Report - internetbitches.com/safiyaax-onlyfans-leaks-20-photos/

Report Overview

Submitted URL
internetbitches.com/safiyaax-onlyfans-leaks-20-photos/
IP
104.21.84.193
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-19 20:27:32
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.4 kB	93.184.220.29
pumpmulticultural.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	786 B	35 kB	192.243.59.20
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	352 B	954 B	104.21.235.2
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	774 B	824 B	3.64.106.196
secure.gravatar.com	1671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	1.9 kB	192.0.73.2
sagedeportflorist.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.8 kB	8.9 kB	173.233.137.52
op00.biz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	450 B	185.177.94.108
internetbitches.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	844 B	28 kB	104.21.84.193
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331 B	699 B	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	43 kB	142.250.74.72
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	21 kB	142.250.74.174
cdn.sb4you1.com	22321	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	80 kB	172.64.201.2
cdn.yourwebbars.com	62037	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	450 B	1.2 kB	104.26.6.19
creepingbrings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	352 B	24 kB	172.64.162.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	7.6 kB	143.204.55.27
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	9.8 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	12 kB	23.36.77.32
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	57 kB	54.187.71.185
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.9 kB	54.230.245.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-19	medium	pumpmulticultural.com	Sinkholed
2022-09-19	medium	pumpmulticultural.com	Sinkholed
2022-09-19	medium	sagedeportflorist.com	Sinkholed
2022-09-19	medium	sagedeportflorist.com	Sinkholed
2022-09-19	medium	sagedeportflorist.com	Sinkholed
2022-09-19	medium	sagedeportflorist.com	Sinkholed
2022-09-19	medium	sagedeportflorist.com	Sinkholed
2022-09-19	medium	sagedeportflorist.com	Sinkholed
2022-09-19	medium	sagedeportflorist.com	Sinkholed
2022-09-19	medium	op00.biz	Sinkholed

JavaScript (26)

	URL	Size	First Seen	Last Seen
	pumpmulticultural.com/70/b2/c8/70b2c8abb8cbd31b8aec0647f6833e97.js	59 kB	2023-03-07	2023-03-07
Pretty URL pumpmulticultural.com/70/b2/c8/70b2c8abb8cbd31b8aec0647f6833e97.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2023-03-07 21:23:30 Times Seen1 Hash 994901b04c29b526ca5739625f8c622c c3510d106b7e22bab0d3223bf001551395bed502 9d1ec7884c16cffa9f50de843ba7d3ccaf335e2a35c089d2bb8d7f3ba788f435 Loading...

	internetbitches.com/safiyaax-onlyfans-leaks-20-photos/	903 B	2023-03-07	2023-03-07
Pretty URL internetbitches.com/safiyaax-onlyfans-leaks-20-photos/ IP 104.21.84.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2023-03-07 21:23:30 Times Seen1 Hash 22d329ff99e1c8b35c402a56b26c7def d335e7b2846944ed3650627c4e19bccb78acfc8f 4b36713a2587532076526db3027fb4ff03c4d72e8e434bd141e51e64ae3731ec Loading...

	internetbitches.com/safiyaax-onlyfans-leaks-20-photos/	1.6 kB	2023-03-07	2024-04-24
Pretty URL internetbitches.com/safiyaax-onlyfans-leaks-20-photos/ IP 104.21.84.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2024-04-24 11:47:12 Times Seen430 Hash af517c60cbbb5f990ba770a6b67c9b87 76880952de5cbda84a4c13b1b86ca78fcc182cf6 f94b5ed9e299ee59517f87d3bcfb6c1497f18d4a3132aada42622fb10f9e9b4b Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-04-26
Pretty URL banquetunarmedgrater.com/advertisers.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 10:42:58 Times Seen37089992 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	internetbitches.com/safiyaax-onlyfans-leaks-20-photos/	2.2 kB	2023-03-07	2023-03-07
Pretty URL internetbitches.com/safiyaax-onlyfans-leaks-20-photos/ IP 104.21.84.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2023-03-07 21:23:30 Times Seen1 Hash 1c623253fc98e45fab2f3d9bfc7c5fe7 c7c8549693514bef947453f7dac4db6f6931c003 b34994551b08e01f0a381993a345dafd99ffc5cc1819981695b7659239f83599 Loading...

	internetbitches.com/safiyaax-onlyfans-leaks-20-photos/	1.2 kB	2023-03-07	2024-04-25
Pretty URL internetbitches.com/safiyaax-onlyfans-leaks-20-photos/ IP 104.21.84.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2024-04-25 19:45:24 Times Seen1911 Hash 54c76949376f478f54c57e967eaebc1b 2f63cb8b3b29b65452a31ed0710ee99986a2a73f c4ffc4c8c721af22615995bfc01a1c144763c14f7aead0f28cad9c164a7e639b Loading...

	internetbitches.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL internetbitches.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 10:10:59 Times Seen68662 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	internetbitches.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.0.3	3.0 kB	2023-03-07	2024-04-12
Pretty URL internetbitches.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.0.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:33 Last Seen2024-04-12 21:28:15 Times Seen1268 Hash 9e7d73d0e3b6c3e2a00ca8110ea3e771 e7841aee943e2dd70b6cdc1f353c77df69836065 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3 Loading...

	internetbitches.com/safiyaax-onlyfans-leaks-20-photos/	156 B	2023-03-07	2023-03-07
Pretty URL internetbitches.com/safiyaax-onlyfans-leaks-20-photos/ IP 104.21.84.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2023-03-07 21:23:30 Times Seen1 Hash 0d4682e5576f3d0ba50db50a00ae5680 d5150c465d59e693efae7e2a772f6d2e7aa29597 f4bcb7d001160a367a879368481e1611201af2530633971d876ee8e0f2fe6002 Loading...

	internetbitches.com/wp-content/themes/boombox/includes/authentication/assets/js/jquery.validate.min.js?ver=2.8.4	21 kB	2023-03-07	2024-01-26
Pretty URL internetbitches.com/wp-content/themes/boombox/includes/authentication/assets/js/jquery.validate.min.js?ver=2.8.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2024-01-26 11:18:50 Times Seen27 Hash 90f6db0ab607fc239a7b8bf09c4861ab 283b73770c47c82d54083f26ad60393e20506669 a81606eeea04bd88995082ee887a68b46920479622524f2e0fe283328d7ca336 Loading...

	pumpmulticultural.com/e5/9b/30/e59b308cc45af1573871b4206b888b72.js	37 kB	2023-03-07	2023-03-07
Pretty URL pumpmulticultural.com/e5/9b/30/e59b308cc45af1573871b4206b888b72.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2023-03-07 21:23:30 Times Seen1 Hash cb22e5edd5210a9f24337727dfa3f576 3b6a2bf89526773717c54a86033941479470292e 5a4c8cd87aab9b21ff4ec5933e7c8ec2c17875e15d719081aa0ed1fd6804b412 Loading...

	internetbitches.com/safiyaax-onlyfans-leaks-20-photos/	2.7 kB	2023-03-07	2023-03-07
Pretty URL internetbitches.com/safiyaax-onlyfans-leaks-20-photos/ IP 104.21.84.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2023-03-07 21:23:30 Times Seen1 Hash ed14a4b50c94833c3ac3a43767005665 ba8e52e99556aaff1955028f8e7e3886308254fb e0b38bbb0651695db16a367cdb2ddf89f53083a76a3bfb601b2b9f2f5a7c5d9f Loading...

	internetbitches.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.0	930 B	2023-03-07	2024-04-26
Pretty URL internetbitches.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:48 Last Seen2024-04-26 01:43:34 Times Seen543 Hash e42b7d4389637cf0a16424743f8f8da6 63e302a5ee4653a2cae19f3ba27ec6e9d218912a 73e19401707d030422213eacea81ed13ef140752da1382a534e2e52385425e02 Loading...

	internetbitches.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0	19 kB	2023-03-07	2024-04-26
Pretty URL internetbitches.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 01:56:03 Times Seen38055 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	internetbitches.com/safiyaax-onlyfans-leaks-20-photos/	256 B	2023-03-07	2024-01-31
Pretty URL internetbitches.com/safiyaax-onlyfans-leaks-20-photos/ IP 104.21.84.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:04:02 Last Seen2024-01-31 13:03:19 Times Seen28 Hash 4a14b9e49ddf55ed5a84fd928964feda 88b76308d21ac688df9db7b6a07abdb4b931d6f9 83e6eca28c839640ef7c6e0f6e6ba412f812b2df055cc506a2d2c33f71c4a5da Loading...

	internetbitches.com/wp-content/themes/boombox/includes/rate-and-vote-restrictions/js/ajax.min.js?ver=2.8.4	2.8 kB	2023-03-07	2024-01-27
Pretty URL internetbitches.com/wp-content/themes/boombox/includes/rate-and-vote-restrictions/js/ajax.min.js?ver=2.8.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2024-01-27 10:24:05 Times Seen33 Hash ff84691535464e13974d4605da1451b0 f6de9ad987e88e60bd5501318d324f5303f53bb9 781a861bd17f38bc7c1b821f6cc1cb6d79379e8669be4275c28d22eb0cc02cf5 Loading...

	op00.biz/?te=hftginzzmq5ha3ddf43dkobw	10 B	2023-03-07	2024-04-26
Pretty URL op00.biz/?te=hftginzzmq5ha3ddf43dkobw IP 185.177.94.108 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2024-04-26 01:59:59 Times Seen4498 Hash f495e69f2e9edc75eeae7dd3ea78a747 a89e38bbe70fa2de5db9d578975abd4e9dcda52e 8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c Loading...

	internetbitches.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-26
Pretty URL internetbitches.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 10:10:59 Times Seen31844 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	internetbitches.com/wp-content/themes/boombox/includes/authentication/default/js/default-auth-scripts.min.js?ver=2.8.4	9.3 kB	2023-03-07	2024-01-26
Pretty URL internetbitches.com/wp-content/themes/boombox/includes/authentication/default/js/default-auth-scripts.min.js?ver=2.8.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2024-01-26 11:18:48 Times Seen9 Hash 7a97442b1c2b0c88a36acf49d47cfd2c 7a061570cd1b17f1d9592912df849d49de1f77c0 974d1d308656ee4a6167db2136216b87fcf2cfeb5fafed2404006e7d25969833 Loading...

	www.googletagmanager.com/gtag/js?id=UA-213792027-33	109 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-213792027-33 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2023-03-07 21:23:30 Times Seen1 Hash 332716f74a7c66d19af70b7802e8532b 1298b2b19945f276cbf99366cf9a0d70cc130fee d37548afd9c0bf5e1e5b07850b042a1ad649bce77b798b66db5d1b687db1bf70 Loading...

	internetbitches.com/safiyaax-onlyfans-leaks-20-photos/	173 B	2023-03-07	2023-03-07
Pretty URL internetbitches.com/safiyaax-onlyfans-leaks-20-photos/ IP 104.21.84.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2023-03-07 21:23:30 Times Seen1 Hash cfa7963a69f674c9141a16689a1dca2f 5025b4a280ce473c454c6ecb0962ee91b556774e fd5fdb19327e9ec03de9345e2bbb0a153b0e00ea34535d9f4923463c2260a1eb Loading...

	internetbitches.com/wp-content/themes/boombox/js/scripts.min.js?ver=2.8.4	129 kB	2023-03-07	2023-10-26
Pretty URL internetbitches.com/wp-content/themes/boombox/js/scripts.min.js?ver=2.8.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2023-10-26 17:21:48 Times Seen7 Hash 66d1601ecce9774b4d09f23482f71f06 019735cd07db1e07d4613fb7256fdd4f81742ba4 ba0943442addcbb3c996c66e5a34dbb75ee84c25e6cde9598e0366f09f99906e Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:24:16 Times Seen842 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	internetbitches.com/wp-includes/js/comment-reply.min.js?ver=6.0	3.0 kB	2023-03-07	2024-04-26
Pretty URL internetbitches.com/wp-includes/js/comment-reply.min.js?ver=6.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 10:34:14 Times Seen29324 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	internetbitches.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js	8.3 kB	2023-03-07	2024-04-24
Pretty URL internetbitches.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:43 Last Seen2024-04-24 11:47:13 Times Seen3075 Hash b00219cb958052cb557115d55f0c8d48 3c55bbf5a8082db61decff924aaf787f4337df86 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6 Loading...

	http:blank	612 B	2023-03-07	2023-03-07
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:23:30 Last Seen2023-03-07 21:23:30 Times Seen1 Hash f59a21032736daa74298c7ab0c430398 f80554c6fbaf5700d9b97416c0b72b803bdc8738 ca67819e3a6e4e81fcb4f3f94b5aceea8396120187061ca67c27f5479407dd56 Loading...

HTTP Transactions (61)

URL IP Response Size

internetbitches.com/safiyaax-onlyfans-leaks-20-photos/

104.21.84.193

301 Moved Permanently

0 B

URL HTTP/1.1
internetbitches.com/safiyaax-onlyfans-leaks-20-photos/
IP
104.21.84.193:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /safiyaax-onlyfans-leaks-20-photos/ HTTP/1.1
Host: internetbitches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 20:27:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 21:27:21 GMT
Location: https://internetbitches.com/safiyaax-onlyfans-leaks-20-photos/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lK0%2FGP8r12up80OAZhqq%2Fjs0gqtntu3hhqNhmKLFti3%2BgxBDP4V6y3jOW%2BTzbcFUiEJd590wrDgWk%2BPh%2FUgUpoA%2BiOvP1OqWmr2kBse18NS%2B2upx9DLiZ4oGg08mZxr9%2FmwX0m8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d50fc2495eb527-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 20:12:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D_WnxH13ygebl6BcF5gy8BY77HLiJbPstcFgp1ibcO2De81scESD4w==
Age: 873

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8601
Expires: Mon, 19 Sep 2022 22:50:42 GMT
Date: Mon, 19 Sep 2022 20:27:21 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uJ6UTHqtRrMnPolOd728NMn9LB7WGFV2egT0wNexfT6Mjci5H7J12g==
age: 57128
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
a0a496f1d4c67d1f3dbccb2d417957a3
b831add60077e2698836b1f310686059d5b68797
fbc289a6e1d245428ec336c4c0d95e8732731a1f6f32d430249da814334b1379

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FBC289A6E1D245428EC336C4C0D95E8732731A1F6F32D430249DA814334B1379"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19352
Expires: Tue, 20 Sep 2022 01:49:53 GMT
Date: Mon, 19 Sep 2022 20:27:21 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 20:27:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
a0a496f1d4c67d1f3dbccb2d417957a3
b831add60077e2698836b1f310686059d5b68797
fbc289a6e1d245428ec336c4c0d95e8732731a1f6f32d430249da814334b1379

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FBC289A6E1D245428EC336C4C0D95E8732731A1F6F32D430249DA814334B1379"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19352
Expires: Tue, 20 Sep 2022 01:49:53 GMT
Date: Mon, 19 Sep 2022 20:27:21 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 20:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f68b192b91ea86e4a4cd5b063b112c42
7279c8d127aa10a2710b10ed9f18a882892e8586
d4c3b5cae5cc02de04be1d8c55d0fc74c6ba1794798464646cec48c57a5641b6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4C3B5CAE5CC02DE04BE1D8C55D0FC74C6BA1794798464646CEC48C57A5641B6"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14402
Expires: Tue, 20 Sep 2022 00:27:23 GMT
Date: Mon, 19 Sep 2022 20:27:21 GMT
Connection: keep-alive

www.googletagmanager.com/gtag/js?id=UA-213792027-33

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-213792027-33
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
42 kB (42351 bytes)
Hash
8a42ff787c6e2378e0f5f3210a8eea56
4474a249b86671815edff6653df61365250484f9
7d31a43a4605c58acf9a625030caabe099c8cd627e2a17e30f485fd30a360cfd

HTTP Headers

GET /gtag/js?id=UA-213792027-33 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 20:27:21 GMT
expires: Mon, 19 Sep 2022 20:27:21 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 20:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42351
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

internetbitches.com/safiyaax-onlyfans-leaks-20-photos/

104.21.84.193

200 OK

26 kB

URL HTTP/2
internetbitches.com/safiyaax-onlyfans-leaks-20-photos/
IP
104.21.84.193:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8047)
Size
26 kB (26092 bytes)
Hash
ef4e94a76cd1e8e4e48ee9e5cf92c6b6
6af557688b3ef848a4dd8274427c351dd40a44cd
0a4c1e08973a63dcc55dffd188b56a9cb53a9778da86805a2394e4ab4bdd6233

HTTP Headers

GET /safiyaax-onlyfans-leaks-20-photos/ HTTP/1.1
Host: internetbitches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/7.4.30
last-modified: Mon, 19 Sep 2022 20:27:17 GMT
x-varnish: 952074653 173080594
age: 4
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHSIKb%2FpjUeDzMwchG3g4aKRNPgdwK7x7zr2mtHkfxY%2FK9mEhFeDO%2FYNGGS5JW3ku%2FkemFWPxcOMJCPcg999RooRC68WLWH01u9KLnR3frNU8A0OGv5CDq3d0fFEQ1GzbIdEno8D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d50fc439c70b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

5.2 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
data
Size
5.2 kB (5204 bytes)
Hash
5a5d30a0e8ef3c8ce389ce3b16d47732
a36facd9f80c3b2ec375970c7361d0ecaf507713
063995eb41454aeb8cc05394d13e0738983de9dd09cda06ec311803e68f460e5

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 20:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 20:30:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XY7FG-iPfK3T4njvU-8r54oeRpa6V0oTwijvNW2m0pt3UNHRbEGAXw==
Age: 1440

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4800
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 20:27:22 GMT
Last-Modified: Mon, 19 Sep 2022 19:07:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.187.71.185

101 Switching Protocols

57 kB

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.71.185:0
ASN
#16509 AMAZON-02

File type
data
Size
57 kB (56936 bytes)
Hash
843101af5f54e6c46f4920a10934bbc9
af313d3b74354d937b0fbc0c44f5e9299bd1d22c
30ade0bad89c006df0dfaee2dfae7748feeb2de56c27263db9e6a3f081dab2e6

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V2PxnfMetKdbBbpPfQ1IqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fr0p1woYnk2/k4O/epsCo3ixJLU=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 20:27:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 20:27:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 20:27:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 20:27:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 20:27:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5866 bytes)
Hash
1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
age: 81224
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11919 bytes)
Hash
f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xG9XQItrQEJXCW9JRcI6aDELQKCTOlnwq1Xg5_vQcqCPNtHGWkScFw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 22:00:17 GMT
age: 80826
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5064 bytes)
Hash
e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
age: 81010
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10894 bytes)
Hash
d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 10:33:00 GMT
age: 35663
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6428 bytes)
Hash
893f3495f1f575e946a57c8e8411b2a5
480182fd29c7edd369339847b85e4e2580cef0f6
097d868881231eae089ac8b97d5dc290583477f63dc35b7458ed4898e0db3e0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nD62kVNMZRvoZaM85m1kNlgU-KOj2X7tqhy9cPxGJFaBHCMVEsvWXQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:45 GMT
age: 81218
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
3d9fd171b51b27aa84e06e7d5a40116e
a81660dcace8f232018ce9a6d027b271d1f8a863
2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: bee7087d-6431-457a-8fdc-a9eff7b14afd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOAZHcCIAMFTSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279068-4a7d282e1860a131491a4f2d;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EClCCFFn_OCwRqXC7W0g-msDSm1WsTRB5kDJsAQyxIPmIwSQBSbJ9g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:01 GMT
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
content-type: image/jpeg
age: 81022
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 18:41:12 GMT
expires: Mon, 19 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 6372
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
753f43280904770acc565720004e6652
124489f486872e30924cc97e191aff02fc7382ce
e4e3cd04056e2e008b186a986b21b92a1b4159c7e9af5680eca87413e29c2532

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4E3CD04056E2E008B186A986B21B92A1B4159C7E9AF5680ECA87413E29C2532"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17378
Expires: Tue, 20 Sep 2022 01:17:05 GMT
Date: Mon, 19 Sep 2022 20:27:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
753f43280904770acc565720004e6652
124489f486872e30924cc97e191aff02fc7382ce
e4e3cd04056e2e008b186a986b21b92a1b4159c7e9af5680eca87413e29c2532

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4E3CD04056E2E008B186A986B21B92A1B4159C7E9AF5680ECA87413E29C2532"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17329
Expires: Tue, 20 Sep 2022 01:16:16 GMT
Date: Mon, 19 Sep 2022 20:27:27 GMT
Connection: keep-alive

pumpmulticultural.com/70/b2/c8/70b2c8abb8cbd31b8aec0647f6833e97.js

192.243.59.20

200 OK

20 kB

URL HTTP/1.1
pumpmulticultural.com/70/b2/c8/70b2c8abb8cbd31b8aec0647f6833e97.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59390), with no line terminators
Size
20 kB (20315 bytes)
Hash
5bbeb3f3c854f365c4a8ac556108e874
51a3d902a38dbddabdee16362e9380bfcf2e82c5
2ea8a8342601ebc4211aeda452561b930d74bc53954749a6d16830e581d62939

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /70/b2/c8/70b2c8abb8cbd31b8aec0647f6833e97.js HTTP/1.1
Host: pumpmulticultural.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 19 Sep 2022 20:27:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ceb98285131016bff2417eeca60f36a3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pumpmulticultural.com/e5/9b/30/e59b308cc45af1573871b4206b888b72.js

192.243.59.20

200 OK

13 kB

URL HTTP/1.1
pumpmulticultural.com/e5/9b/30/e59b308cc45af1573871b4206b888b72.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37127), with no line terminators
Size
13 kB (13424 bytes)
Hash
169e0a82fe3d769fca3d9b9bdf7bff73
134936ec34522888a0284df08d4e3fddd958d8da
df7cb3bd87ab8fcb3f11f205bb91c324a9c479f79ed260c652fa334df0b3fc9f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e5/9b/30/e59b308cc45af1573871b4206b888b72.js HTTP/1.1
Host: pumpmulticultural.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 19 Sep 2022 20:27:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 76f24ecb116e8ba99791c16d8b06e692
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
c89bd80c457915abebe4d37d04c72b59
5360927bb2d21d50a8eb229720265bc81ab59d80
b4c09572c14727fc2fce7ff1897a080f29bc9859ff034be5bc73839e457a717a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B4C09572C14727FC2FCE7FF1897A080F29BC9859FF034BE5BC73839E457A717A"
Last-Modified: Sat, 17 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Mon, 19 Sep 2022 21:32:14 GMT
Date: Mon, 19 Sep 2022 20:27:27 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
de21453350e94caa1eaa938409519de2
b9819d2fe8761aac1b00b7b6a05f7d5c6358d2d9
9455b40dbff8c871da45e8d9ea3c142c77e200b0ee8698dcfdf246bc4b0383a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 20:27:27 GMT
Last-Modified: Mon, 19 Sep 2022 19:58:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6df30310ab4bd12fd1d6de14fc431cc4
e91defc2ab45d425901a3b800be0870c6a71daf9
6c0fdf8a295320d533a82a1c5019cece54752992aee4fcdfb9957d6f4a736d5c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 20:27:27 GMT
Last-Modified: Mon, 19 Sep 2022 19:30:20 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Lx8v9irnvoqBvl2fdbV9Uuo6bKm2Agi4M4JPxUYzEDYy7yLNAIn0Ow==
Age: 3427

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6df30310ab4bd12fd1d6de14fc431cc4
e91defc2ab45d425901a3b800be0870c6a71daf9
6c0fdf8a295320d533a82a1c5019cece54752992aee4fcdfb9957d6f4a736d5c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 20:27:27 GMT
Last-Modified: Mon, 19 Sep 2022 19:39:09 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: V_X144qWHwK0gqlTcR6e1W6McALHU2eUUFoqREiz6mJxMsj8mdfsiw==
Age: 2898

simplewebanalysis.com/stats

3.64.106.196

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.64.106.196:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
92d2bd92367c682b457bea369334e8ee
3f1b947f2d43e8e945bfa1b74da8affc73789569
56a105eb1f10c6b6b3803ddf8f6523cadcea7904ecc23e34e05ec55636c7b778

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://internetbitches.com
access-control-allow-credentials: true
set-cookie: uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; expires=Thu, 16 Sep 2032 20:27:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

3.64.106.196

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.64.106.196:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
b7b68467a170340fb0d034e29105ec0a
706bfbd08cbb5ddfe7578d1492a6a9ffa395eaf5
5d61a98072cd16513d876a4e1eefad0cbe1406409eba668e8055dde7ff07a469

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://internetbitches.com
access-control-allow-credentials: true
set-cookie: uid_id2=558527ad-86f2-4fda-bf3a-b06c2e6528e2:1:1; expires=Thu, 16 Sep 2032 20:27:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
de21453350e94caa1eaa938409519de2
b9819d2fe8761aac1b00b7b6a05f7d5c6358d2d9
9455b40dbff8c871da45e8d9ea3c142c77e200b0ee8698dcfdf246bc4b0383a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 20:27:27 GMT
Last-Modified: Mon, 19 Sep 2022 19:58:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
c89bd80c457915abebe4d37d04c72b59
5360927bb2d21d50a8eb229720265bc81ab59d80
b4c09572c14727fc2fce7ff1897a080f29bc9859ff034be5bc73839e457a717a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B4C09572C14727FC2FCE7FF1897A080F29BC9859FF034BE5BC73839E457A717A"
Last-Modified: Sat, 17 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Mon, 19 Sep 2022 21:32:14 GMT
Date: Mon, 19 Sep 2022 20:27:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1dda2f509b35096bdf9b6e1cc1da591d
66b905dc8cb287116baf729c8257e9bc4818a893
e689276fc859ff5caf4c891494eec2dc26e67743edb4ae0518a2f2c39e233e0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E689276FC859FF5CAF4C891494EEC2DC26E67743EDB4AE0518A2F2C39E233E0E"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11585
Expires: Mon, 19 Sep 2022 23:40:33 GMT
Date: Mon, 19 Sep 2022 20:27:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be92f82a1a861bcc2a134aefe9086e34
3a8b1969dd0e4bd096068b2495e40da593304c45
d114bc19377c68f644a258b499c6f7b6d968c9fed8d7e4506550fe8408607f6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D114BC19377C68F644A258B499C6F7B6D968C9FED8D7E4506550FE8408607F6B"
Last-Modified: Sun, 18 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7431
Expires: Mon, 19 Sep 2022 22:31:19 GMT
Date: Mon, 19 Sep 2022 20:27:28 GMT
Connection: keep-alive

secure.gravatar.com/avatar/bdd2d5a5b8058c7c3866c40bf6cb0605?s=74&d=mm&r=g

192.0.73.2

200 OK

1.4 kB

URL HTTP/2
secure.gravatar.com/avatar/bdd2d5a5b8058c7c3866c40bf6cb0605?s=74&d=mm&r=g
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 74x74, components 3\012- data
Size
1.4 kB (1368 bytes)
Hash
849532dd2d265820a2f5d95545605826
6cce6b64c1457fcecf49d8bd7f166f2fd6706faf
7e42624d690e9bad334666d9277be3e95a5adcdb5410291312f3738013f61bd9

HTTP Headers

GET /avatar/bdd2d5a5b8058c7c3866c40bf6cb0605?s=74&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 20:27:28 GMT
content-type: image/jpeg
content-length: 1368
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/bdd2d5a5b8058c7c3866c40bf6cb0605?s=74&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="bdd2d5a5b8058c7c3866c40bf6cb0605.png"
expires: Mon, 19 Sep 2022 20:32:28 GMT
cache-control: max-age=300
x-nc: HIT arn 3
accept-ranges: bytes
X-Firefox-Spdy: h2

creepingbrings.com/sfp.js

172.64.162.10

200 OK

23 kB

URL HTTP/2
creepingbrings.com/sfp.js
IP
172.64.162.10:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
23 kB (23084 bytes)
Hash
22d0be38cff37c2a380b8d37351ac495
92d8c874ea32e8a72d42338358e8ee973c4da1f0
e9f42bbe705429c897274d46011313905f41a829c154581a9b2185441662dbd3

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:27 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 35aa18f0928617cc9edbc87c79d2245b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 20:27:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPXuP8uheoHdF%2FQ3tFD6FhQWeki%2BxfBMv0Z4Qj5PZioenhFuA8HTvWKfhsGLoyZXMWPXULWNnDRfxwS2EBtXvJBwFe9OVbiW7js5psMeV6Zh21Q06AfkSgsPETzhQ61hhk0qV48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50fea58be76f0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sagedeportflorist.com/sbar.json?key=e59b308cc45af1573871b4206b888b72&uuid=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e%3A1%3A1

173.233.137.52

200 OK

4.1 kB

URL HTTP/1.1
sagedeportflorist.com/sbar.json?key=e59b308cc45af1573871b4206b888b72&uuid=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e%3A1%3A1
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (5632), with no line terminators
Size
4.1 kB (4068 bytes)
Hash
64a4b4843937bad000805d0a04e17df6
06aea7668711f8ae052abba9f9b29e2a767b58fe
4b9718c34dd007e80f781952801c69fa978068a6e7aa0c135f652d7122345877

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=e59b308cc45af1573871b4206b888b72&uuid=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e%3A1%3A1 HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:28 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://internetbitches.com
Access-Control-Allow-Origin: https://internetbitches.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17098400; expires=Tue, 20 Sep 2022 20:27:28 GMT; secure; SameSite=None
uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; expires=Mon, 26 Sep 2022 20:27:28 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 20 Sep 2022 20:27:28 GMT; secure; SameSite=None
uncs=1; expires=Tue, 20 Sep 2022 20:27:28 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 20 Sep 2022 20:27:28 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 20 Sep 2022 20:27:28 GMT; secure; SameSite=None
slece59b308cc45af1573871b4206b888b72=[3240591]; expires=Mon, 19 Sep 2022 20:27:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75f15e370f84cbb496bb75b3205b5718
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
dde134bf7ea8d3af1cccb4abd35cd40e
77f9e1d3133a177e42306c3b9c31f8a7cacc0461
064b90005ffab327d8071d7755c8f130473a3fbdb1a44c81ce6de9680944fbbd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5613
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 20:27:29 GMT
Last-Modified: Mon, 19 Sep 2022 18:53:56 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280

sagedeportflorist.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjS2EREUUCUUIdAVFkPB5f9xPUkQYx8jC%2BaGEXx3MzsyeB8%2FtrGZ2ds%2BuLCKhdBz%2FwfqdHSskQkEUVEToHCmFG3JULnBJj5CoKNBdLI580ur73r5XvHnf9%2FWeOyU%2BHD1ZvaZ3pFJ0uVn3a5c%2BC4LLtQ2ZukFt0Gl93mpcrpni3W6r7r9d%2B0CwLb0c%2BoHvB35QW5NGJHqwPCUhs4fdoN71642wHjQbGJgXsXUeLPXAi1NyHpJPFp94FyDZGGn%2F0aqwW7nO3rnad4rm2qDghx%2BnW6kuU%2FTnY2I8JOnhmRraPlt7DJ0ezOxCF%2F8JYzkh3tPHiNPDM5OIi%2F2Zz1hBpIj5KyiLMYQaQ9IxmL4DyZ8RgHFcv4G0f%2B%2B6NiXdfs7SKTshi3%2F%2FBVlOyOLvF5D2v19RclC7rZXLpU4tBkkFORhD9sbI3BHynXOQ5RFY%2FhUkJ0j7FSQ%2FeaubsGYYNfylRPiNpYag4VKH8XDJj3zapCJKur6YBSPlGDIZQ4khqPXgpp%2F04BIPLvPQ5yc1FgRB2%2BeM%2Bp0uYxFvi7jF%2FYC2k4AGfqsDx6beh8izIZgagpldZGYXW3II436B3axguQebExS8QikISktQUoJSEpQ5QVlUB1zZ0Fb3uLIuDs56eNajaqTz3h490HlPpGQvOyWvTgPzFv%2BosCVOaqLZjSO%2Fw1ijSZOg2Y467SBuhH4r7nQ6cTuElRWkPTd75o6ckNd%2Feg2ZnJCXfryKmB7BqiMweR7UvQFajtqhD7o5anR87KQPmBMFTWlU5wJcV8jyReTb3p46JRdnewvMNxDs%2BMoX8bXJn%2Ff%2FATMVMlPhS%2FmEoKfujm7pkuzf0qUlP9zIctmXO3S609s5zcXCdx%2BK7VIbvr5qh%2FffY1NiOj78SNh8g6Zcpj1LHqxIzoVZ04YJ8vO6%2FVTEN53dXHEmddnGzffX1vuZEdZKnY5B5YSQp8dgckJe5uXsXC9%2BsgZpxjCuQt8dk7OC1Edg2S5sNvdv9QKMmmvizEPpqpEJ4%2FlPJQmUmGMaV7D%2Fw%2FF83rN30TNvguZ3ZldamAqFqkDVENYtjPLMHF%2F5LZoVYuWNYmW8%2FVgZ9e3zcK08qbWjyKetbjNot6lox42wk7QCTmnYaIWtFo2Q2wm79OujfwEAAP%2F%2FAQAA%2F%2F8Tf1neeQQAAA%3D%3D

173.233.137.52

200 OK

7 B

URL HTTP/1.1
sagedeportflorist.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjS2EREUUCUUIdAVFkPB5f9xPUkQYx8jC%2BaGEXx3MzsyeB8%2FtrGZ2ds%2BuLCKhdBz%2FwfqdHSskQkEUVEToHCmFG3JULnBJj5CoKNBdLI580ur73r5XvHnf9%2FWeOyU%2BHD1ZvaZ3pFJ0uVn3a5c%2BC4LLtQ2ZukFt0Gl93mpcrpni3W6r7r9d%2B0CwLb0c%2BoHvB35QW5NGJHqwPCUhs4fdoN71642wHjQbGJgXsXUeLPXAi1NyHpJPFp94FyDZGGn%2F0aqwW7nO3rnad4rm2qDghx%2BnW6kuU%2FTnY2I8JOnhmRraPlt7DJ0ezOxCF%2F8JYzkh3tPHiNPDM5OIi%2F2Zz1hBpIj5KyiLMYQaQ9IxmL4DyZ8RgHFcv4G0f%2B%2B6NiXdfs7SKTshi3%2F%2FBVlOyOLvF5D2v19RclC7rZXLpU4tBkkFORhD9sbI3BHynXOQ5RFY%2FhUkJ0j7FSQ%2FeaubsGYYNfylRPiNpYag4VKH8XDJj3zapCJKur6YBSPlGDIZQ4khqPXgpp%2F04BIPLvPQ5yc1FgRB2%2BeM%2Bp0uYxFvi7jF%2FYC2k4AGfqsDx6beh8izIZgagpldZGYXW3II436B3axguQebExS8QikISktQUoJSEpQ5QVlUB1zZ0Fb3uLIuDs56eNajaqTz3h490HlPpGQvOyWvTgPzFv%2BosCVOaqLZjSO%2Fw1ijSZOg2Y467SBuhH4r7nQ6cTuElRWkPTd75o6ckNd%2Feg2ZnJCXfryKmB7BqiMweR7UvQFajtqhD7o5anR87KQPmBMFTWlU5wJcV8jyReTb3p46JRdnewvMNxDs%2BMoX8bXJn%2Ff%2FATMVMlPhS%2FmEoKfujm7pkuzf0qUlP9zIctmXO3S609s5zcXCdx%2BK7VIbvr5qh%2FffY1NiOj78SNh8g6Zcpj1LHqxIzoVZ04YJ8vO6%2FVTEN53dXHEmddnGzffX1vuZEdZKnY5B5YSQp8dgckJe5uXsXC9%2BsgZpxjCuQt8dk7OC1Edg2S5sNvdv9QKMmmvizEPpqpEJ4%2FlPJQmUmGMaV7D%2Fw%2FF83rN30TNvguZ3ZldamAqFqkDVENYtjPLMHF%2F5LZoVYuWNYmW8%2FVgZ9e3zcK08qbWjyKetbjNot6lox42wk7QCTmnYaIWtFo2Q2wm79OujfwEAAP%2F%2FAQAA%2F%2F8Tf1neeQQAAA%3D%3D
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjS2EREUUCUUIdAVFkPB5f9xPUkQYx8jC%2BaGEXx3MzsyeB8%2FtrGZ2ds%2BuLCKhdBz%2FwfqdHSskQkEUVEToHCmFG3JULnBJj5CoKNBdLI580ur73r5XvHnf9%2FWeOyU%2BHD1ZvaZ3pFJ0uVn3a5c%2BC4LLtQ2ZukFt0Gl93mpcrpni3W6r7r9d%2B0CwLb0c%2BoHvB35QW5NGJHqwPCUhs4fdoN71642wHjQbGJgXsXUeLPXAi1NyHpJPFp94FyDZGGn%2F0aqwW7nO3rnad4rm2qDghx%2BnW6kuU%2FTnY2I8JOnhmRraPlt7DJ0ezOxCF%2F8JYzkh3tPHiNPDM5OIi%2F2Zz1hBpIj5KyiLMYQaQ9IxmL4DyZ8RgHFcv4G0f%2B%2B6NiXdfs7SKTshi3%2F%2FBVlOyOLvF5D2v19RclC7rZXLpU4tBkkFORhD9sbI3BHynXOQ5RFY%2FhUkJ0j7FSQ%2FeaubsGYYNfylRPiNpYag4VKH8XDJj3zapCJKur6YBSPlGDIZQ4khqPXgpp%2F04BIPLvPQ5yc1FgRB2%2BeM%2Bp0uYxFvi7jF%2FYC2k4AGfqsDx6beh8izIZgagpldZGYXW3II436B3axguQebExS8QikISktQUoJSEpQ5QVlUB1zZ0Fb3uLIuDs56eNajaqTz3h490HlPpGQvOyWvTgPzFv%2BosCVOaqLZjSO%2Fw1ijSZOg2Y467SBuhH4r7nQ6cTuElRWkPTd75o6ckNd%2Feg2ZnJCXfryKmB7BqiMweR7UvQFajtqhD7o5anR87KQPmBMFTWlU5wJcV8jyReTb3p46JRdnewvMNxDs%2BMoX8bXJn%2Ff%2FATMVMlPhS%2FmEoKfujm7pkuzf0qUlP9zIctmXO3S609s5zcXCdx%2BK7VIbvr5qh%2FffY1NiOj78SNh8g6Zcpj1LHqxIzoVZ04YJ8vO6%2FVTEN53dXHEmddnGzffX1vuZEdZKnY5B5YSQp8dgckJe5uXsXC9%2BsgZpxjCuQt8dk7OC1Edg2S5sNvdv9QKMmmvizEPpqpEJ4%2FlPJQmUmGMaV7D%2Fw%2FF83rN30TNvguZ3ZldamAqFqkDVENYtjPLMHF%2F5LZoVYuWNYmW8%2FVgZ9e3zcK08qbWjyKetbjNot6lox42wk7QCTmnYaIWtFo2Q2wm79OujfwEAAP%2F%2FAQAA%2F%2F8Tf1neeQQAAA%3D%3D HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 212b093aa8ad3085abd45c115266ea79
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.77.32

200 OK

6.9 kB

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
6.9 kB (6907 bytes)
Hash
df307f0a7c9a2e689c7be46a8a76c664
b2131122f156c0a47b04650b64eea6b36169192a
cc95622f8e815de02105b29d4bc538c061a834fb2fd3b870a0b421655ea0f5ab

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "14F4407C37A327FC0B0249C75C3308A898722B100BDD261BF687E7B97821B2CE"
Last-Modified: Sat, 17 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6274
Expires: Mon, 19 Sep 2022 22:12:03 GMT
Date: Mon, 19 Sep 2022 20:27:29 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
975198867cba40920c78943d183e7501
79f8094d26eb13a276fa98058ff3edde469825c5
14f4407c37a327fc0b0249c75c3308a898722b100bdd261bf687e7b97821b2ce

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "14F4407C37A327FC0B0249C75C3308A898722B100BDD261BF687E7B97821B2CE"
Last-Modified: Sat, 17 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6274
Expires: Mon, 19 Sep 2022 22:12:03 GMT
Date: Mon, 19 Sep 2022 20:27:29 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
975198867cba40920c78943d183e7501
79f8094d26eb13a276fa98058ff3edde469825c5
14f4407c37a327fc0b0249c75c3308a898722b100bdd261bf687e7b97821b2ce

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "14F4407C37A327FC0B0249C75C3308A898722B100BDD261BF687E7B97821B2CE"
Last-Modified: Sat, 17 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6274
Expires: Mon, 19 Sep 2022 22:12:03 GMT
Date: Mon, 19 Sep 2022 20:27:29 GMT
Connection: keep-alive

cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/vpn.png

172.64.201.2

200 OK

27 kB

URL HTTP/2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/vpn.png
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 400 x 390, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (27328 bytes)
Hash
1f627dde2b8596dbd62eb42b76c8e6ba
15cf8a62eab44beffb02d9de51a3a18964a8fb62
8208316116f1f38051a9785616a403519015174b65db5f652cb2dae02ffe8491

HTTP Headers

GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/vpn.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: image/png
content-length: 27328
last-modified: Wed, 03 Aug 2022 08:48:26 GMT
etag: "62ea365a-6ac0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4098151
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iB2rBd6otVbgeW%2FkkI1n%2BVBFfH7ML0cdkpZGj7%2FZLpQgVOf5qWDGCPt9ayQ%2Bt8F0kyk47S2WtBqwtNE%2Ft%2BypMjmEgJMinYBiNGaRoAtfkJKPKwffdh8Sq6Si058I66ZAfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff33e2c7457-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/index.html

104.26.6.19

200 OK

415 B

URL HTTP/2
cdn.yourwebbars.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/index.html
IP
104.26.6.19:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
415 B (415 bytes)
Hash
63f354b797849b7c1d2f683dbf0fa4d4
da7d8d35b4dd5cedf196535f903d6c42a0281d37
4971c287640dc9517155b6a4c468554ba2461738beed9e3b453ed631a7d6985e

HTTP Headers

GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: text/html
last-modified: Wed, 02 Feb 2022 09:47:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 335778
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjuD7SQSj%2B5QXkwN5XWQDduDdxcHruzlirk2Zhs6PSQ9jfP1SKItodqZnhLHgbXLsigJnyv19EFRq%2BCcUGFvQIKL4qjD3aeAqCh8Z4zAFsfcUrXU46OARIR4%2B5jKMGkR3lFc9CU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff25fb60b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/close.svg

172.64.201.2

200 OK

920 B

URL HTTP/2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/close.svg
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
920 B (920 bytes)
Hash
ecb62e04f902e8df73f1708b405bc735
3b451c11e3746b53f46eef22a104b763edb53565
c4b207ec223c878b72ca1af8824d9cff599301e260ced722b8acb556e5689be8

HTTP Headers

GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Jul 2021 10:21:04 GMT
etag: W/"60e58010-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4098151
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkFcWfDF0Vdvy61jxy%2F8z2u7KVU6dsuX9gdyARQnQQhpBAjw19yJhKWYqURKiACkzGOD8cgvhLh%2FDy1TsKfGgQgpUZx20N0frJcFOSP1iurm51045YOzm2AKeVg9uq31iRM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff33e2b7457-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fstyle.css&l=5246&fd=225

173.233.137.52

200 OK

0 B

URL HTTP/1.1
sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fstyle.css&l=5246&fd=225
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fstyle.css&l=5246&fd=225 HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fanimate.css&l=79249&fd=322

173.233.137.52

200 OK

0 B

URL HTTP/1.1
sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fanimate.css&l=79249&fd=322
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fanimate.css&l=79249&fd=322 HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fjs%2Fscript.js&l=397&fd=357

173.233.137.52

200 OK

0 B

URL HTTP/1.1
sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fjs%2Fscript.js&l=397&fd=357
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fjs%2Fscript.js&l=397&fd=357 HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

sagedeportflorist.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9E1sIiYooEooQaAuKIOH1m%2F2cJUWEcYwsnA8lfHXwvmb98Nt5o%2FdmdtauLCKhdCz%2FYHzWjhUSoSAKKiK0jpTCDVkqF7ikR0hUFGg3FkuuNLr3zDnFeefer%2FfyU0KRs5PVa3ZHG8OWm1VaufRZGF6ubOgkH1QGUevzVuNyxfXf7bSq9O3KB0ps2eUaDSkNaVhZ007FdrA8JaHTh52w2qHVRq0aNhsYuBexzwN4FkD2T8l5aDlZfBJcgBZjJL1Hq8pvZTZ952ovNyyzDn15%2BHGyldgiQW8%2Bxi5AnByeqWH9s7XHsMnBzC5s%2Fz8h1xMSPH0MnhyemQTv7898cgOVgMtXUPTHUGYMzcYQ9g60fEYAIXH9BpLevevWFWz7Ocum7IQs%2Fv0XdDEhi79fQNL7fsXoQeW2NXmmbeIxiEvowRi6O0aaHyHbOQddHEFkX0FLgqRXQsuTtzqxaNbqDboUK9pYaihWW4qErC3ROmVNpupxh6pZMFqPoeMxjBqC%2BQD59NMB8jhAngboyZOKCMOwTaVgNOoIUZdtxVuShqwdhyykrQi5mHofIkuHEGYI4XaRul1s6SFc%2Fgv8ZgkvA%2FiMoC9LFIqg8AQFIyg0QZERFP3yQBpf8%2BU9aXzOw7NeO%2Bv1cmSz7h47sFlXJWQvPSWvTgMLFv8osaVOKqrZ4XUaCdFosjhstutRO%2BSNGm3xKIp4uwavS2h%2FbvbMHT0hr%2F%2F0GlI9IS%2F9eBWcHcGbIwh9Hix%2FA6wYtWsUbHPUiCh2kgciV32WsHpVKkhbIs0WkW0He%2BaUXJztLXTfQInjK1%2Fwa5M%2F7%2F8D4UqkrsSX%2BglB19wd3bIF2b9lC09%2BuJFmuqd32HSntzOWqYXvPlTbhXVyfdUP778npsR0fPiR8tkGS6ROup48WNFSKrdmnVDk53X%2FqeI3c7%2B5krskTzduvr%2B23kud8l7bZAymJ4Q8PYbQE%2FKyLGbnevGTNWg3hstL9PJjclbQ9ggi3YVP5%2F69XYAzcw1PAxR5OXI1Pv9pNIFRc8x4Cf8%2FzOfznr%2BLrnsTLLszu9K%2BK9E3JZgZwucLoyx1x1d%2Bq88K3AQjblywz40z3z4P1%2BuTSp3KNlexanPVaDZiJSRvNjkVseB1GUUCmZ%2BIS78%2B%2BhcAAP%2F%2FAQAA%2F%2F%2BTq4w2eQQAAA%3D%3D

173.233.137.52

200 OK

7 B

URL HTTP/1.1
sagedeportflorist.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9E1sIiYooEooQaAuKIOH1m%2F2cJUWEcYwsnA8lfHXwvmb98Nt5o%2FdmdtauLCKhdCz%2FYHzWjhUSoSAKKiK0jpTCDVkqF7ikR0hUFGg3FkuuNLr3zDnFeefer%2FfyU0KRs5PVa3ZHG8OWm1VaufRZGF6ubOgkH1QGUevzVuNyxfXf7bSq9O3KB0ps2eUaDSkNaVhZ007FdrA8JaHTh52w2qHVRq0aNhsYuBexzwN4FkD2T8l5aDlZfBJcgBZjJL1Hq8pvZTZ952ovNyyzDn15%2BHGyldgiQW8%2Bxi5AnByeqWH9s7XHsMnBzC5s%2Fz8h1xMSPH0MnhyemQTv7898cgOVgMtXUPTHUGYMzcYQ9g60fEYAIXH9BpLevevWFWz7Ocum7IQs%2Fv0XdDEhi79fQNL7fsXoQeW2NXmmbeIxiEvowRi6O0aaHyHbOQddHEFkX0FLgqRXQsuTtzqxaNbqDboUK9pYaihWW4qErC3ROmVNpupxh6pZMFqPoeMxjBqC%2BQD59NMB8jhAngboyZOKCMOwTaVgNOoIUZdtxVuShqwdhyykrQi5mHofIkuHEGYI4XaRul1s6SFc%2Fgv8ZgkvA%2FiMoC9LFIqg8AQFIyg0QZERFP3yQBpf8%2BU9aXzOw7NeO%2Bv1cmSz7h47sFlXJWQvPSWvTgMLFv8osaVOKqrZ4XUaCdFosjhstutRO%2BSNGm3xKIp4uwavS2h%2FbvbMHT0hr%2F%2F0GlI9IS%2F9eBWcHcGbIwh9Hix%2FA6wYtWsUbHPUiCh2kgciV32WsHpVKkhbIs0WkW0He%2BaUXJztLXTfQInjK1%2Fwa5M%2F7%2F8D4UqkrsSX%2BglB19wd3bIF2b9lC09%2BuJFmuqd32HSntzOWqYXvPlTbhXVyfdUP778npsR0fPiR8tkGS6ROup48WNFSKrdmnVDk53X%2FqeI3c7%2B5krskTzduvr%2B23kud8l7bZAymJ4Q8PYbQE%2FKyLGbnevGTNWg3hstL9PJjclbQ9ggi3YVP5%2F69XYAzcw1PAxR5OXI1Pv9pNIFRc8x4Cf8%2FzOfznr%2BLrnsTLLszu9K%2BK9E3JZgZwucLoyx1x1d%2Bq88K3AQjblywz40z3z4P1%2BuTSp3KNlexanPVaDZiJSRvNjkVseB1GUUCmZ%2BIS78%2B%2BhcAAP%2F%2FAQAA%2F%2F%2BTq4w2eQQAAA%3D%3D
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9E1sIiYooEooQaAuKIOH1m%2F2cJUWEcYwsnA8lfHXwvmb98Nt5o%2FdmdtauLCKhdCz%2FYHzWjhUSoSAKKiK0jpTCDVkqF7ikR0hUFGg3FkuuNLr3zDnFeefer%2FfyU0KRs5PVa3ZHG8OWm1VaufRZGF6ubOgkH1QGUevzVuNyxfXf7bSq9O3KB0ps2eUaDSkNaVhZ007FdrA8JaHTh52w2qHVRq0aNhsYuBexzwN4FkD2T8l5aDlZfBJcgBZjJL1Hq8pvZTZ952ovNyyzDn15%2BHGyldgiQW8%2Bxi5AnByeqWH9s7XHsMnBzC5s%2Fz8h1xMSPH0MnhyemQTv7898cgOVgMtXUPTHUGYMzcYQ9g60fEYAIXH9BpLevevWFWz7Ocum7IQs%2Fv0XdDEhi79fQNL7fsXoQeW2NXmmbeIxiEvowRi6O0aaHyHbOQddHEFkX0FLgqRXQsuTtzqxaNbqDboUK9pYaihWW4qErC3ROmVNpupxh6pZMFqPoeMxjBqC%2BQD59NMB8jhAngboyZOKCMOwTaVgNOoIUZdtxVuShqwdhyykrQi5mHofIkuHEGYI4XaRul1s6SFc%2Fgv8ZgkvA%2FiMoC9LFIqg8AQFIyg0QZERFP3yQBpf8%2BU9aXzOw7NeO%2Bv1cmSz7h47sFlXJWQvPSWvTgMLFv8osaVOKqrZ4XUaCdFosjhstutRO%2BSNGm3xKIp4uwavS2h%2FbvbMHT0hr%2F%2F0GlI9IS%2F9eBWcHcGbIwh9Hix%2FA6wYtWsUbHPUiCh2kgciV32WsHpVKkhbIs0WkW0He%2BaUXJztLXTfQInjK1%2Fwa5M%2F7%2F8D4UqkrsSX%2BglB19wd3bIF2b9lC09%2BuJFmuqd32HSntzOWqYXvPlTbhXVyfdUP778npsR0fPiR8tkGS6ROup48WNFSKrdmnVDk53X%2FqeI3c7%2B5krskTzduvr%2B23kud8l7bZAymJ4Q8PYbQE%2FKyLGbnevGTNWg3hstL9PJjclbQ9ggi3YVP5%2F69XYAzcw1PAxR5OXI1Pv9pNIFRc8x4Cf8%2FzOfznr%2BLrnsTLLszu9K%2BK9E3JZgZwucLoyx1x1d%2Bq88K3AQjblywz40z3z4P1%2BuTSp3KNlexanPVaDZiJSRvNjkVseB1GUUCmZ%2BIS78%2B%2BhcAAP%2F%2FAQAA%2F%2F%2BTq4w2eQQAAA%3D%3D HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8f2f26f4101e58e4302955f479167f75
Strict-Transport-Security: max-age=0; includeSubdomains

sagedeportflorist.com/pixel/sbs?c=1

173.233.137.52

200 OK

0 B

URL HTTP/1.1
sagedeportflorist.com/pixel/sbs?c=1
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/animate.css

172.64.201.2

200 OK

47 kB

URL HTTP/2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/animate.css
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
47 kB (47423 bytes)
Hash
7289aab24a79dfe0e44f4c6558dc366a
e7741465abd983a6d315375f77ea2565fede657e
39c50de3034dc2e3fa9b015011a5155c36135bf1c11f786f727ab2c5239d9c47

HTTP Headers

GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: text/css
last-modified: Wed, 07 Jul 2021 10:20:58 GMT
etag: W/"60e5800a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFYaXRgXAAWKw1bsdQRtJVsBk0L0rXpmKA899XN%2BrWHTgjD0plBlVeobNCmeWH3tZTPRARsIl5c96GVaq8wysImsngRNYCwybg9tKoHFs96vABJJz3gx0cbK3KdSSdTHhao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff2fdae7457-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/style.css

172.64.201.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/style.css
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: text/css
last-modified: Wed, 02 Feb 2022 09:47:17 GMT
etag: W/"61fa5325-147e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DohH8Y3ulwq4NCrF0IYdtyD4G2sEtmLcfxCjeBum5OSpj1tH8Abi%2BFfowl%2FsWil1mp42qZs7NbaSBhHxAtp9flGfhVeuzT3rSWtBbEV1u5SIDVOf%2FWJB7t2U3nmnxEvE6yk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff30dda7457-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

op00.biz/?te=hftginzzmq5ha3ddf43dkobw

185.177.94.108

200 OK

0 B

URL HTTP/2
op00.biz/?te=hftginzzmq5ha3ddf43dkobw
IP
185.177.94.108:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?te=hftginzzmq5ha3ddf43dkobw HTTP/1.1
Host: op00.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 20:27:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=6936750c-c86e-4ae4-9ae5-edaf39f2f73e; expires=Wed, 19-Oct-2022 20:27:21 GMT; Max-Age=2592000; path=/; SameSite=None; domain=op00.biz; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

104.21.235.2

200 OK

0 B

URL HTTP/2
addresseepaper.com/sfp.js
IP
104.21.235.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:27 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3c1005e4d5a48456a7812ba236033410
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 20:27:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xw3p6SVwQzV2lSalTxuinirFwJykvIXcq6Gpbj1PN2F5PXcDBivE5bLnbbkeiPays68ncDWlLJdaYTxWTsqsgaLZsM9RROixtVoHWM6V02zjuik3nOsndGn7mkHC%2Bmrqk5FOEdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50fea5f7275d1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/js/script.js

172.64.201.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/js/script.js
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: application/javascript
last-modified: Wed, 07 Jul 2021 10:21:07 GMT
etag: W/"60e58013-18d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1qIkuv4JA%2BaaRNaWEagTyh6wl4ly5XTw76Zl25Ol1MJ%2B27NUhcCR6ihbLL3NkXTZ1jIRJw4Az%2Fl9Sjh2Al5Pp%2Ftp5ZM6gLggLXRRDUt%2BBSALBx12DR0QrE5ZXMd6RMilxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff30dc67457-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations