NDc1NzQ4YjA3YjcxZWEyM2VmYzcyMWI0YmRjNzQyYwkwCTM1CTAJZGRlYTk5ODE1MDk2NzM2NWIyNzAwYmJlOTY5NjM2MjgJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5MjkyNjAwCTAuMDAwMzE3CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D

64.190.63.136

302 Found

0 B

URL HTTP/1.1
ww16.best-targeted-traffic.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DISnQTpIrRjg_0&v=OTQwZDU3ZDYwMDRkMWU3NjMzNzc0NjkyZGM2ZWZiMWIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE1ZmQ4MC4zNjc3MTM5Ngl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE2MDA5My42NjA2OTA4MQkxNjY5MjkyNjAwCWFkXzYzXzA=&l=OAk5NDc1NzQ4YjA3YjcxZWEyM2VmYzcyMWI0YmRjNzQyYwkwCTM1CTAJZGRlYTk5ODE1MDk2NzM2NWIyNzAwYmJlOTY5NjM2MjgJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5MjkyNjAwCTAuMDAwMzE3CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DISnQTpIrRjg_0&v=OTQwZDU3ZDYwMDRkMWU3NjMzNzc0NjkyZGM2ZWZiMWIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE1ZmQ4MC4zNjc3MTM5Ngl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE2MDA5My42NjA2OTA4MQkxNjY5MjkyNjAwCWFkXzYzXzA=&l=OAk5NDc1NzQ4YjA3YjcxZWEyM2VmYzcyMWI0YmRjNzQyYwkwCTM1CTAJZGRlYTk5ODE1MDk2NzM2NWIyNzAwYmJlOTY5NjM2MjgJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5MjkyNjAwCTAuMDAwMzE3CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown&sub1=20221124-2323-1830-b08d-15156da317a5
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Thu, 24 Nov 2022 12:23:20 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 24 Nov 2022 12:23:20 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DISnQTpIrRjg_0&v=OTQwZDU3ZDYwMDRkMWU3NjMzNzc0NjkyZGM2ZWZiMWIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE1ZmQ4MC4zNjc3MTM5Ngl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE2MDA5My42NjA2OTA4MQkxNjY5MjkyNjAwCWFkXzYzXzA=&l=OAk5NDc1NzQ4YjA3YjcxZWEyM2VmYzcyMWI0YmRjNzQyYwkwCTM1CTAJZGRlYTk5ODE1MDk2NzM2NWIyNzAwYmJlOTY5NjM2MjgJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5MjkyNjAwCTAuMDAwMzE3CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D
x-cache-miss-from: parking-5489797ddc-jjmrk
server: NginX

ww16.best-targeted-traffic.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DISnQTpIrRjg_0&v=OTQwZDU3ZDYwMDRkMWU3NjMzNzc0NjkyZGM2ZWZiMWIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE1ZmQ4MC4zNjc3MTM5Ngl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE2MDA5My42NjA2OTA4MQkxNjY5MjkyNjAwCWFkXzYzXzA=&l=OAk5NDc1NzQ4YjA3YjcxZWEyM2VmYzcyMWI0YmRjNzQyYwkwCTM1CTAJZGRlYTk5ODE1MDk2NzM2NWIyNzAwYmJlOTY5NjM2MjgJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5MjkyNjAwCTAuMDAwMzE3CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D

64.190.63.136

302 Found

311 B

URL HTTP/1.1
ww16.best-targeted-traffic.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DISnQTpIrRjg_0&v=OTQwZDU3ZDYwMDRkMWU3NjMzNzc0NjkyZGM2ZWZiMWIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE1ZmQ4MC4zNjc3MTM5Ngl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE2MDA5My42NjA2OTA4MQkxNjY5MjkyNjAwCWFkXzYzXzA=&l=OAk5NDc1NzQ4YjA3YjcxZWEyM2VmYzcyMWI0YmRjNzQyYwkwCTM1CTAJZGRlYTk5ODE1MDk2NzM2NWIyNzAwYmJlOTY5NjM2MjgJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5MjkyNjAwCTAuMDAwMzE3CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
311 B (311 bytes)
Hash
bcf0893be237f280c82d09ff3b710903
a17cb926020bf85683dbf5fb2544cffc1aa33e25
681bd97215fbcbb97b57b3c73892ae44111ed5b018e22700feadef006d057806

HTTP Headers

GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DISnQTpIrRjg_0&v=OTQwZDU3ZDYwMDRkMWU3NjMzNzc0NjkyZGM2ZWZiMWIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE1ZmQ4MC4zNjc3MTM5Ngl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzdmNjIzNzE2MDA5My42NjA2OTA4MQkxNjY5MjkyNjAwCWFkXzYzXzA=&l=OAk5NDc1NzQ4YjA3YjcxZWEyM2VmYzcyMWI0YmRjNzQyYwkwCTM1CTAJZGRlYTk5ODE1MDk2NzM2NWIyNzAwYmJlOTY5NjM2MjgJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5MjkyNjAwCTAuMDAwMzE3CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=24t11224718gwawfwe&version=1.7&pais=Unknown&sub1=20221124-2323-1830-b08d-15156da317a5
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Thu, 24 Nov 2022 12:23:20 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 24 Nov 2022 12:23:20 GMT
location: http://xml.sedodna.com/click?i=ISnQTpIrRjg_0
x-cache-miss-from: parking-5489797ddc-jjmrk
server: NginX

xml.sedodna.com/click?i=ISnQTpIrRjg_0

173.239.53.32

302 Found

0 B

URL HTTP/1.1
xml.sedodna.com/click?i=ISnQTpIrRjg_0
IP
173.239.53.32:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=ISnQTpIrRjg_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://q2.quotes.com/c79ea556-6bf2-11ed-b2ae-d8425eec561f
Pragma: no-cache

q2.quotes.com/c79ea556-6bf2-11ed-b2ae-d8425eec561f

23.19.76.168

200 OK

170 B

URL HTTP/1.1
q2.quotes.com/c79ea556-6bf2-11ed-b2ae-d8425eec561f
IP
23.19.76.168:0
ASN
#395954 LEASEWEB-USA-LAX-11

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
170 B (170 bytes)
Hash
e2f6ad1a6461acf6d81e5b05408c8dea
4dbf062794582aa903afb9e4ed3c3f3174a29714
6d18e8c656ae74ce9fee8673a22b404d68907d35d533cdfbcafe8da1bbae7b94

HTTP Headers

GET /c79ea556-6bf2-11ed-b2ae-d8425eec561f HTTP/1.1
Host: q2.quotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 170
content-type: text/html; charset=utf-8
date: Thu, 24 Nov 2022 12:23:20 GMT
server: nginx

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3991
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 12:23:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3991
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 12:23:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3991
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 12:23:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7462 bytes)
Hash
b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 51305
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

q2.quotes.com/c79ea556-6bf2-11ed-b2ae-d8425eec561f?hr=1

23.19.76.168

302 Found

11 B

URL HTTP/1.1
q2.quotes.com/c79ea556-6bf2-11ed-b2ae-d8425eec561f?hr=1
IP
23.19.76.168:0
ASN
#395954 LEASEWEB-USA-LAX-11

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /c79ea556-6bf2-11ed-b2ae-d8425eec561f?hr=1 HTTP/1.1
Host: q2.quotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 24 Nov 2022 12:23:20 GMT
location: http://dipaka-ead.com/zcvisitor/c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97
server: nginx

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8748 bytes)
Hash
28381329eca6c426a8b05fcdef4aafcc
a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a
4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8748
x-amzn-requestid: 864da50a-44bb-4d20-b499-08c2a140871e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtENmoAMFqKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-2705cc956f2c2aa5535533b0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xT0IorkRpXysoYMnugcrV40YaAxoRPjLmkPcv1ElteP_-rNZ1c6fog==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:48:57 GMT
age: 52464
etag: "a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 26333
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7993 bytes)
Hash
92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 52529
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6789 bytes)
Hash
d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 18777
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9099 bytes)
Hash
891d19eb042be6fd5d021ff08db2dfcc
c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3
3efff3d6a8bfa358652bf73ae26ab233ed8c2ca37dab1ff2f2298cd805b88bc1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9099
x-amzn-requestid: d828c8f5-3ff1-4e20-822f-32d9ad7a0d7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cExDeGjKIAMFQHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9549-71d957297c3ec4b01633b1ce;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:48:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZXi-qHYx7QoMQZAsZzEW099laTRSyxjhe8stloZ5ZhlRfw4W8sebjw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:13:58 GMT
etag: "c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3"
content-type: image/jpeg
age: 50963
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dipaka-ead.com/zcvisitor/c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97

3.208.247.235

200

1.1 kB

URL HTTP/1.1
dipaka-ead.com/zcvisitor/c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97
IP
3.208.247.235:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1100 bytes)
Hash
c518660f75b6ce716983ca4166c051ed
c78826300f6222077126bce7d449f3da70352979
1fc56cf5a7fe88fe95160760c8841052e3c8c696563952fad8328557915c9a9b

HTTP Headers

GET /zcvisitor/c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Thu, 24 Nov 2022 12:23:21 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: UmcdrSaD

dipaka-ead.com/zcredirect?visitid=c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

3.208.247.235

200

700 B

URL HTTP/1.1
dipaka-ead.com/zcredirect?visitid=c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
3.208.247.235:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (307)
Size
700 B (700 bytes)
Hash
81578f9fb95cfaf06421e8d5128dd0cb
931f0dc6a652d1dfeb5588266abf63d300adad70
fd9206fc120e852a0af98504e0b8f984b91b032024802329a8e4351df312fa52

HTTP Headers

GET /zcredirect?visitid=c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Thu, 24 Nov 2022 12:23:21 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ARCarOcZ

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b97baa382eeeddda85035d2f69de29d0
0e7e7b559d9411d4d67edaa948bb8efaf245d304
84af1d9266019ac2bf5f653f6203724a7562162df086bace33039721a95ea7cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150071
Date: Thu, 24 Nov 2022 12:23:21 GMT
Etag: "637f000a-1d7"
Expires: Sat, 26 Nov 2022 06:04:32 GMT
Last-Modified: Thu, 24 Nov 2022 05:24:26 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EiJmKI1_2jbEVbBhFiGO5Z-Icg4C0MSFBsz-uLlCm6We4XsyO9B8vw==
Age: 2406

dipaka-ead.com/favicon.ico

3.208.247.235

404

653 B

URL HTTP/1.1
dipaka-ead.com/favicon.ico
IP
3.208.247.235:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

HTTP/1.1 404 
Date: Thu, 24 Nov 2022 12:23:22 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: NQULGGNp

ayxvy.voluumtrk.com/zp-redirect?target=https%3A%2F%2Fadult-games.life%2F%3Fu%3Dxunwwwr%26o%3Db02p0ze%26cid%3Dwoa7q1kifih26smkiutua958&caid=9fc442a1-e878-4941-915c-9cdbcb4c3a14&zpid=c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9&cid=woa7q1kifih26smkiutua958&rt=R

18.185.54.95

302 Found

0 B

URL HTTP/2
ayxvy.voluumtrk.com/zp-redirect?target=https%3A%2F%2Fadult-games.life%2F%3Fu%3Dxunwwwr%26o%3Db02p0ze%26cid%3Dwoa7q1kifih26smkiutua958&caid=9fc442a1-e878-4941-915c-9cdbcb4c3a14&zpid=c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9&cid=woa7q1kifih26smkiutua958&rt=R
IP
18.185.54.95:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zp-redirect?target=https%3A%2F%2Fadult-games.life%2F%3Fu%3Dxunwwwr%26o%3Db02p0ze%26cid%3Dwoa7q1kifih26smkiutua958&caid=9fc442a1-e878-4941-915c-9cdbcb4c3a14&zpid=c7a96af5-6bf2-11ed-b1f0-0a24292ccfa9&cid=woa7q1kifih26smkiutua958&rt=R HTTP/1.1
Host: ayxvy.voluumtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 24 Nov 2022 12:23:22 GMT
content-length: 0
location: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: voluum-cid-v4=%7B%22cid%22%3A%22woa7q1kifih26smkiutua958%22%2C%22caid%22%3A%229fc442a1-e878-4941-915c-9cdbcb4c3a14%22%7D; Max-Age=31536000; Expires=Fri, 24-Nov-2023 12:23:22 GMT; Domain=ayxvy.voluumtrk.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6a09a90c4aa835c1660094520757bbfb
f65a9191f2cc99b8819146a67c2ac44e6894c564
75ba4ec3fcd9e909d49c0546453c16386a0d5c734658c8b0ce9ca7362626ed41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75BA4EC3FCD9E909D49C0546453C16386A0D5C734658C8B0CE9CA7362626ED41"
Last-Modified: Thu, 24 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 24 Nov 2022 18:23:22 GMT
Date: Thu, 24 Nov 2022 12:23:22 GMT
Connection: keep-alive

adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958

194.87.208.13

200 OK

4.7 kB

URL HTTP/1.1
adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958
IP
194.87.208.13:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (531), with CRLF line terminators
Size
4.7 kB (4682 bytes)
Hash
9b22aad6159242efaf297b1513e2df27
9f3397b684f4d1db4d1d3115e8ebd8a484880ed4
a26597d9a592649eab6e0c04c2d61e52ef8efd08669c8773e3a7e8853657f753

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958 HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dipaka-ead.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 12:23:22 GMT
Content-Type: text/html
Content-Length: 4682
Connection: keep-alive
set-cookie: sid=t1~bth5kkunt5yb1u3f3vua4ypg; path=/
cache-control: private, no-transform

adult-games.life/media/adult-games/anime/css/style.css

194.87.208.13

200 OK

7.7 kB

URL HTTP/1.1
adult-games.life/media/adult-games/anime/css/style.css
IP
194.87.208.13:0
ASN
#0

File type
ASCII text, with very long lines (498), with CRLF line terminators
Size
7.7 kB (7686 bytes)
Hash
8c61742acaf718f59d670b313b7eeadb
4eabde09f46fa07a0add081254471a7297fc40b0
bb7143d7b98972cfdfbd57f2e15a23377a87a94619a713c79d5fa3b9795f7fa5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/adult-games/anime/css/style.css HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958
Cookie: sid=t1~bth5kkunt5yb1u3f3vua4ypg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 12:23:22 GMT
Content-Type: text/css
Content-Length: 7686
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8c61742acaf718f59d670b313b7eeadb"
Last-Modified: Wed, 31 Aug 2022 09:32:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172A832EC9679DDE
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Fri, 24 Nov 2023 12:23:22 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:23:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adult-games.life/util/utils.js

194.87.208.13

200 OK

7.5 kB

URL HTTP/1.1
adult-games.life/util/utils.js
IP
194.87.208.13:0
ASN
#0

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /util/utils.js HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958
Cookie: sid=t1~bth5kkunt5yb1u3f3vua4ypg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 12:23:22 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172A8407D258049D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Fri, 24 Nov 2023 12:23:22 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:23:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adult-games.life/cookie/js.cookie14.js

194.87.208.13

200 OK

4.1 kB

URL HTTP/1.1
adult-games.life/cookie/js.cookie14.js
IP
194.87.208.13:0
ASN
#0

File type
ASCII text, with very long lines (1709), with CRLF line terminators
Size
4.1 kB (4132 bytes)
Hash
1db175e4bfc69fb748a1133be837df3a
438fb8aa10a650dcca4311cbad1340a10a7751b7
5805ab67adcb8c0420cba70ca8c75edc82ba6af03cfe7eff2a9f65ce95241ee7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cookie/js.cookie14.js HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958
Cookie: sid=t1~bth5kkunt5yb1u3f3vua4ypg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 12:23:22 GMT
Content-Type: application/javascript
Content-Length: 4132
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "1db175e4bfc69fb748a1133be837df3a"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172A83ACBD6DDE9A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Fri, 24 Nov 2023 12:23:22 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/media/adult-games/anime/js/main.js

194.87.208.13

200 OK

281 B

URL HTTP/1.1
adult-games.life/media/adult-games/anime/js/main.js
IP
194.87.208.13:0
ASN
#0

File type
ASCII text
Size
281 B (281 bytes)
Hash
794ca8800647447c210914e7a8aabaad
622859ac8c9e6b91df688598bdcb6d66cdf143e9
fd09f4099f8d32f10c4ebe71089ffded17c5dacf7aaa31a96f35b36d6410d975

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/adult-games/anime/js/main.js HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958
Cookie: sid=t1~bth5kkunt5yb1u3f3vua4ypg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 12:23:22 GMT
Content-Type: application/javascript
Content-Length: 281
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "794ca8800647447c210914e7a8aabaad"
Last-Modified: Wed, 31 Aug 2022 09:32:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172A838B21F4C265
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Fri, 24 Nov 2023 12:23:22 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/media/bbag.js

194.87.208.13

200 OK

1.1 kB

URL HTTP/1.1
adult-games.life/media/bbag.js
IP
194.87.208.13:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1132 bytes)
Hash
d5c49a896c44f3275333d95fb87e560a
12facada7ce68f6008df5cfbcff1c8cf7156b766
4f2ae318d39611ff8511b96bccb64f0ca07f0707eeefbfa1127d99a4fe560187

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/bbag.js HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958
Cookie: sid=t1~bth5kkunt5yb1u3f3vua4ypg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 12:23:22 GMT
Content-Type: application/javascript
Content-Length: 1132
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "d5c49a896c44f3275333d95fb87e560a"
Last-Modified: Wed, 31 Aug 2022 09:32:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172A83CB809A77D8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Fri, 24 Nov 2023 12:23:22 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:23:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.195

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://adult-games.life
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 155581
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 12:23:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adult-games.life/media/adult-games/anime/js/jquery-2.2.4.min.js

194.87.208.13

200 OK

86 kB

URL HTTP/1.1
adult-games.life/media/adult-games/anime/js/jquery-2.2.4.min.js
IP
194.87.208.13:0
ASN
#0

File type
ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/adult-games/anime/js/jquery-2.2.4.min.js HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958
Cookie: sid=t1~bth5kkunt5yb1u3f3vua4ypg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 12:23:22 GMT
Content-Type: application/javascript
Content-Length: 85578
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2f6b11a7e914718e0290410e85366fe9"
Last-Modified: Wed, 31 Aug 2022 09:32:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172A8373F0C06D73
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Fri, 24 Nov 2023 12:23:22 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/media/adult-games/anime/images/radar.gif

194.87.208.13

200 OK

618 kB

URL HTTP/1.1
adult-games.life/media/adult-games/anime/images/radar.gif
IP
194.87.208.13:0
ASN
#0

File type
GIF image data, version 89a, 275 x 275\012- data
Size
618 kB (617903 bytes)
Hash
38466228b023bf450af4bd6cc0e48e70
64427a0f20032173333eee9f33959ad54a544893
f05b634a3a3656f82e989aefed6e788f50b2d86498102a14c636119dc045b70e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/adult-games/anime/images/radar.gif HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958
Cookie: sid=t1~bth5kkunt5yb1u3f3vua4ypg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 12:23:22 GMT
Content-Type: image/gif
Content-Length: 617903
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "38466228b023bf450af4bd6cc0e48e70"
Last-Modified: Wed, 31 Aug 2022 09:32:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172A834705F67A1B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Fri, 24 Nov 2023 12:23:22 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/media/adult-games/anime/images/1.jpg

194.87.208.13

200 OK

226 kB

URL HTTP/1.1
adult-games.life/media/adult-games/anime/images/1.jpg
IP
194.87.208.13:0
ASN
#0

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1206, components 3\012- data
Size
226 kB (225453 bytes)
Hash
34db7daec1de96a90f2f68d89b14c8ec
ef47041ddda81a2b181fb3cfa340362ffccb25de
426fb1ff6fc5bfa64649547baa7bcdf2abbd703658abae7c987260c39b3bc461

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/adult-games/anime/images/1.jpg HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/media/adult-games/anime/css/style.css
Cookie: sid=t1~bth5kkunt5yb1u3f3vua4ypg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 12:23:23 GMT
Content-Type: image/jpeg
Content-Length: 225453
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "34db7daec1de96a90f2f68d89b14c8ec"
Last-Modified: Wed, 31 Aug 2022 09:32:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172A84C73DF7E8D7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Fri, 24 Nov 2023 12:23:23 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/favicon.ico

194.87.208.13

204 No Content

0 B

URL HTTP/1.1
adult-games.life/favicon.ico
IP
194.87.208.13:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=woa7q1kifih26smkiutua958
Cookie: sid=t1~bth5kkunt5yb1u3f3vua4ypg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 24 Nov 2022 12:23:23 GMT
Connection: keep-alive
Cache-Control: no-transform

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11969 bytes)
Hash
1234c13159d1531a698ece38a3bd7ff6
6bd60504d4450a090e6f82d15f2f28b371e4dfcc
488a827d4d2074371860dd556b3611c56a19502d3348e0a7d35c4f7556f63b3a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11969
x-amzn-requestid: e7ab6bb2-9bc5-4862-901b-32f18322db46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwBJFkUoAMFRFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e93a0-56d902c0481eef0932dad57c;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:41:52 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zluh8EkvyvbxVT_lmb1uh3eLph9eMUrsuLlwPYAOmP9-sWAhGyxeMw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
age: 52699
etag: "6bd60504d4450a090e6f82d15f2f28b371e4dfcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lato&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Lato&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Lato&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 12:23:22 GMT
date: Thu, 24 Nov 2022 12:23:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations