| clk.asia/TKy2tk9 |  104.21.66.123 | 301 Moved Permanently | 0 B |
IP104.21.66.123:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /TKy2tk9 HTTP/1.1
Host: clk.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 04:46:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Dec 2022 05:46:05 GMT
Location: https://enit.in/TKy2tk9
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SY2tOTR0OdOQJKukMq0qRAXrDKq8HBmbb%2FT5%2BPmWqTA6ty%2BoFMEkTj0fEr6ersb%2FLiJCRSEF2Q%2FZWAVdL4HkuLuN0AO64K9B1a0Y0IiM9nn9fEnbPSrKpNZfDw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775a9d968ab9b50c-OSL
alt-svc: h2=":443"; ma=60
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf83c5e33ba42e312ee398848bbb711f5 caa1fd23b1fbbe883292ded04404c1cfd861eb09 106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5643
Cache-Control: max-age=112755
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:06 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 12:05:21 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ |  34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 04:20:27 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1539
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha0abf10fb7e96c1c98dacf2f013a68b4 acdd839bce85eadc78a8e821e32e00a958d5c0c8 b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4579
Expires: Wed, 07 Dec 2022 06:02:25 GMT
Date: Wed, 07 Dec 2022 04:46:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5ceaca9fd4ad000cb435820812fc69c8 8168397aaf7b572c89a9c83f46c0b65e4ac509f2 9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4560
Expires: Wed, 07 Dec 2022 06:02:06 GMT
Date: Wed, 07 Dec 2022 04:46:06 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ikJNWCZZAoRYXbcBby/fyIGcWNjQjaMkwn190ewWCt99MuGmFdjcxqv0B/VuEp3ZlIxX1r1HXsQ=
x-amz-request-id: 34DHQ66C1K1E4MAY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 03:47:21 GMT
age: 3525
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 346 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash77dadf1d1a1280f01913ae40afb39b77 1a32fb1da0e4b577436ee3b3941478be12b1f095 190bfb4bc7432f1e372e7ad52b3fa2526af24877efed21cc3bafa6ceeeb14a60
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "190BFB4BC7432F1E372E7AD52B3FA2526AF24877EFED21CC3BAFA6CEEEB14A60"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16751
Expires: Wed, 07 Dec 2022 09:25:17 GMT
Date: Wed, 07 Dec 2022 04:46:06 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 04:46:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 04:08:58 GMT
cache-control: public,max-age=3600
age: 2228
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 346 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash77dadf1d1a1280f01913ae40afb39b77 1a32fb1da0e4b577436ee3b3941478be12b1f095 190bfb4bc7432f1e372e7ad52b3fa2526af24877efed21cc3bafa6ceeeb14a60
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "190BFB4BC7432F1E372E7AD52B3FA2526AF24877EFED21CC3BAFA6CEEEB14A60"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16751
Expires: Wed, 07 Dec 2022 09:25:17 GMT
Date: Wed, 07 Dec 2022 04:46:06 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash0f7dcaa590e32cfd1c075255188d5f06 d4bb4954fefdb3b59560b54adf500e806e252e39 195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5630
Cache-Control: max-age=107674
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:06 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 10:40:40 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash30c559f29634cdc6cc6c6fc6e0d5dd38 c620c9cd4ef5165b4b8d762268b2c90a18e9a428 032c0ccef7285b0c9bcf5c49b5b16f6bb7dff69150f6c6feacc5507707d27160
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2653
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:06 GMT
Last-Modified: Wed, 07 Dec 2022 04:01:53 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
|
|
| i.imgur.com/Zm57T8a.png |  151.101.244.193 | 200 OK | 6.7 kB |
IP151.101.244.193:0
File typePNG image data, 209 x 47, 8-bit/color RGBA, non-interlaced\012- data Hash77cc82df02e99141dbafcdac433b3b6a 47e0af5e3390578f5b49dcb41760ff924455db7a 906ee764e0c4fa542fa06304d3e88b4ac165f080f93fffe89a6c543481c6764d
GET /Zm57T8a.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 14 Jan 2018 15:19:31 GMT
etag: "77cc82df02e99141dbafcdac433b3b6a"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Dec 2022 04:46:06 GMT
age: 3099785
x-served-by: cache-iad-kiad7000040-IAD, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 42813, 2
x-timer: S1670388367.873889,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6699
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash30c559f29634cdc6cc6c6fc6e0d5dd38 c620c9cd4ef5165b4b8d762268b2c90a18e9a428 032c0ccef7285b0c9bcf5c49b5b16f6bb7dff69150f6c6feacc5507707d27160
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2653
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:06 GMT
Last-Modified: Wed, 07 Dec 2022 04:01:53 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash73bf180dc047bccd4ac0d534571e6553 4ed6d7b97242c91e2937409ef8817a146d8fee37 d97b43b61ad187b561fd3175bd91e581e6d1057619bdb7d167736af9d17557ae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97B43B61AD187B561FD3175BD91E581E6D1057619BDB7D167736AF9D17557AE"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14388
Expires: Wed, 07 Dec 2022 08:45:54 GMT
Date: Wed, 07 Dec 2022 04:46:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe0345ec24ae493099f1ceb8a212d7356 74a39a8a57bef59b7e04cc4aeb10ee2a8e927ead 788456e5fa434bdad8b825ace4f3ff6a72eeb206e8a3aa0f19360692664cd3a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "788456E5FA434BDAD8B825ACE4F3FF6A72EEB206E8A3AA0F19360692664CD3A4"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7547
Expires: Wed, 07 Dec 2022 06:51:53 GMT
Date: Wed, 07 Dec 2022 04:46:06 GMT
Connection: keep-alive
|
|
| system-notify.app/f/sdk.js?z=737225 |  157.90.33.122 | 200 OK | 12 kB |
URL HTTP/2system-notify.app/f/sdk.js?z=737225 IP157.90.33.122:0 ASN#24940 Hetzner Online GmbH
File typeUnicode text, UTF-8 text, with very long lines (45273), with no line terminators Hashba29ec5065856f160c105d8add20863a 96f24c1a975e382035e5bf892f4e03c33c0d347a 44953b2e11fa9f04d65775cb41e778c0ed5582f38462269f05b1a7646ef01c93
GET /f/sdk.js?z=737225 HTTP/1.1
Host: system-notify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 04:46:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 11620
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
|
|
| system-notify.app/event?z=737225 | 157.90.33.122 | 200 OK | 0 B |
URL HTTP/2system-notify.app/event?z=737225 IP157.90.33.122:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event?z=737225 HTTP/1.1
Host: system-notify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 04:46:07 GMT
content-length: 0
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.162.110.205 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.162.110.205:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tSbX9mmM8HlI4xWBBhBQgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pK7/Zo8E1KjV9CN+9oBd37hAmug=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha4139751059d4daac8f9b8a3c93b9cac 8d7f50d14cf90183667266b1ddb30a9c586e0b3b fa42e7a37f9feb556ad465210ba6187babfdb165c044285fdb2a16bdeab7dd73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA42E7A37F9FEB556AD465210BA6187BABFDB165C044285FDB2A16BDEAB7DD73"
Last-Modified: Sun, 04 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3941
Expires: Wed, 07 Dec 2022 05:51:48 GMT
Date: Wed, 07 Dec 2022 04:46:07 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash55339719631919215d044deaf7f855e8 b861ecb6ed4947f785c81bbf5011e85478434b4d 3cc8e9df2d075e7e5f4308dacc3668988b1a43572683c7755948bc8d855973f7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 04:46:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 19:28:20 GMT
Expires: Mon, 12 Dec 2022 19:28:19 GMT
Etag: "b861ecb6ed4947f785c81bbf5011e85478434b4d"
Cache-Control: max-age=484331,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775a9d9fbd71b523-OSL
|
|
| uidsync.net/sync?user_id=Dmad52cTM30n6qy1lCqEqH | 157.90.33.121 | 204 No Content | 0 B |
URL HTTP/2uidsync.net/sync?user_id=Dmad52cTM30n6qy1lCqEqH IP157.90.33.121:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?user_id=Dmad52cTM30n6qy1lCqEqH HTTP/1.1
Host: uidsync.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://enit.in/
Origin: https://enit.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Dec 2022 04:46:07 GMT
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash55339719631919215d044deaf7f855e8 b861ecb6ed4947f785c81bbf5011e85478434b4d 3cc8e9df2d075e7e5f4308dacc3668988b1a43572683c7755948bc8d855973f7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 04:46:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 19:28:20 GMT
Expires: Mon, 12 Dec 2022 19:28:19 GMT
Etag: "b861ecb6ed4947f785c81bbf5011e85478434b4d"
Cache-Control: max-age=484331,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775a9d9fbeca1bfa-OSL
|
|
| bringsconserve.com/f5714487e6057988b1d2804f1f8fef0c/invoke.js | 173.233.137.44 | 200 OK | 9.3 kB |
URL HTTP/1.1bringsconserve.com/f5714487e6057988b1d2804f1f8fef0c/invoke.js IP173.233.137.44:0
File typeUnicode text, UTF-8 text, with very long lines (25156), with no line terminators Hash536991fe5adf6aac4b17a042290045ab 48a294dfe83b4bf7d4a1b1a9a73c7859240e51be 697e0af6fd2b4c33111c743efc4b0b9de53c8ccfa6c06c6762f08e43135efb75
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /f5714487e6057988b1d2804f1f8fef0c/invoke.js HTTP/1.1
Host: bringsconserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3249d58314b438990ef80dc6ecf521b4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| bringsconserve.com/34/aa/84/34aa847f855cc91a3510c99f05af9a65.js | 173.233.137.44 | 200 OK | 13 kB |
URL HTTP/1.1bringsconserve.com/34/aa/84/34aa847f855cc91a3510c99f05af9a65.js IP173.233.137.44:0
File typeASCII text, with very long lines (37136), with no line terminators Hashe44935a37d5212487802d44e86661ebf 39e6c8d3891bf4556a273b8ce1e6cde03ec252f3 1d635cb4960f613f95175f51010cdcfa38eb92fe093a4374d4e5a2f75e1eedcd
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /34/aa/84/34aa847f855cc91a3510c99f05af9a65.js HTTP/1.1
Host: bringsconserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7d006bb8fb55d8a3609eb6ed24e0671
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| uidsync.net/sync?user_id=Dmad52cTM30n6qy1lCqEqH | 157.90.33.121 | 200 OK | 62 B |
URL HTTP/2uidsync.net/sync?user_id=Dmad52cTM30n6qy1lCqEqH IP157.90.33.121:0 ASN#24940 Hetzner Online GmbH
File typeJSON data\012- , ASCII text, with no line terminators Hash684efb9e859e58dd10752ddd0ad6d0c0 06a341e3d4ae0b2327b1c05da87958d0000bb3c0 d8ab5c5ad0d6406a65035ebdf800bd87710175c765844dcc9baccca6e1c710a0
GET /sync?user_id=Dmad52cTM30n6qy1lCqEqH HTTP/1.1
Host: uidsync.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enit.in/
Content-Type: application/json
Origin: https://enit.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 04:46:07 GMT
content-type: application/json; charset=utf-8
content-length: 62
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
set-cookie: rauid=Dmad52cTM30n6qy1lCqEqH; expires=Thu, 07 Dec 2023 04:46:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| bringsconserve.com/4c7228294c5c19bbf0da33f0f438b72c/invoke.js | 173.233.137.44 | 200 OK | 9.3 kB |
URL HTTP/1.1bringsconserve.com/4c7228294c5c19bbf0da33f0f438b72c/invoke.js IP173.233.137.44:0
File typeUnicode text, UTF-8 text, with very long lines (25220), with no line terminators Hashadc71683287a7b9cb34feb621fb41b12 41793cf29ebb2c590ac273ee14b5cbb089506f78 f3337d0327f192b60ee2a530bf16add6087b0d56364d6d3c135eb5fbcaad25a3
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /4c7228294c5c19bbf0da33f0f438b72c/invoke.js HTTP/1.1
Host: bringsconserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 501da87c21dbffc4a3615f8e179ab0a5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash30aec170d58f580f2ed4da4b92d72cc7 3b11a98ba9563f7f266e7a935e3b78bd0c0712aa 7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 346 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3115dd5bc8b3f10f7a5bdac8a4d6d579 3c8fca862ef564894e6a226312319b638f56daf2 e123ed36a240c987e233bcba017c41294e1cd01a88fdb68f99a1926049c0bb81
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E123ED36A240C987E233BCBA017C41294E1CD01A88FDB68F99A1926049C0BB81"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Wed, 07 Dec 2022 07:31:52 GMT
Date: Wed, 07 Dec 2022 04:46:07 GMT
Connection: keep-alive
|
|
| www.googletagmanager.com/gtm.js?id=GTM-M8H9XNQ | 142.250.74.168 | 200 OK | 51 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-M8H9XNQ IP142.250.74.168:0
File typeHTML document, ASCII text, with very long lines (11440), with no line terminators Hashfc4932aa43e0f164bfe2244968114d5b 60f1776cb5a396b3f821630736545c02ffe3101a 7e824ae35ddf74ffa32e0f39efe71129a054f92d18577e6a331f2c2a9f36c2d1
GET /gtm.js?id=GTM-M8H9XNQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 04:46:07 GMT
expires: Wed, 07 Dec 2022 04:46:07 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashc2bc646545bfb8251d6d5061622e92f9 b14bf36b5bc259fe2429b8521f73f14703195fba 521f345ee743d506ed3b636023dbd6942238d94d7a0dbda7575c15eb659edfb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i.ytimg.com/vi/XixSUf8-F0k/hqdefault.jpg | 142.250.74.182 | 200 OK | 12 kB |
URL HTTP/2i.ytimg.com/vi/XixSUf8-F0k/hqdefault.jpg IP142.250.74.182:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data Hash1622f1bf3a222cdbb00402d2615b8a25 4849e88d0bbb946a2564561730cc604bd23d0860 ac2f1bb2790397162b648d07d637107d780af8d99419736653c09c4f4a91e4e1
GET /vi/XixSUf8-F0k/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 11719
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 04:46:02 GMT
expires: Wed, 07 Dec 2022 06:46:02 GMT
cache-control: public, max-age=7200
age: 5
etag: "1667846379"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb22490b02628e79842aa551994331a2e 238870b8a3e6ef3b6a761154e3abee386643597c ef2e0268a5ed0ca7d64dfc1baa3d56d55f4062e4d84972bc9423fe56df585673
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF2E0268A5ED0CA7D64DFC1BAA3D56D55F4062E4D84972BC9423FE56DF585673"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9936
Expires: Wed, 07 Dec 2022 07:31:43 GMT
Date: Wed, 07 Dec 2022 04:46:07 GMT
Connection: keep-alive
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash975d829b6c1182baa9059ef46ba71c89 4cad25f5dc5997779e9bde153551bf7fa3481938 5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122452
Date: Wed, 07 Dec 2022 04:46:07 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 14:46:59 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VEfGL-7aK2dFQQUjwR6WmftGsSkz7EpMSYIfp5nI_wyzc1MiBYl1YQ==
Age: 4555
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash975d829b6c1182baa9059ef46ba71c89 4cad25f5dc5997779e9bde153551bf7fa3481938 5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122432
Date: Wed, 07 Dec 2022 04:46:07 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 14:46:39 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tuOVS5YC3uJSxBqpJ3oiBUr_EqtB20S5AxAFlVZOpwb2yIfsUQrCuQ==
Age: 4535
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash975d829b6c1182baa9059ef46ba71c89 4cad25f5dc5997779e9bde153551bf7fa3481938 5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122563
Date: Wed, 07 Dec 2022 04:46:07 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 14:48:50 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nLPyQNnkofF4jMPclxk-1yrk3dfA5tvUxrlCtN8A9PqkkKWTkWO_Ew==
Age: 4666
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 1.3 kB |
IP216.58.211.3:0
File typegzip compressed data, from Unix\012- data Hash8953f349d579081681b7c18359c86867 0300b14a79adb5c3debc4106d093c62f82f14ccf 9f6342ed34c100db44384bd8c105150e137ff7382804e11fbfdd669554434b1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| my.rtmark.net/gid.js?userId=ef7e531aabef4c97a41396da1903e9b3 | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?userId=ef7e531aabef4c97a41396da1903e9b3 IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash09b16e747f8eb756584927e391b552c2 530fc29401d0ec634f8d6bdfe16c8fd46850fec9 e5b07247821d85887c76a75ff612128b4012a1ef6e484ca07ced4a19a3e2d0c4
GET /gid.js?userId=ef7e531aabef4c97a41396da1903e9b3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 04:46:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://enit.in
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ef7e531aabef4c97a41396da1903e9b3; expires=Thu, 07 Dec 2023 04:46:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hasha16f247181ecef1b6733b8c7fb4a37c9 4264c82397303356c751548f4b5f123a9f6453cc bd663b6239f05d7facd65accb78383f4227604446b48440376c7a30a75f0b115
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
set-cookie: uid_id2=ab65abb8-fdff-450c-ab8c-ffcc7e30133a:3:1; expires=Sat, 04 Dec 2032 04:46:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashc2bc646545bfb8251d6d5061622e92f9 b14bf36b5bc259fe2429b8521f73f14703195fba 521f345ee743d506ed3b636023dbd6942238d94d7a0dbda7575c15eb659edfb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| simplewebanalysis.com/stats | 18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hasha4c5d575976d2a9ec5448e2256d16073 3471221a4edb035c5a7c3c479e12a09406aa427a 7faabf9804067d2f43e4a5fc7157b4a2a5f942443ad45339d8e50569d7bf1b2c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
set-cookie: uid_id2=ac57fa35-d8cd-4822-adcd-bcf312bda969:1:1; expires=Sat, 04 Dec 2032 04:46:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashf93fe0c44e63867b7f8553c1ca73460e e664d98cd9803e5f179af596d8a2f50d79fc92b0 dbb9ed743e3bf5d61dd66e676c81d5e2a43c8287d61ef34d90b6c7790ca6106e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:33:16 GMT
Expires: Tue, 13 Dec 2022 01:33:15 GMT
Etag: "e664d98cd9803e5f179af596d8a2f50d79fc92b0"
Cache-Control: max-age=506226,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775a9da34f80b523-OSL
|
|
| datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f | 139.45.195.253 | 200 OK | 12 B |
URL HTTP/1.1datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f IP139.45.195.253:0
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 887
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://enit.in
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5066ca7fc30eb1325eb5bf60c80af2a2 79e068b3cf26a2f24c740a6b6b8ec89f49446ee5 3a55400e3c1e597f70c22b22308d73a96d6538aad972d9821de264b7fe767ab6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A55400E3C1E597F70C22B22308D73A96D6538AAD972D9821DE264B7FE767AB6"
Last-Modified: Sun, 04 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9720
Expires: Wed, 07 Dec 2022 07:28:08 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 346 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3115dd5bc8b3f10f7a5bdac8a4d6d579 3c8fca862ef564894e6a226312319b638f56daf2 e123ed36a240c987e233bcba017c41294e1cd01a88fdb68f99a1926049c0bb81
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E123ED36A240C987E233BCBA017C41294E1CD01A88FDB68F99A1926049C0BB81"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9944
Expires: Wed, 07 Dec 2022 07:31:52 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash102ef65f6975a38707e9e51654f0fbfe 0b1e0d682f4cf791cd4044b5bd6afd471c3f6920 9f3f2c716bfbc80d26c6a0ddf4cce57bc262be27672e280dc0226b0201c1c30d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F3F2C716BFBC80D26C6A0DDF4CCE57BC262BE27672E280DC0226B0201C1C30D"
Last-Modified: Sun, 04 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10887
Expires: Wed, 07 Dec 2022 07:47:35 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| aggregationmulecontribution.com/88/ce/cd/88cecd8375b0917a15dbebb389d2385f.js | 173.233.137.60 | 200 OK | 29 kB |
URL HTTP/1.1aggregationmulecontribution.com/88/ce/cd/88cecd8375b0917a15dbebb389d2385f.js IP173.233.137.60:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators Hash5b05f7209987bd7181c0b751c4aa3de1 a505b6f0a3061797904b0b41f1af3e676be31342 ce357de632198b3911f8160124a392ddb051719b1cfb9f79ad56ebe5c72d3bda
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /88/ce/cd/88cecd8375b0917a15dbebb389d2385f.js HTTP/1.1
Host: aggregationmulecontribution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4dff49a87747f0a641a5e0fe35c139ea
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| simultaneouslyagreeingcontradiction.com/ntv.json?key=4c7228294c5c19bbf0da33f0f438b72c&vstc=1 | 192.243.59.13 | 200 OK | 4.1 kB |
URL HTTP/1.1simultaneouslyagreeingcontradiction.com/ntv.json?key=4c7228294c5c19bbf0da33f0f438b72c&vstc=1 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeJSON data\012- , ASCII text, with very long lines (4124), with no line terminators Hash51a822d91545ea945da6e503ec00f4e9 37f28133b0715dedd96b0fb75885f1b71118f4b3 4d942522b2486a6917cf053994dadaa396d4e04156bb368dc15f00c87cde1656
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ntv.json?key=4c7228294c5c19bbf0da33f0f438b72c&vstc=1 HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: application/json
Content-Length: 4124
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://enit.in
Access-Control-Allow-Origin: https://enit.in
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=14860800; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
pdhtkv49=true; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
uncs49=1; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7468a829d7c64633bff70f6f9c95876a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| aggregationmulecontribution.com/ntv.json?key=f5714487e6057988b1d2804f1f8fef0c&vstc=3 | 173.233.137.60 | 200 OK | 12 kB |
URL HTTP/1.1aggregationmulecontribution.com/ntv.json?key=f5714487e6057988b1d2804f1f8fef0c&vstc=3 IP173.233.137.60:0
File typeJSON data\012- , ASCII text, with very long lines (12398), with no line terminators Hash4bf5f841dd42bc992b1e38928745aec1 ef55a92b6eb26f65853dc83eda06a10f2fe2f204 bffadfb1455a84e97eedbadcf9161350b526d2624e61ebabfcf11b848478e343
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ntv.json?key=f5714487e6057988b1d2804f1f8fef0c&vstc=3 HTTP/1.1
Host: aggregationmulecontribution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: application/json
Content-Length: 12398
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://enit.in
Access-Control-Allow-Origin: https://enit.in
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=14860822; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
pdhtkv49=true; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
uncs49=1; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
nlecf5714487e6057988b1d2804f1f8fef0c=[2229215,2229214,2229213]; expires=Wed, 07 Dec 2022 04:46:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 49679e1a47de196498c1001f83f4eabf
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaa9ebb3cbb2b1b8b6dc38bec40fc3367 c790140794fd9e9b563817f64710c652e1fa16cd 68b169e71cd00d9e5c32d2af3ace7c24b6620a553de3ce8fa5d0d68665ace665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68B169E71CD00D9E5C32D2AF3ACE7C24B6620A553DE3CE8FA5D0D68665ACE665"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9408
Expires: Wed, 07 Dec 2022 07:22:56 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| simultaneouslyagreeingcontradiction.com/25/0c/94/250c944ba40284021e738ce5e5482313.js | 192.243.59.13 | 200 OK | 29 kB |
URL HTTP/1.1simultaneouslyagreeingcontradiction.com/25/0c/94/250c944ba40284021e738ce5e5482313.js IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators Hasha2ad08aac274c1f22d4f3ffb0749229b 815498390211d730da6c322e5d4564ac9c092a88 dc30edd1b7987edd188cac5243d3bd939b8cccd4131f2fa50df9fec0c03a08b4
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /25/0c/94/250c944ba40284021e738ce5e5482313.js HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 345278a4246e4e35d271c81fb53d888b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7444
Expires: Wed, 07 Dec 2022 06:50:12 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7444
Expires: Wed, 07 Dec 2022 06:50:12 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7444
Expires: Wed, 07 Dec 2022 06:50:12 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7444
Expires: Wed, 07 Dec 2022 06:50:12 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7444
Expires: Wed, 07 Dec 2022 06:50:12 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg | 34.120.237.76 | 200 OK | 15 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4884ce2731d3033b12e4792c1bbf453e 63b6efc98cb04228d82ac28fceb97bb1cf8d82fb 8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gKrU6wAuRsrr4_VwxjHIsTHjAB_L3xy6VQPRFBTUrK4vd7ycP3kyig==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:46:26 GMT
age: 75582
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf38ce0fb35ef0fc66b61cafd2b09eeb6 aded2fe97a129dc820ba9d6d7605aeadfe17c15c 39bcb5e0c3a9cd39c0fcefbffd9e6f949bb9d85f0bee2b0b7c5cb999b508b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 24355473-a83a-42b6-bdf3-ae2c39f7f3eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ccq48GfKoAMFjmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63882505-2f58dd012665cb131ceff8f2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 03:52:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N6GEu_CKPRnnSK5YiXyc2wNMYIfd1jOZuylB26w8FmVavlWruMSZhw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 05:59:19 GMT
age: 82009
etag: "aded2fe97a129dc820ba9d6d7605aeadfe17c15c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe95ebce9d79ba46cb96af9a45af1762f 985c6761675e6bcc0186f64d55f94cf09352f05c 5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2j9gqNvWYRFM-li9Nj4nLAWe_eKWMSwagPgU3eAtk0pjcJUX4Q8XEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:40 GMT
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
age: 24628
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash604a4132da78a0c013b5818644adb121 ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566 eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpyIdH9YEXjxbGhZpBIfzoZHQxMvAKl0eCFQsgMt0e1SSeWsiuey7g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:15:06 GMT
age: 23462
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg IP34.120.237.76:0
File typegzip compressed data, from Unix\012- data Hashd0720db752ef5c4eeecbec105cac021e 722ce9e5747ef9819181727f892c1352b389d83a 55e67d0e85fa6bb8c2b69673c2e20dce82d76c0de60861c47c4e84f999a07a57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:27:19 GMT
age: 4729
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha0f0782df385287698881f1c19e79b96 5a25f245b594f6cbf2fdaeed2463ac5fbc08068a 4f795cd2286e194cd96751e6a4e3bd0da09c6db5344182e51986b65149e75cd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: 0efa303a-364e-488d-beac-24836c7c1e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirE2KoAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5564a0c0264ed36f0497e17e;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xpzGji_JAWkUjhXLouXWlin6rV-44shz6Z_STqo7uK7ZUV2PWs7Zpg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:54:15 GMT
age: 24713
etag: "5a25f245b594f6cbf2fdaeed2463ac5fbc08068a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.110 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.110:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 04:41:08 GMT
expires: Wed, 07 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 300
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-PMDXVPR38M>m=2oebu0&_p=1332708005&cid=590305785.1670388368&ul=en-us&sr=1280x1024&_s=1&sid=1670388367&sct=1&seg=0&dl=https%3A%2F%2Fenit.in%2FTKy2tk9&dt=%D9%81%D9%8A%D8%B3%D8%A8%D9%88%D9%83%20%D8%AA%D8%B7%D9%84%D9%82%20%D9%85%D9%8A%D8%B2%D8%AA%D9%87%D8%A7%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%84%D9%87%D8%B0%D9%87%20%D8%A7%D9%84%D9%81%D8%A6%D8%A9%20%D9%85%D9%86%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%D9%8A%D9%86%20-%20%D8%AD%D8%A7%D8%AC%D9%87%20%D9%85%D9%83%D8%B3%20%7C%20Haga%20mix&en=page_view&_fv=1&_nsi=1&_ss=1 | 216.239.34.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-PMDXVPR38M>m=2oebu0&_p=1332708005&cid=590305785.1670388368&ul=en-us&sr=1280x1024&_s=1&sid=1670388367&sct=1&seg=0&dl=https%3A%2F%2Fenit.in%2FTKy2tk9&dt=%D9%81%D9%8A%D8%B3%D8%A8%D9%88%D9%83%20%D8%AA%D8%B7%D9%84%D9%82%20%D9%85%D9%8A%D8%B2%D8%AA%D9%87%D8%A7%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%84%D9%87%D8%B0%D9%87%20%D8%A7%D9%84%D9%81%D8%A6%D8%A9%20%D9%85%D9%86%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%D9%8A%D9%86%20-%20%D8%AD%D8%A7%D8%AC%D9%87%20%D9%85%D9%83%D8%B3%20%7C%20Haga%20mix&en=page_view&_fv=1&_nsi=1&_ss=1 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-PMDXVPR38M>m=2oebu0&_p=1332708005&cid=590305785.1670388368&ul=en-us&sr=1280x1024&_s=1&sid=1670388367&sct=1&seg=0&dl=https%3A%2F%2Fenit.in%2FTKy2tk9&dt=%D9%81%D9%8A%D8%B3%D8%A8%D9%88%D9%83%20%D8%AA%D8%B7%D9%84%D9%82%20%D9%85%D9%8A%D8%B2%D8%AA%D9%87%D8%A7%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%84%D9%87%D8%B0%D9%87%20%D8%A7%D9%84%D9%81%D8%A6%D8%A9%20%D9%85%D9%86%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%D9%8A%D9%86%20-%20%D8%AD%D8%A7%D8%AC%D9%87%20%D9%85%D9%83%D8%B3%20%7C%20Haga%20mix&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://enit.in
date: Wed, 07 Dec 2022 04:46:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash8aa9320315b7fc787bfd0fd1baea8721 45328506883b22acc927b8038b73e5247b0a1679 c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash93cd4106946bc499c4dbdfcab6ea7718 5628412fd5319f549699b48bc27ff0f2f334e6bd 9b471a64f51d01dc302ad60957ad702f536d4e2682ee9a594fe2253e1101d909
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B471A64F51D01DC302AD60957AD702F536D4E2682EE9A594FE2253E1101D909"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13945
Expires: Wed, 07 Dec 2022 08:38:33 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| clergymanwonderful.com/sbar.json?key=34aa847f855cc91a3510c99f05af9a65&uuid=ab65abb8-fdff-450c-ab8c-ffcc7e30133a%3A3%3A1 | 173.233.137.52 | 200 OK | 4.3 kB |
URL HTTP/1.1clergymanwonderful.com/sbar.json?key=34aa847f855cc91a3510c99f05af9a65&uuid=ab65abb8-fdff-450c-ab8c-ffcc7e30133a%3A3%3A1 IP173.233.137.52:0
File typeJSON data\012- , ASCII text, with very long lines (5943), with no line terminators Hash7d38d859b05c870dc66074512b4d4b47 828fb35505c3f6854744849280e857ec4781124d 303929bc9d3d8a2b71676bae1786b8a509bce5dc0fa6a8c88bad01c033866c7b
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sbar.json?key=34aa847f855cc91a3510c99f05af9a65&uuid=ab65abb8-fdff-450c-ab8c-ffcc7e30133a%3A3%3A1 HTTP/1.1
Host: clergymanwonderful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://enit.in
Access-Control-Allow-Origin: https://enit.in
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15467565; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
uid_id2=ab65abb8-fdff-450c-ab8c-ffcc7e30133a:3:1; expires=Wed, 14 Dec 2022 04:46:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 08 Dec 2022 04:46:08 GMT; secure; SameSite=None
slec34aa847f855cc91a3510c99f05af9a65=[3789938]; expires=Wed, 07 Dec 2022 04:46:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 21ef4232080cc9caed42bb44e0cfa92f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4572d87a1e0ec8c2d53b33a39b06f02a f6d469af83db717e1a691532052868c7925b2fe0 546f530032e8c8cd6e51d1adb173e194cef6610ee425b44fa57bdd153aaab079
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "546F530032E8C8CD6E51D1ADB173E194CEF6610EE425B44FA57BDD153AAAB079"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8811
Expires: Wed, 07 Dec 2022 07:12:59 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSerVoO5VTEBcRhJS4ggbO7tmu7PSBKCYoISWiLIrjNr3UGz%2B6sZna9Tk4RlVCPhhNw2nxOGgEF0T8ACTYIqaqEqC8oB3LgD%2BCC1DOyY8nwpJn3vvfN4fvem08PijMSoKCnW%2B%2BZPaU1XWk3Av%2BVbZUKUzp%2F444fBo3gur%2Bt0qut6%2F5odtnhtTBoN4JX%2FXckH5iVKAiDIAxCf1VZGZvRypyFyh70wkYvaLSiRthuYWT%2Fj13hwVEPYnhGnoMS00s7jx5C8Rpp8sNN6Qa5yV57Oyk0zY3FUBx%2FkA5SU6ZIlmVsPcTp8eI1jJsS8sUFmPR44QBmeDhzAKamxPsjBEuPFzLBhkfnSpmGTMHEsyiHNaSuoWgNbu5CiScE4AIbm0iT%2BxvGlnT3nKUzdkouPv0HqpySi38%2BjzT5%2FoZWI%2F%2B20UWuTOowiiuoUQ3Vr5EVJ8j3PKjyBDz%2FBEr8RlaeriNNDjedNlCimrtXqoaKa2g5BnUeitlRHorYQ5F5SMSpT9u9OAg6MYubzW6Lc95sct7uXhVt0Wx14wAFn8kbI8%2FG4HoMbveR2X0M1Bi2%2BAlup4ITHlw%2BJd77%2BxiKCqUkKB1BSQlKRVDmBOWwOhLaRa66L7QrWLjI0SI3q4nJ%2Bwf0yOR9mZKD7Ixcmc%2Flr5pgIE%2F9Fu9EUTfqtXibhz3G4kDQZjMO4lazyzoRh1MVlLswt7o3W9LNn5GpKSF%2Fvw5GT%2BD0Cbh6CbQIQctJJwpAdyatboC99DuuFR%2B4WO82uEkgTIUsv4h81zvQZ%2BSFuZCXf%2F8Ikj8miwC3FTJb4WP1C0Ff35vcMiU5vGVKRx5uZrlK1B6dLe92TnP5zDfvyt3SWLF2042%2FfpPPiFn54I50%2BTpNhUr7jnx7Qwkh7aqxXJIf19y2ZFuF27lR2LTI1rfeWl1LMiudUyatQdWTDz8HV1NySV6bf8srv16GsjVsUSEplkqVqcGzfbhs2XOGwOolZpmHsqgmNmLLplYEWi4xZRXcfzBb1gfuHvrWA83vIk0qDG2Foa5A9RiuuDzJM%2Fv4jUdfzuIrMO1NmLbeIdNWf3Y%2BWqdOfdmOg1gGkWRxj8UdGohe3Oox2gtlh7VpiNxN%2BfjF8b8AAAD%2F%2FwEAAP%2F%2FsbNbe24EAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSerVoO5VTEBcRhJS4ggbO7tmu7PSBKCYoISWiLIrjNr3UGz%2B6sZna9Tk4RlVCPhhNw2nxOGgEF0T8ACTYIqaqEqC8oB3LgD%2BCC1DOyY8nwpJn3vvfN4fvem08PijMSoKCnW%2B%2BZPaU1XWk3Av%2BVbZUKUzp%2F444fBo3gur%2Bt0qut6%2F5odtnhtTBoN4JX%2FXckH5iVKAiDIAxCf1VZGZvRypyFyh70wkYvaLSiRthuYWT%2Fj13hwVEPYnhGnoMS00s7jx5C8Rpp8sNN6Qa5yV57Oyk0zY3FUBx%2FkA5SU6ZIlmVsPcTp8eI1jJsS8sUFmPR44QBmeDhzAKamxPsjBEuPFzLBhkfnSpmGTMHEsyiHNaSuoWgNbu5CiScE4AIbm0iT%2BxvGlnT3nKUzdkouPv0HqpySi38%2BjzT5%2FoZWI%2F%2B20UWuTOowiiuoUQ3Vr5EVJ8j3PKjyBDz%2FBEr8RlaeriNNDjedNlCimrtXqoaKa2g5BnUeitlRHorYQ5F5SMSpT9u9OAg6MYubzW6Lc95sct7uXhVt0Wx14wAFn8kbI8%2FG4HoMbveR2X0M1Bi2%2BAlup4ITHlw%2BJd77%2BxiKCqUkKB1BSQlKRVDmBOWwOhLaRa66L7QrWLjI0SI3q4nJ%2Bwf0yOR9mZKD7Ixcmc%2Flr5pgIE%2F9Fu9EUTfqtXibhz3G4kDQZjMO4lazyzoRh1MVlLswt7o3W9LNn5GpKSF%2Fvw5GT%2BD0Cbh6CbQIQctJJwpAdyatboC99DuuFR%2B4WO82uEkgTIUsv4h81zvQZ%2BSFuZCXf%2F8Ikj8miwC3FTJb4WP1C0Ff35vcMiU5vGVKRx5uZrlK1B6dLe92TnP5zDfvyt3SWLF2042%2FfpPPiFn54I50%2BTpNhUr7jnx7Qwkh7aqxXJIf19y2ZFuF27lR2LTI1rfeWl1LMiudUyatQdWTDz8HV1NySV6bf8srv16GsjVsUSEplkqVqcGzfbhs2XOGwOolZpmHsqgmNmLLplYEWi4xZRXcfzBb1gfuHvrWA83vIk0qDG2Foa5A9RiuuDzJM%2Fv4jUdfzuIrMO1NmLbeIdNWf3Y%2BWqdOfdmOg1gGkWRxj8UdGohe3Oox2gtlh7VpiNxN%2BfjF8b8AAAD%2F%2FwEAAP%2F%2FsbNbe24EAAA%3D IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSerVoO5VTEBcRhJS4ggbO7tmu7PSBKCYoISWiLIrjNr3UGz%2B6sZna9Tk4RlVCPhhNw2nxOGgEF0T8ACTYIqaqEqC8oB3LgD%2BCC1DOyY8nwpJn3vvfN4fvem08PijMSoKCnW%2B%2BZPaU1XWk3Av%2BVbZUKUzp%2F444fBo3gur%2Bt0qut6%2F5odtnhtTBoN4JX%2FXckH5iVKAiDIAxCf1VZGZvRypyFyh70wkYvaLSiRthuYWT%2Fj13hwVEPYnhGnoMS00s7jx5C8Rpp8sNN6Qa5yV57Oyk0zY3FUBx%2FkA5SU6ZIlmVsPcTp8eI1jJsS8sUFmPR44QBmeDhzAKamxPsjBEuPFzLBhkfnSpmGTMHEsyiHNaSuoWgNbu5CiScE4AIbm0iT%2BxvGlnT3nKUzdkouPv0HqpySi38%2BjzT5%2FoZWI%2F%2B20UWuTOowiiuoUQ3Vr5EVJ8j3PKjyBDz%2FBEr8RlaeriNNDjedNlCimrtXqoaKa2g5BnUeitlRHorYQ5F5SMSpT9u9OAg6MYubzW6Lc95sct7uXhVt0Wx14wAFn8kbI8%2FG4HoMbveR2X0M1Bi2%2BAlup4ITHlw%2BJd77%2BxiKCqUkKB1BSQlKRVDmBOWwOhLaRa66L7QrWLjI0SI3q4nJ%2Bwf0yOR9mZKD7Ixcmc%2Flr5pgIE%2F9Fu9EUTfqtXibhz3G4kDQZjMO4lazyzoRh1MVlLswt7o3W9LNn5GpKSF%2Fvw5GT%2BD0Cbh6CbQIQctJJwpAdyatboC99DuuFR%2B4WO82uEkgTIUsv4h81zvQZ%2BSFuZCXf%2F8Ikj8miwC3FTJb4WP1C0Ff35vcMiU5vGVKRx5uZrlK1B6dLe92TnP5zDfvyt3SWLF2042%2FfpPPiFn54I50%2BTpNhUr7jnx7Qwkh7aqxXJIf19y2ZFuF27lR2LTI1rfeWl1LMiudUyatQdWTDz8HV1NySV6bf8srv16GsjVsUSEplkqVqcGzfbhs2XOGwOolZpmHsqgmNmLLplYEWi4xZRXcfzBb1gfuHvrWA83vIk0qDG2Foa5A9RiuuDzJM%2Fv4jUdfzuIrMO1NmLbeIdNWf3Y%2BWqdOfdmOg1gGkWRxj8UdGohe3Oox2gtlh7VpiNxN%2BfjF8b8AAAD%2F%2FwEAAP%2F%2FsbNbe24EAAA%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=14860800; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09721c9f4bc13decc19eace89b2c52a0
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash69f94ae2562b6912a1f8e721bb94c028 efd05133a22b539ed568b3c75e6e8aabb281799c b0c82753f01003c61fa71cf5542ead1fe90f11a9863592b374a8d3c13da4b306
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C82753F01003C61FA71CF5542EAD1FE90F11A9863592B374A8D3C13DA4B306"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9237
Expires: Wed, 07 Dec 2022 07:20:05 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf371fd6cbe04abe5f0d8679af1f2a998 ac95c5a39304a338b963d591a374bd667c836143 bb563352d50a6732df1045dcf54d5242f7609753538c26735456fef24a4692e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB563352D50A6732DF1045DCF54D5242F7609753538C26735456FEF24A4692E9"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5866
Expires: Wed, 07 Dec 2022 06:23:54 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf371fd6cbe04abe5f0d8679af1f2a998 ac95c5a39304a338b963d591a374bd667c836143 bb563352d50a6732df1045dcf54d5242f7609753538c26735456fef24a4692e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB563352D50A6732DF1045DCF54D5242F7609753538C26735456FEF24A4692E9"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5866
Expires: Wed, 07 Dec 2022 06:23:54 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSejRKKUAXRgChWogEJzvvrcndJgQjByMLYJgmyoJudmT0PN7uzmtm9PbuyiIRSHlRAtf7OjgUERP4AJFgjpCgSItcgF7jgD6BBSo3ufNLBk2be%2B943xfe9N58elGfEQ0lPt97Te1IputJuee4r2zLjurLuxh3X91redXdbZlej6%2B5odpnhNd9rt7xX3XcEG%2BiVwPM9z%2Fd8d1UakejRypyFzB%2F0%2FFbPa0VBy29HGJn%2FY1s6sNQBH56R5yD59NLOo4eQrEGW%2FnBT2EGh89feTktFC20w5McfZINMVxnSZZkYB0l2vHgNbaeEfHEBOjteOIAeHs4cIJZT4vzhI86OFzIRD4%2FOlcYKIkPMn0U1bCBUA0kbMH0Xkj8hAOPY2ESW3t%2FQpqK75yydsVNy8ek%2FkNWUXPzzeWTp9zeUHLm3tSoLqTOLUVJDjhrIfoO8PEGx50BWJ2DFJ5D8N7LydB1ZerhplYbk9dy9lA1k0kCJMah1UM6OdFAmDsrcQcpPXdruJZ7XSeIkDLsRYywMGWt3r%2FI2D6Nu4qFkM3ljFPkYTI3BzD5ys4%2BBHMOUP8Hu1LDcgS2mxHl%2FH0NeoxIElSWoKEElCaqCoBrWR1zZwNb3ubJl7C9ysMhhPdFF%2F4Ae6aIvMnKQn5Er87n81RAMxKkbsU4QdINexNrM78Vx4nEahomXRGE37gQMVtaQ9sLc6t5sSTd%2FRi6nhPz9OmJ6AqtOwORLoKUPWk06gQe6M4m6Hvay75iSbGATtdtiOgXXNfLiIopd50CdkRfmQl7%2B%2FSMI9pgsAszUyE2Nj%2BUvBH11b3JLV%2BTwlq4sebiZFzKVe3S2vNsFLcQz37wrditt%2BNpNO%2F76TTYjZuWDO8IW6zTjMutb8u0Nybkwq9owQX5cs9si3irtzo3SZGW%2BvvXW6lqaG2Gt1FkDKp98%2BDmYnJJL4tr8W1759TKkaWDKGmm5VCp1A5bvw%2BbLntUERi1xnDuoynpignjZVJJAiSWmcQ37Hxwv6wN7D33jgBZ3kaU1hqbGUNWgagxbXp4UuXn8xqMvZ%2FEVYuVMYmWcw1gZ9dn5aK08ddt%2BJLpxt8M4jwXjficIu6HnBZxHnZ7weyjslI1fHP8LAAD%2F%2FwEAAP%2F%2FpbvVnW4EAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSejRKKUAXRgChWogEJzvvrcndJgQjByMLYJgmyoJudmT0PN7uzmtm9PbuyiIRSHlRAtf7OjgUERP4AJFgjpCgSItcgF7jgD6BBSo3ufNLBk2be%2B943xfe9N58elGfEQ0lPt97Te1IputJuee4r2zLjurLuxh3X91redXdbZlej6%2B5odpnhNd9rt7xX3XcEG%2BiVwPM9z%2Fd8d1UakejRypyFzB%2F0%2FFbPa0VBy29HGJn%2FY1s6sNQBH56R5yD59NLOo4eQrEGW%2FnBT2EGh89feTktFC20w5McfZINMVxnSZZkYB0l2vHgNbaeEfHEBOjteOIAeHs4cIJZT4vzhI86OFzIRD4%2FOlcYKIkPMn0U1bCBUA0kbMH0Xkj8hAOPY2ESW3t%2FQpqK75yydsVNy8ek%2FkNWUXPzzeWTp9zeUHLm3tSoLqTOLUVJDjhrIfoO8PEGx50BWJ2DFJ5D8N7LydB1ZerhplYbk9dy9lA1k0kCJMah1UM6OdFAmDsrcQcpPXdruJZ7XSeIkDLsRYywMGWt3r%2FI2D6Nu4qFkM3ljFPkYTI3BzD5ys4%2BBHMOUP8Hu1LDcgS2mxHl%2FH0NeoxIElSWoKEElCaqCoBrWR1zZwNb3ubJl7C9ysMhhPdFF%2F4Ae6aIvMnKQn5Er87n81RAMxKkbsU4QdINexNrM78Vx4nEahomXRGE37gQMVtaQ9sLc6t5sSTd%2FRi6nhPz9OmJ6AqtOwORLoKUPWk06gQe6M4m6Hvay75iSbGATtdtiOgXXNfLiIopd50CdkRfmQl7%2B%2FSMI9pgsAszUyE2Nj%2BUvBH11b3JLV%2BTwlq4sebiZFzKVe3S2vNsFLcQz37wrditt%2BNpNO%2F76TTYjZuWDO8IW6zTjMutb8u0Nybkwq9owQX5cs9si3irtzo3SZGW%2BvvXW6lqaG2Gt1FkDKp98%2BDmYnJJL4tr8W1759TKkaWDKGmm5VCp1A5bvw%2BbLntUERi1xnDuoynpignjZVJJAiSWmcQ37Hxwv6wN7D33jgBZ3kaU1hqbGUNWgagxbXp4UuXn8xqMvZ%2FEVYuVMYmWcw1gZ9dn5aK08ddt%2BJLpxt8M4jwXjficIu6HnBZxHnZ7weyjslI1fHP8LAAD%2F%2FwEAAP%2F%2FpbvVnW4EAAA%3D IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSejRKKUAXRgChWogEJzvvrcndJgQjByMLYJgmyoJudmT0PN7uzmtm9PbuyiIRSHlRAtf7OjgUERP4AJFgjpCgSItcgF7jgD6BBSo3ufNLBk2be%2B943xfe9N58elGfEQ0lPt97Te1IputJuee4r2zLjurLuxh3X91redXdbZlej6%2B5odpnhNd9rt7xX3XcEG%2BiVwPM9z%2Fd8d1UakejRypyFzB%2F0%2FFbPa0VBy29HGJn%2FY1s6sNQBH56R5yD59NLOo4eQrEGW%2FnBT2EGh89feTktFC20w5McfZINMVxnSZZkYB0l2vHgNbaeEfHEBOjteOIAeHs4cIJZT4vzhI86OFzIRD4%2FOlcYKIkPMn0U1bCBUA0kbMH0Xkj8hAOPY2ESW3t%2FQpqK75yydsVNy8ek%2FkNWUXPzzeWTp9zeUHLm3tSoLqTOLUVJDjhrIfoO8PEGx50BWJ2DFJ5D8N7LydB1ZerhplYbk9dy9lA1k0kCJMah1UM6OdFAmDsrcQcpPXdruJZ7XSeIkDLsRYywMGWt3r%2FI2D6Nu4qFkM3ljFPkYTI3BzD5ys4%2BBHMOUP8Hu1LDcgS2mxHl%2FH0NeoxIElSWoKEElCaqCoBrWR1zZwNb3ubJl7C9ysMhhPdFF%2F4Ae6aIvMnKQn5Er87n81RAMxKkbsU4QdINexNrM78Vx4nEahomXRGE37gQMVtaQ9sLc6t5sSTd%2FRi6nhPz9OmJ6AqtOwORLoKUPWk06gQe6M4m6Hvay75iSbGATtdtiOgXXNfLiIopd50CdkRfmQl7%2B%2FSMI9pgsAszUyE2Nj%2BUvBH11b3JLV%2BTwlq4sebiZFzKVe3S2vNsFLcQz37wrditt%2BNpNO%2F76TTYjZuWDO8IW6zTjMutb8u0Nybkwq9owQX5cs9si3irtzo3SZGW%2BvvXW6lqaG2Gt1FkDKp98%2BDmYnJJL4tr8W1759TKkaWDKGmm5VCp1A5bvw%2BbLntUERi1xnDuoynpignjZVJJAiSWmcQ37Hxwv6wN7D33jgBZ3kaU1hqbGUNWgagxbXp4UuXn8xqMvZ%2FEVYuVMYmWcw1gZ9dn5aK08ddt%2BJLpxt8M4jwXjficIu6HnBZxHnZ7weyjslI1fHP8LAAD%2F%2FwEAAP%2F%2FpbvVnW4EAAA%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=14860800; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a8da652c5808432abea7a058ab4e354
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/bi/3f/9c/38/3f9c381f3633c7210e93a0a01cbba0ba/1597158783.gif | 45.133.44.9 | 200 OK | 16 kB |
URL HTTP/2cdn.cloudimagesb.com/bi/3f/9c/38/3f9c381f3633c7210e93a0a01cbba0ba/1597158783.gif IP45.133.44.9:0 ASN#39572 DataWeb Global Group B.V.
File typeGIF image data, version 89a, 320 x 240\012- data Hashfad69fc2794e1f28ee19820bdd76a02b 68569e6057bed39306be57597a68a230141efd6e 33e4061cecf6824ca6ec8726d2238d70cccf7d5e55cced87a7a374063f6d5dc2
GET /bi/3f/9c/38/3f9c381f3633c7210e93a0a01cbba0ba/1597158783.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:08 GMT
content-type: image/gif
content-length: 15520
server: nginx/1.17.6
last-modified: Tue, 11 Aug 2020 15:13:06 GMT
etag: "5f32b582-3ca0"
expires: Fri, 09 Dec 2022 04:46:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3a8da4d46dd016ca11bc38d3837a34d8 e53e3f2d290563002db01d450f08cda335604165 848b7ed9fa33d2a4eaec3e984a73158543df5dac83dcf54cd131c4bd4ad1dd3b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "848B7ED9FA33D2A4EAEC3E984A73158543DF5DAC83DCF54CD131C4BD4AD1DD3B"
Last-Modified: Mon, 05 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19775
Expires: Wed, 07 Dec 2022 10:15:43 GMT
Date: Wed, 07 Dec 2022 04:46:08 GMT
Connection: keep-alive
|
|
| cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg | 45.133.44.9 | 200 OK | 28 kB |
URL HTTP/2cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg IP45.133.44.9:0 ASN#39572 DataWeb Global Group B.V.
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data Hashf4fabf64be47ce667e0cfc150667b36c 234d722efa06cbedfdad9c1bb497a942997741dd 272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8
GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:08 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Fri, 09 Dec 2022 04:46:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg | 45.133.44.9 | 200 OK | 23 kB |
URL HTTP/2cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg IP45.133.44.9:0 ASN#39572 DataWeb Global Group B.V.
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data Hashc6f19781c79ff746b99178f813cfbff2 5c307e43c63001535aa3a3683777dbb1a7f0775b 816b5a5d078f27271fa2d7c210d708f386a6f9fbd9242531b07f0b051382870d
GET /cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:08 GMT
content-type: image/jpeg
content-length: 22883
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:15:16 GMT
etag: "611243a4-5963"
expires: Fri, 09 Dec 2022 04:46:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg | 45.133.44.9 | 200 OK | 23 kB |
URL HTTP/2cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg IP45.133.44.9:0 ASN#39572 DataWeb Global Group B.V.
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data Hash4452445afb73fab8af9ff308eb667024 130401c47d822426e1cce9981c30d775cba1b576 923b0ac505decd181f473f1fa460f21590777993c3581723f127b032d8c45bdd
GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:08 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Fri, 09 Dec 2022 04:46:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashea6d8022d3d0fcb1a655c111694efb3c 0565f1dae70afb9f7d231824a488de4f262218f0 198fc3e66c5d81029e6781d76d0eb5bf8a3c8ae92aa3aa6a7f0fda6d95658a76
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "198FC3E66C5D81029E6781D76D0EB5BF8A3C8AE92AA3AA6A7F0FDA6D95658A76"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7047
Expires: Wed, 07 Dec 2022 06:43:36 GMT
Date: Wed, 07 Dec 2022 04:46:09 GMT
Connection: keep-alive
|
|
| s4.histats.com/stats/0.php?3963887&@f16&@g1&@h1&@i1&@j1670388367374&@k0&@l1&@m%D9%81%D9%8A%D8%B3%D8%A8%D9%88%D9%83%20%D8%AA%D8%B7%D9%84%D9%82%20%D9%85%D9%8A%D8%B2%D8%AA%D9%87%D8%A7%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%84%D9%87%D8%B0%D9%87%20%D8%A7%D9%84%D9%81%D8%A6%D8%A9%20%D9%85%D9%86%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%D9%8A%D9%86%20-%20%D8%AD%D8%A7%D8%AC%D9%87%20%D9%85%D9%83%D8%B3%20%7C%20Haga%20mix&@n0User=438605|Plan=High&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:153677570&@b3:1670388367&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fenit.in%2FTKy2tk9%23&@w |  54.39.128.117 | 200 OK | 64 B |
URL HTTP/1.1s4.histats.com/stats/0.php?3963887&@f16&@g1&@h1&@i1&@j1670388367374&@k0&@l1&@m%D9%81%D9%8A%D8%B3%D8%A8%D9%88%D9%83%20%D8%AA%D8%B7%D9%84%D9%82%20%D9%85%D9%8A%D8%B2%D8%AA%D9%87%D8%A7%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%84%D9%87%D8%B0%D9%87%20%D8%A7%D9%84%D9%81%D8%A6%D8%A9%20%D9%85%D9%86%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%D9%8A%D9%86%20-%20%D8%AD%D8%A7%D8%AC%D9%87%20%D9%85%D9%83%D8%B3%20%7C%20Haga%20mix&@n0User=438605|Plan=High&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:153677570&@b3:1670388367&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fenit.in%2FTKy2tk9%23&@w IP54.39.128.117:0
File typeASCII text, with no line terminators Hash656b8313112507c3e50719b6ede03db6 f3d09fa8e0c0dc03857c7e421e4ed94d41c46a79 fc6cd31038520d686e013e0aa9ffd2d9406782a745a30a05ea13f4d1891b9099
GET /stats/0.php?3963887&@f16&@g1&@h1&@i1&@j1670388367374&@k0&@l1&@m%D9%81%D9%8A%D8%B3%D8%A8%D9%88%D9%83%20%D8%AA%D8%B7%D9%84%D9%82%20%D9%85%D9%8A%D8%B2%D8%AA%D9%87%D8%A7%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%84%D9%87%D8%B0%D9%87%20%D8%A7%D9%84%D9%81%D8%A6%D8%A9%20%D9%85%D9%86%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%D9%8A%D9%86%20-%20%D8%AD%D8%A7%D8%AC%D9%87%20%D9%85%D9%83%D8%B3%20%7C%20Haga%20mix&@n0User=438605|Plan=High&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:153677570&@b3:1670388367&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fenit.in%2FTKy2tk9%23&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 64
Connection: close
|
|
| clergymanwonderful.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwYscxReuTvZ3%2BQmC4kFFZQ4eFJzZ7unpnWlzWIwxEoxJSKK5WlVdNVtOdVdT1T09u3gIBkKOE7x47P1mN4saxfwBEp31IgtCRkFWcf8CFUHIWWZ2YPEd6r1X3zt83%2Ffe7e3yiPgo6eGVd82W0pquRi2%2F8coNlSWmco1L1xuB3%2FLPNG6obK1zpjGaP3b4euBHLf%2FVxtuCD8xq2w98P%2FCDxnllhTSj1QUKld%2BPg1bstzrtVhB1MLL%2F7V3pwVEPyfCIPA2VzP638cMDKD5Fln59TrhBYfLX3kpLTQtjMUz23ssGmakypCeltB5ktrechnEzQj49BZPtLRXADHfmCsDUjHi%2FBGDZ3pIm2HD3mCnTEBlY8gSq4RRCT6HoFNzcgkoeEYAnuHQZWXrvkrEV3TxG6RydkZXH%2F0BVM7Ly%2BzPI0q%2FOajVqXDO6LJTJHEayhhpNofpT5OU%2Bii0PqtoHLz6GSn4kq48vIkt3LjttoJLDlylbiyhjvaZMpGx2Ip83KevxppScd0XoB2FIFxYpNYWSU2gxBnWnUToPpfJQSg9l7iFNDhs0iqXvdyWTYdjrcM7DkPOot5ZESdjpSR8ln2sYo8jH4HoMbm8itzcxUGPY8lu4jRou8eAKgmFSoxIElSOoKEGlCKqCoBrWu4l2bVffS7QrWbDM7WUO64kp%2Btt01xR9kZHt%2FIg8tTDuj5UmBuKwEXYo7XW6shdFnMcBDaPA53Es%2FYjKmK5FcKqGcqdAnYet%2BRbPfYdczQj5qwlG9%2BH0Prh6AbR8EbSadNs%2B6Mak0%2FOxlX3JteIDJ%2FVmi5sUiamRFysoNr1tfUSeWxCJf7YQ%2FGD9KFr%2F6M%2B7G%2BC2Rm5rfKi%2BJ%2BjrO5OrpiI7V03lyIPLeaFStUXn271W0EKsfP6O2KyMTS6cc%2BPP3uBzYF7evy5ccZFmicr6jnxxViWJsOeN5YJ8c8HdEOxK6TbOljYr84tX3jx%2FIc2tcE6ZbAqqHn3wEFzNyP%2FT24u7fem321B2ClvWSMsDsgwosw%2Be34TLD9Z%2FbT75%2Fsqzn8AZAqtPZljuoSrriW2zk0%2BtCLQ46Smr4cSJBUwcPPz7GNt2d9C3HmhxC1laY2hrDHUNqsdw5elJkduD9Z%2FCRYBpb8K09XaYtvrusbVOHTZEJH0p%2FLZgMmayS%2F0klp2Y0TgQXRbRAIWb8fHz438BAAD%2F%2FwEAAP%2F%2FQFrp6I8EAAA%3D | 173.233.137.52 | 200 OK | 7 B |
URL HTTP/1.1clergymanwonderful.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwYscxReuTvZ3%2BQmC4kFFZQ4eFJzZ7unpnWlzWIwxEoxJSKK5WlVdNVtOdVdT1T09u3gIBkKOE7x47P1mN4saxfwBEp31IgtCRkFWcf8CFUHIWWZ2YPEd6r1X3zt83%2Ffe7e3yiPgo6eGVd82W0pquRi2%2F8coNlSWmco1L1xuB3%2FLPNG6obK1zpjGaP3b4euBHLf%2FVxtuCD8xq2w98P%2FCDxnllhTSj1QUKld%2BPg1bstzrtVhB1MLL%2F7V3pwVEPyfCIPA2VzP638cMDKD5Fln59TrhBYfLX3kpLTQtjMUz23ssGmakypCeltB5ktrechnEzQj49BZPtLRXADHfmCsDUjHi%2FBGDZ3pIm2HD3mCnTEBlY8gSq4RRCT6HoFNzcgkoeEYAnuHQZWXrvkrEV3TxG6RydkZXH%2F0BVM7Ly%2BzPI0q%2FOajVqXDO6LJTJHEayhhpNofpT5OU%2Bii0PqtoHLz6GSn4kq48vIkt3LjttoJLDlylbiyhjvaZMpGx2Ip83KevxppScd0XoB2FIFxYpNYWSU2gxBnWnUToPpfJQSg9l7iFNDhs0iqXvdyWTYdjrcM7DkPOot5ZESdjpSR8ln2sYo8jH4HoMbm8itzcxUGPY8lu4jRou8eAKgmFSoxIElSOoKEGlCKqCoBrWu4l2bVffS7QrWbDM7WUO64kp%2Btt01xR9kZHt%2FIg8tTDuj5UmBuKwEXYo7XW6shdFnMcBDaPA53Es%2FYjKmK5FcKqGcqdAnYet%2BRbPfYdczQj5qwlG9%2BH0Prh6AbR8EbSadNs%2B6Mak0%2FOxlX3JteIDJ%2FVmi5sUiamRFysoNr1tfUSeWxCJf7YQ%2FGD9KFr%2F6M%2B7G%2BC2Rm5rfKi%2BJ%2BjrO5OrpiI7V03lyIPLeaFStUXn271W0EKsfP6O2KyMTS6cc%2BPP3uBzYF7evy5ccZFmicr6jnxxViWJsOeN5YJ8c8HdEOxK6TbOljYr84tX3jx%2FIc2tcE6ZbAqqHn3wEFzNyP%2FT24u7fem321B2ClvWSMsDsgwosw%2Be34TLD9Z%2FbT75%2Fsqzn8AZAqtPZljuoSrriW2zk0%2BtCLQ46Smr4cSJBUwcPPz7GNt2d9C3HmhxC1laY2hrDHUNqsdw5elJkduD9Z%2FCRYBpb8K09XaYtvrusbVOHTZEJH0p%2FLZgMmayS%2F0klp2Y0TgQXRbRAIWb8fHz438BAAD%2F%2FwEAAP%2F%2FQFrp6I8EAAA%3D IP173.233.137.52:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwYscxReuTvZ3%2BQmC4kFFZQ4eFJzZ7unpnWlzWIwxEoxJSKK5WlVdNVtOdVdT1T09u3gIBkKOE7x47P1mN4saxfwBEp31IgtCRkFWcf8CFUHIWWZ2YPEd6r1X3zt83%2Ffe7e3yiPgo6eGVd82W0pquRi2%2F8coNlSWmco1L1xuB3%2FLPNG6obK1zpjGaP3b4euBHLf%2FVxtuCD8xq2w98P%2FCDxnllhTSj1QUKld%2BPg1bstzrtVhB1MLL%2F7V3pwVEPyfCIPA2VzP638cMDKD5Fln59TrhBYfLX3kpLTQtjMUz23ssGmakypCeltB5ktrechnEzQj49BZPtLRXADHfmCsDUjHi%2FBGDZ3pIm2HD3mCnTEBlY8gSq4RRCT6HoFNzcgkoeEYAnuHQZWXrvkrEV3TxG6RydkZXH%2F0BVM7Ly%2BzPI0q%2FOajVqXDO6LJTJHEayhhpNofpT5OU%2Bii0PqtoHLz6GSn4kq48vIkt3LjttoJLDlylbiyhjvaZMpGx2Ip83KevxppScd0XoB2FIFxYpNYWSU2gxBnWnUToPpfJQSg9l7iFNDhs0iqXvdyWTYdjrcM7DkPOot5ZESdjpSR8ln2sYo8jH4HoMbm8itzcxUGPY8lu4jRou8eAKgmFSoxIElSOoKEGlCKqCoBrWu4l2bVffS7QrWbDM7WUO64kp%2Btt01xR9kZHt%2FIg8tTDuj5UmBuKwEXYo7XW6shdFnMcBDaPA53Es%2FYjKmK5FcKqGcqdAnYet%2BRbPfYdczQj5qwlG9%2BH0Prh6AbR8EbSadNs%2B6Mak0%2FOxlX3JteIDJ%2FVmi5sUiamRFysoNr1tfUSeWxCJf7YQ%2FGD9KFr%2F6M%2B7G%2BC2Rm5rfKi%2BJ%2BjrO5OrpiI7V03lyIPLeaFStUXn271W0EKsfP6O2KyMTS6cc%2BPP3uBzYF7evy5ccZFmicr6jnxxViWJsOeN5YJ8c8HdEOxK6TbOljYr84tX3jx%2FIc2tcE6ZbAqqHn3wEFzNyP%2FT24u7fem321B2ClvWSMsDsgwosw%2Be34TLD9Z%2FbT75%2Fsqzn8AZAqtPZljuoSrriW2zk0%2BtCLQ46Smr4cSJBUwcPPz7GNt2d9C3HmhxC1laY2hrDHUNqsdw5elJkduD9Z%2FCRYBpb8K09XaYtvrusbVOHTZEJH0p%2FLZgMmayS%2F0klp2Y0TgQXRbRAIWb8fHz438BAAD%2F%2FwEAAP%2F%2FQFrp6I8EAAA%3D HTTP/1.1
Host: clergymanwonderful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=ab65abb8-fdff-450c-ab8c-ffcc7e30133a:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34aa847f855cc91a3510c99f05af9a65=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5c4bcde7210930aef19bce6013c436cb
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxRev3uQLX%2FSiIoLiYdiDKOiken7szLiHxRgjwZjE3ZWcq6uqJ%2BVUdzVV3dOTnKILuscBL%2Bqp85lkg2sU9w9QdOJlCQo7F8lhI3jz4kVYPErPDow%2B6Pfepz%2Fv8Pm8Vx8fZBeEImPnW%2B%2BaPaU1W2pWaeXlbRULk7vKxs2KT6v0amVbxVcaVyuDMtn%2B6z5tVukrlbcl75mlGvUp9alfWVVWhmawNGWhkpOOX%2B3QaqNW9ZsNDOx%2Fscs8OOZB9C%2FIM1Bi8r%2Bd%2B%2Feg%2BBhx9O2KdL3UJK%2B%2BFWWapcaiL47fj3uxyWNE8za0HsL4eDYN4yaEfHYJJj6eOYDpH5YOEKgJ8X71EcTHM5kI%2BkePlQYaMkYgnkTeH0PqMRQbg5tbUOIBAbjAxibi6M6GsTnbfcyykp2QxUd%2FQeUTsvjwWcTRN8taDSo3jM5SZWKHQVhADcZQ3TGS7BTpngeVn4KnH0GJX8jSo3XE0eGm0wZKFFP3So2hwjG0HII5D1n5KQ9Z6CFLPETivMKanZDSVhiE9Xq7wTmv1zlvtq%2BIpqg32iFFxkt5Q6TJEFwPwe0%2BEruPnhrCZj%2FA7RRwwoNLJ8R7bx99USCXBLkjyBlBrgjylCDvF0dCu5or7gjtssCf1dqs1ouRSbsH7MikXRmTg%2BSCPD3dy%2B%2Fj59CT55Ww2fIbjXZLXqHNVqfdDnxRa9NG6IftUIaUw6kCyl2aWt0rj7TyIxI1IeTP1xCwUzh9Cq4ug2U%2BWD5q1SjYzqjRptiLv%2BZa8Z4L9W6VmwjCFEjSRaS73oG%2BIM9PhVxe%2BA2Sn127%2B%2BLJ%2F%2F2X%2FgC3BRJb4AP1E0FX3x5dNzk5vG5yR%2B5tJqmK1B4rj3cjZalcuPuO3M2NFWsrbvjlG7wkyvbkpnTpOouFiruOfLWshJB21VguyXdrblsGW5nbWc5snCXrW2%2BurkWJlc4pE4%2FB1IPNv8HVhCx%2B%2BP30WT718ydQdgybFYiyMzILKHMKnuzDJXP1zhBYPZ8JEg95VoxsLZj%2F1IpAyzlmQQH3LxzM%2BwN3G127AJbeQhwV6NsCfV2A6SFc9sQoTezZtfufl%2FEFAr0wCrRdOAy01Z9OV1umizI9hFPnFdkMaShpTQZhJwhbjIpO2OgErOPLVtBkPlI34cMXhv8AAAD%2F%2FwEAAP%2F%2FghpwnHgEAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxRev3uQLX%2FSiIoLiYdiDKOiken7szLiHxRgjwZjE3ZWcq6uqJ%2BVUdzVV3dOTnKILuscBL%2Bqp85lkg2sU9w9QdOJlCQo7F8lhI3jz4kVYPErPDow%2B6Pfepz%2Fv8Pm8Vx8fZBeEImPnW%2B%2BaPaU1W2pWaeXlbRULk7vKxs2KT6v0amVbxVcaVyuDMtn%2B6z5tVukrlbcl75mlGvUp9alfWVVWhmawNGWhkpOOX%2B3QaqNW9ZsNDOx%2Fscs8OOZB9C%2FIM1Bi8r%2Bd%2B%2Feg%2BBhx9O2KdL3UJK%2B%2BFWWapcaiL47fj3uxyWNE8za0HsL4eDYN4yaEfHYJJj6eOYDpH5YOEKgJ8X71EcTHM5kI%2BkePlQYaMkYgnkTeH0PqMRQbg5tbUOIBAbjAxibi6M6GsTnbfcyykp2QxUd%2FQeUTsvjwWcTRN8taDSo3jM5SZWKHQVhADcZQ3TGS7BTpngeVn4KnH0GJX8jSo3XE0eGm0wZKFFP3So2hwjG0HII5D1n5KQ9Z6CFLPETivMKanZDSVhiE9Xq7wTmv1zlvtq%2BIpqg32iFFxkt5Q6TJEFwPwe0%2BEruPnhrCZj%2FA7RRwwoNLJ8R7bx99USCXBLkjyBlBrgjylCDvF0dCu5or7gjtssCf1dqs1ouRSbsH7MikXRmTg%2BSCPD3dy%2B%2Fj59CT55Ww2fIbjXZLXqHNVqfdDnxRa9NG6IftUIaUw6kCyl2aWt0rj7TyIxI1IeTP1xCwUzh9Cq4ug2U%2BWD5q1SjYzqjRptiLv%2BZa8Z4L9W6VmwjCFEjSRaS73oG%2BIM9PhVxe%2BA2Sn127%2B%2BLJ%2F%2F2X%2FgC3BRJb4AP1E0FX3x5dNzk5vG5yR%2B5tJqmK1B4rj3cjZalcuPuO3M2NFWsrbvjlG7wkyvbkpnTpOouFiruOfLWshJB21VguyXdrblsGW5nbWc5snCXrW2%2BurkWJlc4pE4%2FB1IPNv8HVhCx%2B%2BP30WT718ydQdgybFYiyMzILKHMKnuzDJXP1zhBYPZ8JEg95VoxsLZj%2F1IpAyzlmQQH3LxzM%2BwN3G127AJbeQhwV6NsCfV2A6SFc9sQoTezZtfufl%2FEFAr0wCrRdOAy01Z9OV1umizI9hFPnFdkMaShpTQZhJwhbjIpO2OgErOPLVtBkPlI34cMXhv8AAAD%2F%2FwEAAP%2F%2FghpwnHgEAAA%3D IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxRev3uQLX%2FSiIoLiYdiDKOiken7szLiHxRgjwZjE3ZWcq6uqJ%2BVUdzVV3dOTnKILuscBL%2Bqp85lkg2sU9w9QdOJlCQo7F8lhI3jz4kVYPErPDow%2B6Pfepz%2Fv8Pm8Vx8fZBeEImPnW%2B%2BaPaU1W2pWaeXlbRULk7vKxs2KT6v0amVbxVcaVyuDMtn%2B6z5tVukrlbcl75mlGvUp9alfWVVWhmawNGWhkpOOX%2B3QaqNW9ZsNDOx%2Fscs8OOZB9C%2FIM1Bi8r%2Bd%2B%2Feg%2BBhx9O2KdL3UJK%2B%2BFWWapcaiL47fj3uxyWNE8za0HsL4eDYN4yaEfHYJJj6eOYDpH5YOEKgJ8X71EcTHM5kI%2BkePlQYaMkYgnkTeH0PqMRQbg5tbUOIBAbjAxibi6M6GsTnbfcyykp2QxUd%2FQeUTsvjwWcTRN8taDSo3jM5SZWKHQVhADcZQ3TGS7BTpngeVn4KnH0GJX8jSo3XE0eGm0wZKFFP3So2hwjG0HII5D1n5KQ9Z6CFLPETivMKanZDSVhiE9Xq7wTmv1zlvtq%2BIpqg32iFFxkt5Q6TJEFwPwe0%2BEruPnhrCZj%2FA7RRwwoNLJ8R7bx99USCXBLkjyBlBrgjylCDvF0dCu5or7gjtssCf1dqs1ouRSbsH7MikXRmTg%2BSCPD3dy%2B%2Fj59CT55Ww2fIbjXZLXqHNVqfdDnxRa9NG6IftUIaUw6kCyl2aWt0rj7TyIxI1IeTP1xCwUzh9Cq4ug2U%2BWD5q1SjYzqjRptiLv%2BZa8Z4L9W6VmwjCFEjSRaS73oG%2BIM9PhVxe%2BA2Sn127%2B%2BLJ%2F%2F2X%2FgC3BRJb4AP1E0FX3x5dNzk5vG5yR%2B5tJqmK1B4rj3cjZalcuPuO3M2NFWsrbvjlG7wkyvbkpnTpOouFiruOfLWshJB21VguyXdrblsGW5nbWc5snCXrW2%2BurkWJlc4pE4%2FB1IPNv8HVhCx%2B%2BP30WT718ydQdgybFYiyMzILKHMKnuzDJXP1zhBYPZ8JEg95VoxsLZj%2F1IpAyzlmQQH3LxzM%2BwN3G127AJbeQhwV6NsCfV2A6SFc9sQoTezZtfufl%2FEFAr0wCrRdOAy01Z9OV1umizI9hFPnFdkMaShpTQZhJwhbjIpO2OgErOPLVtBkPlI34cMXhv8AAAD%2F%2FwEAAP%2F%2FghpwnHgEAAA%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=14860800; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 04:46:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb6b445a40d1a7d60bfe32f1caef9200
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uQHP%2FSiIoLiYdiDKOikej52ZtzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtGFZY8DXtRT55lkg2sU9w9QdOJlCQo7F8lhI3jz4kVYPErPDoy%2B0O9HP%2B%2FheZ63bh9kF4QiY%2Bdb75s9pTVbalZp5dVtFQuTu8rGzYpPq%2FRqZVvFVxpXK4My2f6bPm1W6WuVdyXvmaUa9Sn1qV9ZVVaGZrA0RaGSk45f7dBqo1b1mw0M7H9nl3lwzIPoX5DnoMTkfzsP7kPxMeLo2xXpeqlJXn8nyjRLjUVfHH8Y92KTx4jmbWg9hPHxbBvGTQj57BJMfDxTANM%2FLBUgUBPi%2FeojiI9nNBH0j54wDTRkjEA8jbw%2FhtRjKDYGN7egxEMCcIGNTcTR3Q1jc7b7BGUlOiGLj%2F%2BCyidk8dHziKNvlrUaVG4YnaXKxA6DsIAajKG6YyTZKdI9Dyo%2FBU8%2FgRK%2FkKXH64ijw02nDZQopuqVGkOFY2g5BHMesvJTHrLQQ5Z4iMR5hTU7IaWtMAjr9XaDc16vc95sXxFNUW%2B0Q4qMl%2FSGSJMhuB6C230kdh89NYTNfoDbKeCEB5dOiPfBPvqiQC4JckeQM4JcEeQpQd4vjoR2NVfcFdplgT%2BrtVmtFyOTdg%2FYkUm7MiYHyQV5durL7%2BMX0JPnlbDZ8huNdkteoc1Wp90OfFFr00boh%2B1QhpTDqQLKXZpK3SuPtPIjEjUh5M83ELBTOH0Kri6DZT5YPmrVKNjOqNGm2Iu%2F5lrxngv1bpWbCMIUSNJFpLvegb4gL06JXF64gORn1%2B69fPJ%2F%2F5U%2FwG2BxBb4SP1E0NV3RtdNTg6vm9yR%2B5tJqiK1x8rj3UhZKhfuvSd3c2PF2oobfvkWL4GyPbkpXbrOYqHiriNfLSshpF01lkvy3ZrblsFW5naWMxtnyfrW26trUWKlc8rEYzD1cPNvcDUhix9%2FP32Wz%2Fx8G8qOYbMCUXZGZgFlTsGTfbhkzt4ZAqvnO0FyCXlWjGwtmP%2FUikDL%2BcyCAu5fczDvD9wddO0CWHoLcVSgbwv0dQGmh3DZU6M0sWfXHnxexhcI9MIo0HbhMNBWf1pa%2B9vU3zI9glPnFdkMaShpTQZhJwhbjIpO2OgErOPLVtBkPlI34cOXhv8AAAD%2F%2FwEAAP%2F%2Fj11KJ3gEAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uQHP%2FSiIoLiYdiDKOikej52ZtzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtGFZY8DXtRT55lkg2sU9w9QdOJlCQo7F8lhI3jz4kVYPErPDoy%2B0O9HP%2B%2FheZ63bh9kF4QiY%2Bdb75s9pTVbalZp5dVtFQuTu8rGzYpPq%2FRqZVvFVxpXK4My2f6bPm1W6WuVdyXvmaUa9Sn1qV9ZVVaGZrA0RaGSk45f7dBqo1b1mw0M7H9nl3lwzIPoX5DnoMTkfzsP7kPxMeLo2xXpeqlJXn8nyjRLjUVfHH8Y92KTx4jmbWg9hPHxbBvGTQj57BJMfDxTANM%2FLBUgUBPi%2FeojiI9nNBH0j54wDTRkjEA8jbw%2FhtRjKDYGN7egxEMCcIGNTcTR3Q1jc7b7BGUlOiGLj%2F%2BCyidk8dHziKNvlrUaVG4YnaXKxA6DsIAajKG6YyTZKdI9Dyo%2FBU8%2FgRK%2FkKXH64ijw02nDZQopuqVGkOFY2g5BHMesvJTHrLQQ5Z4iMR5hTU7IaWtMAjr9XaDc16vc95sXxFNUW%2B0Q4qMl%2FSGSJMhuB6C230kdh89NYTNfoDbKeCEB5dOiPfBPvqiQC4JckeQM4JcEeQpQd4vjoR2NVfcFdplgT%2BrtVmtFyOTdg%2FYkUm7MiYHyQV5durL7%2BMX0JPnlbDZ8huNdkteoc1Wp90OfFFr00boh%2B1QhpTDqQLKXZpK3SuPtPIjEjUh5M83ELBTOH0Kri6DZT5YPmrVKNjOqNGm2Iu%2F5lrxngv1bpWbCMIUSNJFpLvegb4gL06JXF64gORn1%2B69fPJ%2F%2F5U%2FwG2BxBb4SP1E0NV3RtdNTg6vm9yR%2B5tJqiK1x8rj3UhZKhfuvSd3c2PF2oobfvkWL4GyPbkpXbrOYqHiriNfLSshpF01lkvy3ZrblsFW5naWMxtnyfrW26trUWKlc8rEYzD1cPNvcDUhix9%2FP32Wz%2Fx8G8qOYbMCUXZGZgFlTsGTfbhkzt4ZAqvnO0FyCXlWjGwtmP%2FUikDL%2BcyCAu5fczDvD9wddO0CWHoLcVSgbwv0dQGmh3DZU6M0sWfXHnxexhcI9MIo0HbhMNBWf1pa%2B9vU3zI9glPnFdkMaShpTQZhJwhbjIpO2OgErOPLVtBkPlI34cOXhv8AAAD%2F%2FwEAAP%2F%2Fj11KJ3gEAAA%3D IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uQHP%2FSiIoLiYdiDKOikej52ZtzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtGFZY8DXtRT55lkg2sU9w9QdOJlCQo7F8lhI3jz4kVYPErPDoy%2B0O9HP%2B%2FheZ63bh9kF4QiY%2Bdb75s9pTVbalZp5dVtFQuTu8rGzYpPq%2FRqZVvFVxpXK4My2f6bPm1W6WuVdyXvmaUa9Sn1qV9ZVVaGZrA0RaGSk45f7dBqo1b1mw0M7H9nl3lwzIPoX5DnoMTkfzsP7kPxMeLo2xXpeqlJXn8nyjRLjUVfHH8Y92KTx4jmbWg9hPHxbBvGTQj57BJMfDxTANM%2FLBUgUBPi%2FeojiI9nNBH0j54wDTRkjEA8jbw%2FhtRjKDYGN7egxEMCcIGNTcTR3Q1jc7b7BGUlOiGLj%2F%2BCyidk8dHziKNvlrUaVG4YnaXKxA6DsIAajKG6YyTZKdI9Dyo%2FBU8%2FgRK%2FkKXH64ijw02nDZQopuqVGkOFY2g5BHMesvJTHrLQQ5Z4iMR5hTU7IaWtMAjr9XaDc16vc95sXxFNUW%2B0Q4qMl%2FSGSJMhuB6C230kdh89NYTNfoDbKeCEB5dOiPfBPvqiQC4JckeQM4JcEeQpQd4vjoR2NVfcFdplgT%2BrtVmtFyOTdg%2FYkUm7MiYHyQV5durL7%2BMX0JPnlbDZ8huNdkteoc1Wp90OfFFr00boh%2B1QhpTDqQLKXZpK3SuPtPIjEjUh5M83ELBTOH0Kri6DZT5YPmrVKNjOqNGm2Iu%2F5lrxngv1bpWbCMIUSNJFpLvegb4gL06JXF64gORn1%2B69fPJ%2F%2F5U%2FwG2BxBb4SP1E0NV3RtdNTg6vm9yR%2B5tJqiK1x8rj3UhZKhfuvSd3c2PF2oobfvkWL4GyPbkpXbrOYqHiriNfLSshpF01lkvy3ZrblsFW5naWMxtnyfrW26trUWKlc8rEYzD1cPNvcDUhix9%2FP32Wz%2Fx8G8qOYbMCUXZGZgFlTsGTfbhkzt4ZAqvnO0FyCXlWjGwtmP%2FUikDL%2BcyCAu5fczDvD9wddO0CWHoLcVSgbwv0dQGmh3DZU6M0sWfXHnxexhcI9MIo0HbhMNBWf1pa%2B9vU3zI9glPnFdkMaShpTQZhJwhbjIpO2OgErOPLVtBkPlI34cOXhv8AAAD%2F%2FwEAAP%2F%2Fj11KJ3gEAAA%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=14860800; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 04:46:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 69b0362cae2c193af0b797416b4f37f6
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| hygieneretorted.com/pixel/purst?dl=0&th=0&sc=0&rs=2670&rd=2670&fd=857&bv=22.10.v.10&tmpl=136 | 173.233.137.52 | 200 OK | 0 B |
URL HTTP/1.1hygieneretorted.com/pixel/purst?dl=0&th=0&sc=0&rs=2670&rd=2670&fd=857&bv=22.10.v.10&tmpl=136 IP173.233.137.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=2670&rd=2670&fd=857&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: hygieneretorted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| friendshipmale.com/sfp.js | 172.64.163.31 | 200 OK | 27 kB |
URL HTTP/2friendshipmale.com/sfp.js IP172.64.163.31:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashcd34b0772b5d1874b0c82c61f7dbf6fd 971ea49db3aeee40e4fa9fa2269f9bf757d5f91f e2e92efd4ad3155a346b44e076791724dfe57faf80f0e8fe7cc44deeabee3019
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:08 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c16e14a30951becaaca4ad0a736d628d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 07 Dec 2022 04:46:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NW%2F6lGIYsfslSqnEPO0NIXx5U%2BO%2FOaFG4Tyv7zmp%2B6MT%2FX%2FUGV547UykWvPE%2B5tEsIdWEoF6MGLaDGo3fyf1nEi3pVVO3nhdoLIatnwSVU6xepbWkZshbrTkDV5ISTGIjV6wSRg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a9da26be77744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stealcalmgenus.com/pixel/purst?dl=0&th=0&sc=0&rs=2773&rd=2773&fd=926&bv=22.10.v.10&tmpl=136 | 192.243.61.227 | 200 OK | 0 B |
URL HTTP/1.1stealcalmgenus.com/pixel/purst?dl=0&th=0&sc=0&rs=2773&rd=2773&fd=926&bv=22.10.v.10&tmpl=136 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2773&rd=2773&fd=926&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: stealcalmgenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uQHP%2FSiIoLiYdiDKOikez52etzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtGFZY8DXtRT55lkg2sU9w9QtONlCQo7F8lhI3jz4kVYPErPDoy%2B0O9HP%2B%2FheZ63bh9kF8RFRs%2B33td7Uim61K67tVe3Zcx1bmsbN2ueW3ev1rZlfKV1tTaskhm86bntuvta7V3B%2Bnqp4Xqu67lebVUaEerh0hSFTE66Xr3r1luNutduYWj%2BO9vMgaUO%2BOCCPAfJJ%2F%2FbeXAfkpWIo29XhO2nOnn9nShTNNUGA378YdyPdR4jmrehcRDGx7NtaDsh5LNL0PHxTAH04LBSgEBOiPOrhyA%2BntFEMDh6wjRQEDEC%2FjTyQQmhSkhagulbkPwhARjHxibi6O6GNjndfYLSCp2Qxcd%2FQeYTsvjoecTRN8tKDms3tMpSqWOLYVhADkvIXokkO0W650Dmp2DpJ5D8F7L0eB1xdLhplYbkxVS9lCVkWEKJEah1kFWfdJCFDrLEQcTPa7TdDV23EwZhs%2Bm3GGPNJmNt%2Fwpv82bLD11krKI3QpqMwNQIzOwjMfvoyxFM9gPsTgHLHdh0QpwP9jHgBXJBkFuCnBLkkiBPCfJBccSVbdjiLlc2C7xZbcxqsxjrtHdAj3TaEzE5SC7Is1Nffi9fQF%2Bc18J2x2u1%2FI644rY7Xd8PPN7w3VbohX4oQpfBygLSXppK3auOtPIjEjkh5M83ENBTWHUKJi%2BDZh5oPu40XNCdcct3sRd%2FzZRkfRuq3TrTEbgukKSLSHedA3VBXpwSubxwAcHOrt17%2BeT%2F3it%2FgJkCiSnwkfyJoKfujK%2FrnBxe17kl9zeTVEZyj1bHu5HSVCzce0%2Fs5trwtRU7%2BvItVgFVe3JT2HSdxlzGPUu%2BWpacC7OqDRPkuzW7LYKtzO4sZybOkvWtt1fXosQIa6WOS1D5cPNvMDkhix9%2FP32Wz%2Fx8G9KUMFmBKDsjs4DUp2DJPmwyZ281gVHznSC5hDwrxqYRzH8qSaDEfKZBAfuvOZj3B%2FYOemYBNL2FOCowMAUGqgBVI9jsqXGamLNrDz6v4gsEamEcKLNwGCijPq2s%2FW3qb5UewcrzWttrCT%2FwO4zzQDDudRpNv%2Bm6Dc5bna7wukjthI1eGv0DAAD%2F%2FwEAAP%2F%2Fm1XEwXgEAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uQHP%2FSiIoLiYdiDKOikez52etzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtGFZY8DXtRT55lkg2sU9w9QtONlCQo7F8lhI3jz4kVYPErPDoy%2B0O9HP%2B%2FheZ63bh9kF8RFRs%2B33td7Uim61K67tVe3Zcx1bmsbN2ueW3ev1rZlfKV1tTaskhm86bntuvta7V3B%2Bnqp4Xqu67lebVUaEerh0hSFTE66Xr3r1luNutduYWj%2BO9vMgaUO%2BOCCPAfJJ%2F%2FbeXAfkpWIo29XhO2nOnn9nShTNNUGA378YdyPdR4jmrehcRDGx7NtaDsh5LNL0PHxTAH04LBSgEBOiPOrhyA%2BntFEMDh6wjRQEDEC%2FjTyQQmhSkhagulbkPwhARjHxibi6O6GNjndfYLSCp2Qxcd%2FQeYTsvjoecTRN8tKDms3tMpSqWOLYVhADkvIXokkO0W650Dmp2DpJ5D8F7L0eB1xdLhplYbkxVS9lCVkWEKJEah1kFWfdJCFDrLEQcTPa7TdDV23EwZhs%2Bm3GGPNJmNt%2Fwpv82bLD11krKI3QpqMwNQIzOwjMfvoyxFM9gPsTgHLHdh0QpwP9jHgBXJBkFuCnBLkkiBPCfJBccSVbdjiLlc2C7xZbcxqsxjrtHdAj3TaEzE5SC7Is1Nffi9fQF%2Bc18J2x2u1%2FI644rY7Xd8PPN7w3VbohX4oQpfBygLSXppK3auOtPIjEjkh5M83ENBTWHUKJi%2BDZh5oPu40XNCdcct3sRd%2FzZRkfRuq3TrTEbgukKSLSHedA3VBXpwSubxwAcHOrt17%2BeT%2F3it%2FgJkCiSnwkfyJoKfujK%2FrnBxe17kl9zeTVEZyj1bHu5HSVCzce0%2Fs5trwtRU7%2BvItVgFVe3JT2HSdxlzGPUu%2BWpacC7OqDRPkuzW7LYKtzO4sZybOkvWtt1fXosQIa6WOS1D5cPNvMDkhix9%2FP32Wz%2Fx8G9KUMFmBKDsjs4DUp2DJPmwyZ281gVHznSC5hDwrxqYRzH8qSaDEfKZBAfuvOZj3B%2FYOemYBNL2FOCowMAUGqgBVI9jsqXGamLNrDz6v4gsEamEcKLNwGCijPq2s%2FW3qb5UewcrzWttrCT%2FwO4zzQDDudRpNv%2Bm6Dc5bna7wukjthI1eGv0DAAD%2F%2FwEAAP%2F%2Fm1XEwXgEAAA%3D IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uQHP%2FSiIoLiYdiDKOikez52etzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtGFZY8DXtRT55lkg2sU9w9QtONlCQo7F8lhI3jz4kVYPErPDoy%2B0O9HP%2B%2FheZ63bh9kF8RFRs%2B33td7Uim61K67tVe3Zcx1bmsbN2ueW3ev1rZlfKV1tTaskhm86bntuvta7V3B%2Bnqp4Xqu67lebVUaEerh0hSFTE66Xr3r1luNutduYWj%2BO9vMgaUO%2BOCCPAfJJ%2F%2FbeXAfkpWIo29XhO2nOnn9nShTNNUGA378YdyPdR4jmrehcRDGx7NtaDsh5LNL0PHxTAH04LBSgEBOiPOrhyA%2BntFEMDh6wjRQEDEC%2FjTyQQmhSkhagulbkPwhARjHxibi6O6GNjndfYLSCp2Qxcd%2FQeYTsvjoecTRN8tKDms3tMpSqWOLYVhADkvIXokkO0W650Dmp2DpJ5D8F7L0eB1xdLhplYbkxVS9lCVkWEKJEah1kFWfdJCFDrLEQcTPa7TdDV23EwZhs%2Bm3GGPNJmNt%2Fwpv82bLD11krKI3QpqMwNQIzOwjMfvoyxFM9gPsTgHLHdh0QpwP9jHgBXJBkFuCnBLkkiBPCfJBccSVbdjiLlc2C7xZbcxqsxjrtHdAj3TaEzE5SC7Is1Nffi9fQF%2Bc18J2x2u1%2FI644rY7Xd8PPN7w3VbohX4oQpfBygLSXppK3auOtPIjEjkh5M83ENBTWHUKJi%2BDZh5oPu40XNCdcct3sRd%2FzZRkfRuq3TrTEbgukKSLSHedA3VBXpwSubxwAcHOrt17%2BeT%2F3it%2FgJkCiSnwkfyJoKfujK%2FrnBxe17kl9zeTVEZyj1bHu5HSVCzce0%2Fs5trwtRU7%2BvItVgFVe3JT2HSdxlzGPUu%2BWpacC7OqDRPkuzW7LYKtzO4sZybOkvWtt1fXosQIa6WOS1D5cPNvMDkhix9%2FP32Wz%2Fx8G9KUMFmBKDsjs4DUp2DJPmwyZ281gVHznSC5hDwrxqYRzH8qSaDEfKZBAfuvOZj3B%2FYOemYBNL2FOCowMAUGqgBVI9jsqXGamLNrDz6v4gsEamEcKLNwGCijPq2s%2FW3qb5UewcrzWttrCT%2FwO4zzQDDudRpNv%2Bm6Dc5bna7wukjthI1eGv0DAAD%2F%2FwEAAP%2F%2Fm1XEwXgEAAA%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=14860800; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 04:46:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec437f6dff0bdd4346d2b1ee3d430d57
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3skPfuhFRQTFw7AHUdBJ93xketzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtFF2eOAF%2FXUeSbZ4BrF%2FQMUnXhZgsLORXLYCN68eBEWj9KTgdEX%2Bv3o5z08z%2FPWJwfZBXGR0fOtd%2FWeVIoutmpu9eVtGXOd2%2BrGrarn1txr1W0ZLzWvVQdlMv3XPbdVc1%2Bpvi1YTy%2FWXc91PderrkojQj1YnKKQyUnHq3XcWrNe81pNDMx%2FZ5s5sNQB71%2BQZyD55H87D%2B5DsjHi6NsVYXupTl59K8oUTbVBnx%2B%2FH%2FdinceI5m1oHITx8Wwb2k4I%2BewKdHw8UwDdPywVIJAT4vzqIYiPZzQR9I8umQYKIkbAn0TeH0OoMSQdg%2BnbkPwhARjHxibi6O6GNjndvURpiU7IwuO%2FIPMJWXj0LOLom2UlB9WbWmWp1LHFICwgB2PI7hhJdop0z4HMT8HSjyD5L2Tx8Tri6HDTKg3Ji6l6KceQ4RhKDEGtg6z8pIMsdJAlDiJ%2BXqWtTui67TAIGw2%2FyRhrNBhr%2BUu8xRtNP3SRsZLeEGkyBFNDMLOPxOyjJ4cw2Q%2BwOwUsd2DTCXHe20efF8gFQW4JckqQS4I8Jcj7xRFXtm6Lu1zZLPBmtT6rjWKk0%2B4BPdJpV8TkILkgT099%2BX38HHrivBq22l6z6bfFkttqd3w%2F8Hjdd5uhF%2FqhCF0GKwtIe2Uqda880sqPSOSEkD9fQ0BPYdUpmLwKmnmg%2Bahdd0F3Rk3fxV78NVOS9WyodmtMR%2BC6QJIuIN11DtQFeX5K5GrlEQQ7u37vxZP%2Fey%2F9AWYKJKbAB%2FIngq66M7qhc3J4Q%2BeW3N9MUhnJPVoe72ZKU1G5947YzbXhayt2%2BOUbrATK9uSWsOk6jbmMu5Z8tSw5F2ZVGybId2t2WwRbmd1ZzkycJetbb66uRYkR1kodj0Hlw82%2FweSELHz4%2FfRZPvXzx5BmDJMViLIzMgtIfQqW7MMmc%2FZWExg13wmSCvKsGJl6MP%2BpJIES85kGBey%2F5mDeH9g76JoKaHobcVSgbwr0VQGqhrDZE6M0MWfXH3xexhcIVGUUKFM5DJRRn5bW%2Flami0uTrTyvtrym8AO%2FzTgPBONeu97wG65b57zZ7givg9RO2PCF4T8AAAD%2F%2FwEAAP%2F%2FsmIyjXgEAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3skPfuhFRQTFw7AHUdBJ93xketzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtFF2eOAF%2FXUeSbZ4BrF%2FQMUnXhZgsLORXLYCN68eBEWj9KTgdEX%2Bv3o5z08z%2FPWJwfZBXGR0fOtd%2FWeVIoutmpu9eVtGXOd2%2BrGrarn1txr1W0ZLzWvVQdlMv3XPbdVc1%2Bpvi1YTy%2FWXc91PderrkojQj1YnKKQyUnHq3XcWrNe81pNDMx%2FZ5s5sNQB71%2BQZyD55H87D%2B5DsjHi6NsVYXupTl59K8oUTbVBnx%2B%2FH%2FdinceI5m1oHITx8Wwb2k4I%2BewKdHw8UwDdPywVIJAT4vzqIYiPZzQR9I8umQYKIkbAn0TeH0OoMSQdg%2BnbkPwhARjHxibi6O6GNjndvURpiU7IwuO%2FIPMJWXj0LOLom2UlB9WbWmWp1LHFICwgB2PI7hhJdop0z4HMT8HSjyD5L2Tx8Tri6HDTKg3Ji6l6KceQ4RhKDEGtg6z8pIMsdJAlDiJ%2BXqWtTui67TAIGw2%2FyRhrNBhr%2BUu8xRtNP3SRsZLeEGkyBFNDMLOPxOyjJ4cw2Q%2BwOwUsd2DTCXHe20efF8gFQW4JckqQS4I8Jcj7xRFXtm6Lu1zZLPBmtT6rjWKk0%2B4BPdJpV8TkILkgT099%2BX38HHrivBq22l6z6bfFkttqd3w%2F8Hjdd5uhF%2FqhCF0GKwtIe2Uqda880sqPSOSEkD9fQ0BPYdUpmLwKmnmg%2Bahdd0F3Rk3fxV78NVOS9WyodmtMR%2BC6QJIuIN11DtQFeX5K5GrlEQQ7u37vxZP%2Fey%2F9AWYKJKbAB%2FIngq66M7qhc3J4Q%2BeW3N9MUhnJPVoe72ZKU1G5947YzbXhayt2%2BOUbrATK9uSWsOk6jbmMu5Z8tSw5F2ZVGybId2t2WwRbmd1ZzkycJetbb66uRYkR1kodj0Hlw82%2FweSELHz4%2FfRZPvXzx5BmDJMViLIzMgtIfQqW7MMmc%2FZWExg13wmSCvKsGJl6MP%2BpJIES85kGBey%2F5mDeH9g76JoKaHobcVSgbwr0VQGqhrDZE6M0MWfXH3xexhcIVGUUKFM5DJRRn5bW%2Flami0uTrTyvtrym8AO%2FzTgPBONeu97wG65b57zZ7givg9RO2PCF4T8AAAD%2F%2FwEAAP%2F%2FsmIyjXgEAAA%3D IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3skPfuhFRQTFw7AHUdBJ93xketzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtFF2eOAF%2FXUeSbZ4BrF%2FQMUnXhZgsLORXLYCN68eBEWj9KTgdEX%2Bv3o5z08z%2FPWJwfZBXGR0fOtd%2FWeVIoutmpu9eVtGXOd2%2BrGrarn1txr1W0ZLzWvVQdlMv3XPbdVc1%2Bpvi1YTy%2FWXc91PderrkojQj1YnKKQyUnHq3XcWrNe81pNDMx%2FZ5s5sNQB71%2BQZyD55H87D%2B5DsjHi6NsVYXupTl59K8oUTbVBnx%2B%2FH%2FdinceI5m1oHITx8Wwb2k4I%2BewKdHw8UwDdPywVIJAT4vzqIYiPZzQR9I8umQYKIkbAn0TeH0OoMSQdg%2BnbkPwhARjHxibi6O6GNjndvURpiU7IwuO%2FIPMJWXj0LOLom2UlB9WbWmWp1LHFICwgB2PI7hhJdop0z4HMT8HSjyD5L2Tx8Tri6HDTKg3Ji6l6KceQ4RhKDEGtg6z8pIMsdJAlDiJ%2BXqWtTui67TAIGw2%2FyRhrNBhr%2BUu8xRtNP3SRsZLeEGkyBFNDMLOPxOyjJ4cw2Q%2BwOwUsd2DTCXHe20efF8gFQW4JckqQS4I8Jcj7xRFXtm6Lu1zZLPBmtT6rjWKk0%2B4BPdJpV8TkILkgT099%2BX38HHrivBq22l6z6bfFkttqd3w%2F8Hjdd5uhF%2FqhCF0GKwtIe2Uqda880sqPSOSEkD9fQ0BPYdUpmLwKmnmg%2Bahdd0F3Rk3fxV78NVOS9WyodmtMR%2BC6QJIuIN11DtQFeX5K5GrlEQQ7u37vxZP%2Fey%2F9AWYKJKbAB%2FIngq66M7qhc3J4Q%2BeW3N9MUhnJPVoe72ZKU1G5947YzbXhayt2%2BOUbrATK9uSWsOk6jbmMu5Z8tSw5F2ZVGybId2t2WwRbmd1ZzkycJetbb66uRYkR1kodj0Hlw82%2FweSELHz4%2FfRZPvXzx5BmDJMViLIzMgtIfQqW7MMmc%2FZWExg13wmSCvKsGJl6MP%2BpJIES85kGBey%2F5mDeH9g76JoKaHobcVSgbwr0VQGqhrDZE6M0MWfXH3xexhcIVGUUKFM5DJRRn5bW%2Flami0uTrTyvtrym8AO%2FzTgPBONeu97wG65b57zZ7givg9RO2PCF4T8AAAD%2F%2FwEAAP%2F%2FsmIyjXgEAAA%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=14860800; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 04:46:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e848e132a4361b48b4b506a7a1b0e241
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3skPfuhFRQTFw7AHUdBJ93xkZtzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtFF2eOAF%2FXUeSbZ4BrF%2FQMU7XhZgsLORXLYCN68eBEWj9KTgdEX%2Bv3o5z08z%2FPWJwfpBXGR0vOtd%2FWeVIoutmpu9eVtGXGd2erGrarn1txr1W0ZLTWvVYdlMoPXPbdVc1%2Bpvi1YXy%2FWXc91PderrkojAj1cnKKQ8UnXq3XdWrNe81pNDM1%2FZ5s6sNQBH1yQZyD55H87D%2B5DsgJR%2BO2KsP1Ex6%2B%2BFaaKJtpgwI%2Ffj%2FqRziKE8zYwDoLoeLYNbSeEfHYFOjqeKYAeHJYK4MsJcX714EfHM5rwB0eXTH0FEcHnTyIbFBCqgKQFmL4NyR8SgHFsbCIK725ok9HdS5SW6IQsPP4LMpuQhUfPIgq%2FWVZyWL2pVZpIHVkMgxxyWED2CsTpKZI9BzI7BUs%2BguS%2FkMXH64jCw02rNCTPp%2BqlLCCDAkqMQK2DtPykgzRwkMYOQn5epa1u4LrtwA8ajU6TMdZoMNbqLPEWbzQ7gYuUlfRGSOIRmBqBmX3EZh99OYJJf4DdyWG5A5tMiPPePgY8RyYIMkuQUYJMEmQJQTbIj7iydZvf5cqmvjer9Vlt5GOd9A7okU56IiIH8QV5eurL78Vz6IvzatBqe81mpy2W3Fa72%2Bn4Hq933GbgBZ1ABC6DlTmkvTKVulceaeVHxHJCyJ%2BvwaensOoUTF4FTT3QbNyuu6A742bHxV70NVOS9W2gdmtMh%2BA6R5wsINl1DtQFeX5K5GrlEQQ7u37vxZP%2Fey%2F9AWZyxCbHB%2FIngp66M76hM3J4Q2eW3N%2BMExnKPVoe72ZCE1G5947YzbThayt29OUbrATK9uSWsMk6jbiMepZ8tSw5F2ZVGybId2t2W%2Fhbqd1ZTk2Uxutbb66uhbER1kodFaDy4ebfYHJCFj78fvosn%2Fr5Y0hTwKQ5wvSMzAJSn4LF%2B7DxnL3VBEbNd%2Fy4gizNx6buz38qSaDEfKZ%2BDvuv2Z%2F3B%2FYOeqYCmtxGFOYYmBwDlYOqEWz6xDiJzdn1B5%2BX8QV8VRn7ylQOfWXUp6W1v5Xp4tJkK8%2BrohW4gXDrwg%2B6ftCmLu8Gza5Pu55o%2By3qIbETNnph9A8AAAD%2F%2FwEAAP%2F%2Fpmq8a3gEAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3skPfuhFRQTFw7AHUdBJ93xkZtzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtFF2eOAF%2FXUeSbZ4BrF%2FQMU7XhZgsLORXLYCN68eBEWj9KTgdEX%2Bv3o5z08z%2FPWJwfpBXGR0vOtd%2FWeVIoutmpu9eVtGXGd2erGrarn1txr1W0ZLTWvVYdlMoPXPbdVc1%2Bpvi1YXy%2FWXc91PderrkojAj1cnKKQ8UnXq3XdWrNe81pNDM1%2FZ5s6sNQBH1yQZyD55H87D%2B5DsgJR%2BO2KsP1Ex6%2B%2BFaaKJtpgwI%2Ffj%2FqRziKE8zYwDoLoeLYNbSeEfHYFOjqeKYAeHJYK4MsJcX714EfHM5rwB0eXTH0FEcHnTyIbFBCqgKQFmL4NyR8SgHFsbCIK725ok9HdS5SW6IQsPP4LMpuQhUfPIgq%2FWVZyWL2pVZpIHVkMgxxyWED2CsTpKZI9BzI7BUs%2BguS%2FkMXH64jCw02rNCTPp%2BqlLCCDAkqMQK2DtPykgzRwkMYOQn5epa1u4LrtwA8ajU6TMdZoMNbqLPEWbzQ7gYuUlfRGSOIRmBqBmX3EZh99OYJJf4DdyWG5A5tMiPPePgY8RyYIMkuQUYJMEmQJQTbIj7iydZvf5cqmvjer9Vlt5GOd9A7okU56IiIH8QV5eurL78Vz6IvzatBqe81mpy2W3Fa72%2Bn4Hq933GbgBZ1ABC6DlTmkvTKVulceaeVHxHJCyJ%2BvwaensOoUTF4FTT3QbNyuu6A742bHxV70NVOS9W2gdmtMh%2BA6R5wsINl1DtQFeX5K5GrlEQQ7u37vxZP%2Fey%2F9AWZyxCbHB%2FIngp66M76hM3J4Q2eW3N%2BMExnKPVoe72ZCE1G5947YzbThayt29OUbrATK9uSWsMk6jbiMepZ8tSw5F2ZVGybId2t2W%2Fhbqd1ZTk2Uxutbb66uhbER1kodFaDy4ebfYHJCFj78fvosn%2Fr5Y0hTwKQ5wvSMzAJSn4LF%2B7DxnL3VBEbNd%2Fy4gizNx6buz38qSaDEfKZ%2BDvuv2Z%2F3B%2FYOeqYCmtxGFOYYmBwDlYOqEWz6xDiJzdn1B5%2BX8QV8VRn7ylQOfWXUp6W1v5Xp4tJkK8%2BrohW4gXDrwg%2B6ftCmLu8Gza5Pu55o%2By3qIbETNnph9A8AAAD%2F%2FwEAAP%2F%2Fpmq8a3gEAAA%3D IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3skPfuhFRQTFw7AHUdBJ93xkZtzDYoyRYEzi7krO1VXVk3Kqu5qq7ulJTtFF2eOAF%2FXUeSbZ4BrF%2FQMU7XhZgsLORXLYCN68eBEWj9KTgdEX%2Bv3o5z08z%2FPWJwfpBXGR0vOtd%2FWeVIoutmpu9eVtGXGd2erGrarn1txr1W0ZLTWvVYdlMoPXPbdVc1%2Bpvi1YXy%2FWXc91PderrkojAj1cnKKQ8UnXq3XdWrNe81pNDM1%2FZ5s6sNQBH1yQZyD55H87D%2B5DsgJR%2BO2KsP1Ex6%2B%2BFaaKJtpgwI%2Ffj%2FqRziKE8zYwDoLoeLYNbSeEfHYFOjqeKYAeHJYK4MsJcX714EfHM5rwB0eXTH0FEcHnTyIbFBCqgKQFmL4NyR8SgHFsbCIK725ok9HdS5SW6IQsPP4LMpuQhUfPIgq%2FWVZyWL2pVZpIHVkMgxxyWED2CsTpKZI9BzI7BUs%2BguS%2FkMXH64jCw02rNCTPp%2BqlLCCDAkqMQK2DtPykgzRwkMYOQn5epa1u4LrtwA8ajU6TMdZoMNbqLPEWbzQ7gYuUlfRGSOIRmBqBmX3EZh99OYJJf4DdyWG5A5tMiPPePgY8RyYIMkuQUYJMEmQJQTbIj7iydZvf5cqmvjer9Vlt5GOd9A7okU56IiIH8QV5eurL78Vz6IvzatBqe81mpy2W3Fa72%2Bn4Hq933GbgBZ1ABC6DlTmkvTKVulceaeVHxHJCyJ%2BvwaensOoUTF4FTT3QbNyuu6A742bHxV70NVOS9W2gdmtMh%2BA6R5wsINl1DtQFeX5K5GrlEQQ7u37vxZP%2Fey%2F9AWZyxCbHB%2FIngp66M76hM3J4Q2eW3N%2BMExnKPVoe72ZCE1G5947YzbThayt29OUbrATK9uSWsMk6jbiMepZ8tSw5F2ZVGybId2t2W%2Fhbqd1ZTk2Uxutbb66uhbER1kodFaDy4ebfYHJCFj78fvosn%2Fr5Y0hTwKQ5wvSMzAJSn4LF%2B7DxnL3VBEbNd%2Fy4gizNx6buz38qSaDEfKZ%2BDvuv2Z%2F3B%2FYOeqYCmtxGFOYYmBwDlYOqEWz6xDiJzdn1B5%2BX8QV8VRn7ylQOfWXUp6W1v5Xp4tJkK8%2BrohW4gXDrwg%2B6ftCmLu8Gza5Pu55o%2By3qIbETNnph9A8AAAD%2F%2FwEAAP%2F%2Fpmq8a3gEAAA%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=14860800; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 04:46:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cf7c081eae05357c7540d92dfbc64094
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| clergymanwonderful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Findex.html&l=1300&fd=131 | 173.233.137.52 | 200 OK | 0 B |
URL HTTP/1.1clergymanwonderful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Findex.html&l=1300&fd=131 IP173.233.137.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Findex.html&l=1300&fd=131 HTTP/1.1
Host: clergymanwonderful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=ab65abb8-fdff-450c-ab8c-ffcc7e30133a:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34aa847f855cc91a3510c99f05af9a65=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html | 45.133.44.4 | 200 OK | 792 B |
URL HTTP/2cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html IP45.133.44.4:0 ASN#39572 DataWeb Global Group B.V.
Hashcd5a5a1a545520afee77144f870298f7 4674dd9beb1e0b116d7341344a301b0ad97909a8 3e76bfdb8443390191b070f5e38b2c2b993c837d17f06c73246551a0ca486dbd
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sb/notifications/games/nutaku/multi/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:09 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 15 Sep 2022 10:38:26 GMT
etag: W/"632300a2-514"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 07 Dec 2022 05:46:09 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf487c9656e04f6341613a2e7b770e964 b210ca7b9fc103cc101e2c05e93a5c0c3ff7f3a4 be0f18f3be762c53367f17301b85bcf92f94f7be506495fc0e31419516a8f420
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BE0F18F3BE762C53367F17301B85BCF92F94F7BE506495FC0E31419516A8F420"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6760
Expires: Wed, 07 Dec 2022 06:38:49 GMT
Date: Wed, 07 Dec 2022 04:46:09 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png | 172.64.109.13 | 200 OK | 322 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png IP172.64.109.13:0
File typePNG image data, 729 x 331, 8-bit/color RGBA, non-interlaced\012- data Size322 kB (322399 bytes) Hash47b7ae41a98644de6d46d58a0e51a793 b0f736609af3c0b3214ee52cc9f0798dcc972df6 b2ad5bf8fc066203168fbceb53b7df6012e8897be344b240e94105af1b4ba0f2
GET /sb/notifications/games/nutaku/multi/2/img/girls.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:09 GMT
content-type: image/png
content-length: 322399
last-modified: Wed, 07 Sep 2022 14:37:32 GMT
etag: "6318acac-4eb5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1868049
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lsxr4vBmhsxiPJBawTV3OZw%2FDKpgOEUGDM4%2BOY6pkbhWgGnJgr9NGa%2BYqxkDo%2BsDk9j4Ybx2y2pj9h2Mg6M6IJe8KroifmBQpWB064qEllNJwznUiHgcWORjxhzLnRujRchSKsgdHj9E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a9dac8a777744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf487c9656e04f6341613a2e7b770e964 b210ca7b9fc103cc101e2c05e93a5c0c3ff7f3a4 be0f18f3be762c53367f17301b85bcf92f94f7be506495fc0e31419516a8f420
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BE0F18F3BE762C53367F17301B85BCF92F94F7BE506495FC0E31419516A8F420"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6760
Expires: Wed, 07 Dec 2022 06:38:49 GMT
Date: Wed, 07 Dec 2022 04:46:09 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/close.svg | 172.64.109.13 | 200 OK | 450 B |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/close.svg IP172.64.109.13:0
File typeSVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text Hash20b200a71d83324547cef782120461af 32fd245b10b4cf440810fba2c876c0f984d53f5d 19742dba4e8317ebbf15e14919f1738fe6aefd5463ead8efd599d9f9e6334e25
GET /sb/notifications/games/nutaku/multi/2/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:09 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Aug 2022 08:55:17 GMT
etag: W/"62fdfe75-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1868049
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVWFirfwa%2B7C9X1zFJtW9WEQjvp9MjJu9xg8RvWtsmHBlajKCP9DE6hUbBtRP1nMV%2Bl22pM0fM4S8zsaiTE3zZg9U3q6skSP6TrcBLpnsiGd3GLA9iEjtrCsCZVC6AbiIzK%2Bb9Zh5Zve"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a9dac7a707744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/jquery.min.js | 172.64.109.13 | 200 OK | 36 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/jquery.min.js IP172.64.109.13:0
File typeASCII text, with very long lines (65451) Hash1a537f8c06c3e84ec02985d5c7ab78a3 5bee2c500f1e77e624f8872599c9f34afac6b579 07e585c53a8f46e97455d8a7976dc409255f5cefedc2c60125b1154d4e1f80d5
GET /sb/notifications/games/nutaku/multi/2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:09 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 08:55:27 GMT
etag: W/"62fdfe7f-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1868049
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydE3l1MJ3f4BZAmCBSMAhrFhDurja7pVhbMf5lCj6N9F9%2FViRjtkqOjU1oN8%2BySXlsm1isXtPKnLHHJvIhdfgGEJktrvCUP%2F8FU3XwIxEXk7l5RFZYrLvh1FvSujkr8JGDs0QYKbhYtu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a9dac6a647744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/styles.css | 172.64.109.13 | 200 OK | 2.5 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/styles.css IP172.64.109.13:0
Hashb9262070f55bd5fe315ba34f9dbf6654 33bc9c1a88a983c8128bb2bddf93b3953ac6aedd 2af94949a270b7aa150b7a3970a572e3946da32956651126bd916ae377eaa4bd
GET /sb/notifications/games/nutaku/multi/2/css/styles.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:09 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 08:03:32 GMT
etag: W/"632ac554-2c89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6lzKZkdOtBpIZQQT2gz0MlbbX8dgsf%2FxVcmjb3zib7hEOtC2hF8jHr2d39MoTIOEHhHmNj3zb35g9E6WtwmxEj6UCgJZFrifw73eoGfyfe1jpqcAkPF7dOK3AtqAoqUF7rOl7Re3GX5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a9dac0bba8e24-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css | 172.64.109.13 | 200 OK | 4.8 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css IP172.64.109.13:0
Hasha1e0c3fec3ae7db782391308519136d2 3c645f3af121f9863d567debc2b6479509601b8a 5f12d4e75dddee9f4328674348e3b83a7a805ea87c587e4839cd86a40a6796a5
GET /sb/notifications/games/nutaku/multi/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:09 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 10:38:28 GMT
etag: W/"632300a4-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJa%2FKGYo9qxWu3wB4xWhvT1aVgbg%2BcPdl7QYhMInRoV9COWQaZKddwkgKthE029udi%2BUyJjzWCMV98PVBQgm4j%2B8AErTGWKJYtR%2BTinZ9icaJZ6StQxwuEq8tyGSoxOYLejOoBPS9HXe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a9dabfbb88e24-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash81a7e0ed8b45460991a7d9b719423d48 fa4824b64d5484b955cecebbeea06710ced4fba5 2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-110155808-1&cid=590305785.1670388368&jid=787161558&gjid=1041978404&_gid=1978423509.1670388368&_u=YADAAEAAAAAAACAAI~&z=606404602 | 173.194.222.157 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-110155808-1&cid=590305785.1670388368&jid=787161558&gjid=1041978404&_gid=1978423509.1670388368&_u=YADAAEAAAAAAACAAI~&z=606404602 IP173.194.222.157:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-110155808-1&cid=590305785.1670388368&jid=787161558&gjid=1041978404&_gid=1978423509.1670388368&_u=YADAAEAAAAAAACAAI~&z=606404602 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://enit.in
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 04:46:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash81a7e0ed8b45460991a7d9b719423d48 fa4824b64d5484b955cecebbeea06710ced4fba5 2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash0fa282ae07239f0cf04503485877d681 631aa2fff49d29c46341db6540d25917b3626ef5 9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash9084a518c70ad57bb3226fb519b648fd 79348ebe6f5900a035d4d65e08a7409fd9708f15 f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=590305785.1670388368&jid=787161558&_u=YADAAEAAAAAAACAAI~&z=2041201583 | 142.250.74.67 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=590305785.1670388368&jid=787161558&_u=YADAAEAAAAAAACAAI~&z=2041201583 IP142.250.74.67:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=590305785.1670388368&jid=787161558&_u=YADAAEAAAAAAACAAI~&z=2041201583 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 04:46:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=590305785.1670388368&jid=787161558&_u=YADAAEAAAAAAACAAI~&z=2041201583 | 142.250.74.164 | 200 OK | 42 B |
URL HTTP/2www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=590305785.1670388368&jid=787161558&_u=YADAAEAAAAAAACAAI~&z=2041201583 IP142.250.74.164:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=590305785.1670388368&jid=787161558&_u=YADAAEAAAAAAACAAI~&z=2041201583 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 04:46:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash0fa282ae07239f0cf04503485877d681 631aa2fff49d29c46341db6540d25917b3626ef5 9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2 | 172.64.109.13 | 200 OK | 7.7 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2 IP172.64.109.13:0
File typeWeb Open Font Format (Version 2), TrueType, length 7664, version 1.0\012- data Hashe41b02c342b94148fdd5e14fb41dcb4a 9d8415fc8df42aa67fa5a6d15d07f58265535cc0 d857f01d0c6fd46a16bf82acf8f6f76e7710524972ef7f88a926a0d97cadca0b
GET /sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://enit.in
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:10 GMT
content-type: application/octet-stream
content-length: 7664
last-modified: Thu, 15 Sep 2022 10:33:29 GMT
etag: "6322ff79-1df0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 661158
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igNMeVfv7C8w2Zu25z34%2BRh%2FTHaJfG1miZouJP4y4UVRs6i2u%2FhJSAhzbTkrFRVxuTl0YM6zxbaKTqKhrLBh7STI5J2hVpMUjNqa0JZ3oXy1oMexOWJXgmeN5ceS1j%2BoeoKgXd0lt45l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a9db1ad638e24-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashcd6dabd083ee1c237c8ea3ba38cc48d5 bbe4420bf1c0fe0d5621336865563418d2f16f39 c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| clergymanwonderful.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3p3f5ScIigcVlTl4UHAm3dPTmRn3EFxjJBiTsLuaq9VV1ZNyqruaqu7pSfAQXAh7nMWLx843yQZ1FfcPkNWJFwkIOwoSxfwFKoKwZ5nJQPAd6r1X3zt83%2Ffe%2FkF%2BTlzk9GzzXb0rlaILQd2tvrIlE64LW12%2FVfXcunutuiWTxea16mD6mP7rnhvU3VerbwvW0wsN13Ndz%2FWqK9KISA8WZihker%2Fj1Ttuvdmoe0ETA%2FPf3uYOLHXA%2B%2BfkaUg%2B%2Bd%2F2Dw8g2RhJ%2FPWysL1Mp6%2B9FeeKZtqgz4%2FfS3qJLhLEl2VkHETJ8Xwa2k4I%2BfQKdHI8VwDdP5wqQCgnxPnFQ5gcz2ki7B9dMA0VRIKQP4GiP4ZQY0g6BtO3IfkjAjCO9Q0k8b11bQq6c4HSKTohlcf%2FQBYTUvn9GSTxV9eVHFRvapVnUicWg6iEHIwhu2Ok%2BQmyXQeyOAHLPobkP5KFx2tI4sMNqzQkP3uZhosBDcN2LeJRVGsGLqvRsM1qUcRYS%2Fiu5%2Ft0ZpGUY8hoDCWGoPYqcusglw7yyEGeOoj5WZUGnch1W1EY%2BX67yRjzfcaC9iIPuN9sRy5yNtUwRJYOwdQQzOwhNXvoySFM%2Fi3sdgnLHdiMoM9LFIKgsAQFJSgkQZERFP3yiCvbsOU9rmweevPcmGe%2FHOmse0CPdNYVCTlIz8lTM%2BP%2BqNTQE2dVv0lpu9mK2kHAWMejfuC5rNOJ3IBGHboYwMoS0l4BtQ52p1tc%2Fg6pnBDyVw0hPYFVJ2DyBdD8RdBi1Gq4oNujZtvFbvIlU5L1bKR26kzH4LpEmlWQ7TgH6pw8NyPS%2BdlAsNOl82Dpoz%2FvboOZEqkp8aH8nqCr7oxu6IIc3tCFJQ820kzGcpdOt3szo5mofP6O2Cm04avLdvjZG2wKTMv7t4TN1mjCZdK15IvrknNhVrRhgnyzardEuJnb7eu5SfJ0bfPNldU4NcJaqZMxqHz0wUMwOSH%2Fj%2Fdnd%2FvSb%2FuQZgyTl4jzUzIPSH0Clu7BpqdLv9aefL%2Fy7CewmsCoy5kwdVDk5cg0wstPJQmUuOxpWMKKSwtCcfrw7wvswN5B1zig2W0kcYm%2BKdFXJagawuZXR1lqTpd%2B8meBUDmjUBnnMFRG3b2w1sqzauA1RTtstxjnoWDcazX8tu%2B6Dc6brY7wOsjshA2fH%2F4LAAD%2F%2FwEAAP%2F%2FVFJnDo8EAAA%3D | 173.233.137.52 | 200 OK | 7 B |
URL HTTP/1.1clergymanwonderful.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3p3f5ScIigcVlTl4UHAm3dPTmRn3EFxjJBiTsLuaq9VV1ZNyqruaqu7pSfAQXAh7nMWLx843yQZ1FfcPkNWJFwkIOwoSxfwFKoKwZ5nJQPAd6r1X3zt83%2Ffe%2FkF%2BTlzk9GzzXb0rlaILQd2tvrIlE64LW12%2FVfXcunutuiWTxea16mD6mP7rnhvU3VerbwvW0wsN13Ndz%2FWqK9KISA8WZihker%2Fj1Ttuvdmoe0ETA%2FPf3uYOLHXA%2B%2BfkaUg%2B%2Bd%2F2Dw8g2RhJ%2FPWysL1Mp6%2B9FeeKZtqgz4%2FfS3qJLhLEl2VkHETJ8Xwa2k4I%2BfQKdHI8VwDdP5wqQCgnxPnFQ5gcz2ki7B9dMA0VRIKQP4GiP4ZQY0g6BtO3IfkjAjCO9Q0k8b11bQq6c4HSKTohlcf%2FQBYTUvn9GSTxV9eVHFRvapVnUicWg6iEHIwhu2Ok%2BQmyXQeyOAHLPobkP5KFx2tI4sMNqzQkP3uZhosBDcN2LeJRVGsGLqvRsM1qUcRYS%2Fiu5%2Ft0ZpGUY8hoDCWGoPYqcusglw7yyEGeOoj5WZUGnch1W1EY%2BX67yRjzfcaC9iIPuN9sRy5yNtUwRJYOwdQQzOwhNXvoySFM%2Fi3sdgnLHdiMoM9LFIKgsAQFJSgkQZERFP3yiCvbsOU9rmweevPcmGe%2FHOmse0CPdNYVCTlIz8lTM%2BP%2BqNTQE2dVv0lpu9mK2kHAWMejfuC5rNOJ3IBGHboYwMoS0l4BtQ52p1tc%2Fg6pnBDyVw0hPYFVJ2DyBdD8RdBi1Gq4oNujZtvFbvIlU5L1bKR26kzH4LpEmlWQ7TgH6pw8NyPS%2BdlAsNOl82Dpoz%2FvboOZEqkp8aH8nqCr7oxu6IIc3tCFJQ820kzGcpdOt3szo5mofP6O2Cm04avLdvjZG2wKTMv7t4TN1mjCZdK15IvrknNhVrRhgnyzardEuJnb7eu5SfJ0bfPNldU4NcJaqZMxqHz0wUMwOSH%2Fj%2Fdnd%2FvSb%2FuQZgyTl4jzUzIPSH0Clu7BpqdLv9aefL%2Fy7CewmsCoy5kwdVDk5cg0wstPJQmUuOxpWMKKSwtCcfrw7wvswN5B1zig2W0kcYm%2BKdFXJagawuZXR1lqTpd%2B8meBUDmjUBnnMFRG3b2w1sqzauA1RTtstxjnoWDcazX8tu%2B6Dc6brY7wOsjshA2fH%2F4LAAD%2F%2FwEAAP%2F%2FVFJnDo8EAAA%3D IP173.233.137.52:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3p3f5ScIigcVlTl4UHAm3dPTmRn3EFxjJBiTsLuaq9VV1ZNyqruaqu7pSfAQXAh7nMWLx843yQZ1FfcPkNWJFwkIOwoSxfwFKoKwZ5nJQPAd6r1X3zt83%2Ffe%2FkF%2BTlzk9GzzXb0rlaILQd2tvrIlE64LW12%2FVfXcunutuiWTxea16mD6mP7rnhvU3VerbwvW0wsN13Ndz%2FWqK9KISA8WZihker%2Fj1Ttuvdmoe0ETA%2FPf3uYOLHXA%2B%2BfkaUg%2B%2Bd%2F2Dw8g2RhJ%2FPWysL1Mp6%2B9FeeKZtqgz4%2FfS3qJLhLEl2VkHETJ8Xwa2k4I%2BfQKdHI8VwDdP5wqQCgnxPnFQ5gcz2ki7B9dMA0VRIKQP4GiP4ZQY0g6BtO3IfkjAjCO9Q0k8b11bQq6c4HSKTohlcf%2FQBYTUvn9GSTxV9eVHFRvapVnUicWg6iEHIwhu2Ok%2BQmyXQeyOAHLPobkP5KFx2tI4sMNqzQkP3uZhosBDcN2LeJRVGsGLqvRsM1qUcRYS%2Fiu5%2Ft0ZpGUY8hoDCWGoPYqcusglw7yyEGeOoj5WZUGnch1W1EY%2BX67yRjzfcaC9iIPuN9sRy5yNtUwRJYOwdQQzOwhNXvoySFM%2Fi3sdgnLHdiMoM9LFIKgsAQFJSgkQZERFP3yiCvbsOU9rmweevPcmGe%2FHOmse0CPdNYVCTlIz8lTM%2BP%2BqNTQE2dVv0lpu9mK2kHAWMejfuC5rNOJ3IBGHboYwMoS0l4BtQ52p1tc%2Fg6pnBDyVw0hPYFVJ2DyBdD8RdBi1Gq4oNujZtvFbvIlU5L1bKR26kzH4LpEmlWQ7TgH6pw8NyPS%2BdlAsNOl82Dpoz%2FvboOZEqkp8aH8nqCr7oxu6IIc3tCFJQ820kzGcpdOt3szo5mofP6O2Cm04avLdvjZG2wKTMv7t4TN1mjCZdK15IvrknNhVrRhgnyzardEuJnb7eu5SfJ0bfPNldU4NcJaqZMxqHz0wUMwOSH%2Fj%2Fdnd%2FvSb%2FuQZgyTl4jzUzIPSH0Clu7BpqdLv9aefL%2Fy7CewmsCoy5kwdVDk5cg0wstPJQmUuOxpWMKKSwtCcfrw7wvswN5B1zig2W0kcYm%2BKdFXJagawuZXR1lqTpd%2B8meBUDmjUBnnMFRG3b2w1sqzauA1RTtstxjnoWDcazX8tu%2B6Dc6brY7wOsjshA2fH%2F4LAAD%2F%2FwEAAP%2F%2FVFJnDo8EAAA%3D HTTP/1.1
Host: clergymanwonderful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=ab65abb8-fdff-450c-ab8c-ffcc7e30133a:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34aa847f855cc91a3510c99f05af9a65=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca859f2048c15b9f768f1ac12d6dc8d8
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| clergymanwonderful.com/pixel/sbs?c=1 | 173.233.137.52 | 200 OK | 0 B |
URL HTTP/1.1clergymanwonderful.com/pixel/sbs?c=1 IP173.233.137.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: clergymanwonderful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=ab65abb8-fdff-450c-ab8c-ffcc7e30133a:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34aa847f855cc91a3510c99f05af9a65=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash932c342bdac10955a7a4526b617b265e f62040d987f22ab35fa2984e55ce26a78f91c6c0 30a223bb84e4f11a13a48b558f14b7721e0f9e2b029bc8be08e3a2d50ea92e89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "30A223BB84E4F11A13A48B558F14B7721E0F9E2B029BC8BE08E3A2D50EA92E89"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8999
Expires: Wed, 07 Dec 2022 07:16:09 GMT
Date: Wed, 07 Dec 2022 04:46:10 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/s/gts1p5/lPMK3rCZ68Y | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/lPMK3rCZ68Y IP216.58.211.3:0
Hash84e275f516f7654c7e8519c0c7881660 fc3ef9261546d04f62f675d33c6155de22486cbc 5dc9cae81ceaad9a1c87142bf54af2f3eb8a8715f35f85fe5cfe765fcbc66189
POST /s/gts1p5/lPMK3rCZ68Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.vlitag.com/abd/?id=20d313df53dcd38d64b77cc80046d519&detect=notfound | 104.22.58.199 | 404 Not Found | 16 B |
URL HTTP/2stats.vlitag.com/abd/?id=20d313df53dcd38d64b77cc80046d519&detect=notfound IP104.22.58.199:0
File typeASCII text, with no line terminators Hash1115f7a1093f138d54aef2fefb4b750d b3c623dd30ea8c0bfc35e00c382015cac36df6e5 210c99832d53c42821ce060195b55fbb5d1f7842513016adf1f32d808ed5ea64
GET /abd/?id=20d313df53dcd38d64b77cc80046d519&detect=notfound HTTP/1.1
Host: stats.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 07 Dec 2022 04:46:10 GMT
content-type: text/plain; charset=utf-8
content-length: 16
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 775a9db308cdb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=ac57fa35-d8cd-4822-adcd-bcf312bda969&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=250c944ba40284021e738ce5e5482313&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 | 192.243.61.225 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=ac57fa35-d8cd-4822-adcd-bcf312bda969&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=250c944ba40284021e738ce5e5482313&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=ac57fa35-d8cd-4822-adcd-bcf312bda969&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=250c944ba40284021e738ce5e5482313&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec741490f2d320e8eae4063dabe7ee7a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=ac57fa35-d8cd-4822-adcd-bcf312bda969&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=88cecd8375b0917a15dbebb389d2385f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 | 192.243.61.225 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=ac57fa35-d8cd-4822-adcd-bcf312bda969&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=88cecd8375b0917a15dbebb389d2385f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=ac57fa35-d8cd-4822-adcd-bcf312bda969&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=88cecd8375b0917a15dbebb389d2385f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7d2c47e499b1d5ed757967331d8fbe6f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=ac57fa35-d8cd-4822-adcd-bcf312bda969&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=34aa847f855cc91a3510c99f05af9a65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 | 192.243.61.225 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=ac57fa35-d8cd-4822-adcd-bcf312bda969&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=34aa847f855cc91a3510c99f05af9a65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=ac57fa35-d8cd-4822-adcd-bcf312bda969&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=34aa847f855cc91a3510c99f05af9a65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 04:46:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4f021b21312c253c7a32203b8ed1b869
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ocsp.pki.goog/s/gts1p5/lPMK3rCZ68Y | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/lPMK3rCZ68Y IP216.58.211.3:0
Hash84e275f516f7654c7e8519c0c7881660 fc3ef9261546d04f62f675d33c6155de22486cbc 5dc9cae81ceaad9a1c87142bf54af2f3eb8a8715f35f85fe5cfe765fcbc66189
POST /s/gts1p5/lPMK3rCZ68Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:46:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| taghaugh.com/5/5491932 | 139.45.197.237 | 200 OK | 0 B |
IP139.45.197.237:0
GET /5/5491932 HTTP/1.1
Host: taghaugh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 04:46:06 GMT
content-type: application/javascript
x-trace-id: f0a6f32ec66cfe42449af72873ba1404
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=ef7e531aabef4c97a41396da1903e9b3; expires=Thu, 07 Dec 2023 04:46:06 GMT; path=/; secure; SameSite=None
oaidts=1670388366; expires=Thu, 07 Dec 2023 04:46:06 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 104.21.84.149 | 200 OK | 0 B |
IP104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:07 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1094
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpFHCc0uVHznKXzz7VzeKoCRFFbn4aIqaRxoyaFA2ejfbvunobS8vHrFItkbbXBYy2bpAJ2dEwYlfY8cYGCTeSqmS97SaaDM2GJSirdM4Kly%2FusqCoDnWC8cFA4NOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a9da21c861c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | | | 0 B |
URL simplewebanalysis.com/stats IP:0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
|
| enit.in/TKy2tk9 | 104.21.5.183 | 200 OK | 0 B |
IP104.21.5.183:0
GET /TKy2tk9 HTTP/1.1
Host: enit.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:06 GMT
content-type: text/html; charset=UTF-8
set-cookie: refTKy2tk9=OGJjN2U0OWY1NzgyODcxMzdiMjljZTYxNDY3MDk1YWMzNTk2OTdhMWQ5ZGE3NzIxYWJjOTFhM2ExODI2NWI4MASjIZcTqeE5nVpOCuIMFiwdyYNGawRiH9XtsLJnWm0V; expires=Wed, 07-Dec-2022 04:51:06 GMT; Max-Age=300; path=/; HttpOnly; secure
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLK8YNpAJxIUBkUlEEBmr7ceaIRUsrt%2FFGNcWXkIwccc5YbuxVYLe%2FyGOrLD%2BVW%2BOih75hjup04o5%2BVrHvJcAGdQOdXs49J3DSFYdGb4HRkzzSzDPOmBmgHD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775a9d9898e0b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| js.hcaptcha.com/1/api.js | 104.16.169.131 | 200 OK | 0 B |
IP104.16.169.131:0
GET /1/api.js HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 04:46:06 GMT
content-type: application/javascript
cf-ray: 775a9d9cd999b51e-OSL
age: 0
cache-control: max-age=120
etag: W/"7d1663d2f7dac7d5e43b506d00d378b8"
last-modified: Wed, 30 Nov 2022 18:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: xqREJGCDXjEnJ0_BsYFfDKxKMpnBtXAJJYF94xaJJTWC3CXPwAZUhg==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| taghaugh.com/?rb=vL-pu9c19LIdaln4pLiesjjDtPl8wBIEpp1KFZHdlRcq8tudcrpOp1j552cjmSTxAUk3yBwBcwg5X-I-2GXwglvWyexLK04RFjwiJ9ZbdkSWTHrUY_QgAbC2b3Vojr9kI-lden2btvoT3g8Q5pJ7HHOojYfF716nLdVRZl89F2NaMiZnU5O8D-O4sgN53X05kzc9yAGMMxCgZIGTwSb7qhW7eDS7Jz90kHef5A%3D%3D&request_ab2=96001&zoneid=5491932&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fenit.in%2FTKy2tk9%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=b3e5e719-bc8d-422a-94eb-067d50a91ebd&userId=ef7e531aabef4c97a41396da1903e9b3&m=link | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2taghaugh.com/?rb=vL-pu9c19LIdaln4pLiesjjDtPl8wBIEpp1KFZHdlRcq8tudcrpOp1j552cjmSTxAUk3yBwBcwg5X-I-2GXwglvWyexLK04RFjwiJ9ZbdkSWTHrUY_QgAbC2b3Vojr9kI-lden2btvoT3g8Q5pJ7HHOojYfF716nLdVRZl89F2NaMiZnU5O8D-O4sgN53X05kzc9yAGMMxCgZIGTwSb7qhW7eDS7Jz90kHef5A%3D%3D&request_ab2=96001&zoneid=5491932&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fenit.in%2FTKy2tk9%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=b3e5e719-bc8d-422a-94eb-067d50a91ebd&userId=ef7e531aabef4c97a41396da1903e9b3&m=link IP139.45.197.237:0
GET /?rb=vL-pu9c19LIdaln4pLiesjjDtPl8wBIEpp1KFZHdlRcq8tudcrpOp1j552cjmSTxAUk3yBwBcwg5X-I-2GXwglvWyexLK04RFjwiJ9ZbdkSWTHrUY_QgAbC2b3Vojr9kI-lden2btvoT3g8Q5pJ7HHOojYfF716nLdVRZl89F2NaMiZnU5O8D-O4sgN53X05kzc9yAGMMxCgZIGTwSb7qhW7eDS7Jz90kHef5A%3D%3D&request_ab2=96001&zoneid=5491932&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fenit.in%2FTKy2tk9%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=b3e5e719-bc8d-422a-94eb-067d50a91ebd&userId=ef7e531aabef4c97a41396da1903e9b3&m=link HTTP/1.1
Host: taghaugh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enit.in/
Origin: https://enit.in
Connection: keep-alive
Cookie: OAID=ef7e531aabef4c97a41396da1903e9b3; oaidts=1670388366
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 04:46:07 GMT
content-type: application/json
x-trace-id: 84e0aec916de21a8850f8364e0f125e4
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ef7e531aabef4c97a41396da1903e9b3; expires=Thu, 07 Dec 2023 04:46:07 GMT; path=/; secure; SameSite=None
oaidts=1670388367; expires=Thu, 07 Dec 2023 04:46:07 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 14 Dec 2022 04:46:07 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|