Report - go.gkrtmc.com/aff_c?offer_id=7234&aff_id=58165&aff

Report Overview

Submitted URL
go.gkrtmc.com/aff_c?offer_id=7234&aff_id=58165&aff_sub5=messenger
IP
172.255.248.105
ASN
#7979 SERVERS-COM
Submitted
2022-08-28 21:26:05
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-06T05:10:30Z	401 B	5.8 kB	143.204.55.25
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-06T05:09:43Z	321 B	229 B	34.117.237.239
cdn-dimi.akamaized.net	unknown	2022-07-07T15:18:25Z	2023-03-06T13:02:36Z	8.5 kB	134 kB	184.31.15.67
rkkmj.dirtyteenagers.com	unknown	2022-06-04T12:18:21Z	2022-12-22T00:20:20Z	591 B	717 B	52.19.101.114
go.gkrtmc.com	unknown	2022-01-24T13:45:18Z	2023-03-05T21:18:51Z	2.0 kB	3.3 kB	172.255.248.105
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-06T05:09:03Z	2.3 kB	6.2 kB	23.36.77.32
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-06T05:10:42Z	1.7 kB	3.5 kB	142.250.74.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-06T08:54:25Z	818 B	22 kB	142.250.74.10
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-06T05:09:12Z	594 B	127 B	44.238.190.151
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-06T05:09:35Z	3.2 kB	57 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-06T05:09:34Z	758 B	2.7 kB	143.204.55.35
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-06T06:00:56Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-08-28	medium	go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1	2.1 kB	2023-03-07	2023-03-07
Pretty URL rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-03-07 01:06:50 Times Seen1 Hash b8a80292ff05ec720e148518358d215e 9fbdf75bc3136f3907e09a3618a56453cc1ad198 a1aa73f7fde60df205b4c2ab1ff765460a26a01b66896aa7a164caa79b3801ca Loading...

	rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1	3.0 kB	2023-03-07	2023-03-07
Pretty URL rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-03-07 01:06:50 Times Seen1 Hash 55208b69d74a90252cd989da36cdbe2b abace31cb5594530c8c8f9cdc7b235c558025104 a281dd9e27e1789ac0899cd211166fd7d70002242712403f20cbad3febdd3978 Loading...

	rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1	358 B	2023-03-07	2023-03-07
Pretty URL rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-03-07 01:06:50 Times Seen1 Hash 76c57cf604438c486c5e433344d4b84c dc8f1f200e4b425d1e2d1e5f4acc118776e450b4 4fa8e772d488e57111eef21daa8381d6f23dff2f509a742b46ad73e6082e5e5e Loading...

	cdn-dimi.akamaized.net/landings/272467/1651156469/js/function.js?1651156469	6.7 kB	2023-03-07	2023-03-07
Pretty URL cdn-dimi.akamaized.net/landings/272467/1651156469/js/function.js?1651156469 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-03-07 01:06:50 Times Seen1 Hash 9fd4fc63fa92401630001a683af5337c 5c3afa33d918c982886ca5045d2cdac80de837df cd0694fd763a14258c70fab4fa181182be7a03fbf947af3b4418e7517e97b2ee Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 19:53:25 Times Seen37099429 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn-dimi.akamaized.net/landings/272467/1651156469/js/captcha_v4.js?1651156469	7.3 kB	2023-03-07	2023-03-07
Pretty URL cdn-dimi.akamaized.net/landings/272467/1651156469/js/captcha_v4.js?1651156469 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-03-07 01:06:50 Times Seen1 Hash da989376f05bfd7e90d84af530d556cc 09a0a57ddee86d852773e88a6396a7945e15166f 510b57fdbd85a3ad6921c6f3ae4eaf634bd6abb7e0f18064c265d65a2308ae5a Loading...

	rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=backuser&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&iexpp=1&j1=1&j3=1&j5=1&j9=1&j8=1	54 B	2023-03-07	2023-03-13
Pretty URL rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=backuser&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&iexpp=1&j1=1&j3=1&j5=1&j9=1&j8=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-03-13 04:18:39 Times Seen1 Hash b8a092df515ed3119c44f540c838585d a94c259520e11c6840ae1073aa4a844f298b1cbf af8b044d64842ae50b6779bbe376cb69b39d67a5af27366715aeb5886ed46e7c Loading...

	go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1	214 B	2023-03-07	2023-04-05
Pretty URL go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1 IP 172.255.248.105 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-04-05 01:54:10 Times Seen23 Hash db888f185ef0a5aacd560b2ebdf5801a 62ae899bed1b545b27ef5dbe037581e1fb55c544 0d532a064a29ec58ac0297fe0d64a35aff9bbdeceac63bcc54a914a426491d5e Loading...

	rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1	785 B	2023-03-07	2024-03-13
Pretty URL rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-03-13 20:15:04 Times Seen195 Hash 9500a9c9d38f7603d0be1edd3b29492e f848ea86edb6288293c8017fce7352d38e204be2 9eee6335b2bbba64382732bc83e49a4af4a3c32a227f0e2301636c6ed02b758a Loading...

	rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1	2.8 kB	2023-03-07	2023-03-07
Pretty URL rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-03-07 01:06:50 Times Seen1 Hash 8fbcab9c43d7efc3f1980410f963c7ca 8f7f7f807199dff1b5aa5b6587443068065fd36d 40b254e217a494c95e30c121514b54d55d3639a2afabe2a951b99683c33ee6ac Loading...

	cdn-dimi.akamaized.net/landings/272467/1651156469/js/translate.js?1651156469	24 kB	2023-03-07	2023-03-08
Pretty URL cdn-dimi.akamaized.net/landings/272467/1651156469/js/translate.js?1651156469 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-03-08 15:26:57 Times Seen1 Hash 550af8d0290ff0ea48907f82fc414e57 cee54a431e714443b9b6fc72436353a69ddadc17 1be243d0637b131fdc1ee6f53f16a80c9b185f453b9822062bb72347deff7d05 Loading...

HTTP Transactions (51)

URL IP Response Size

go.gkrtmc.com/aff_c?offer_id=7234&aff_id=58165&aff_sub5=messenger

172.255.248.105

302 Found

162 B

URL HTTP/1.1
go.gkrtmc.com/aff_c?offer_id=7234&aff_id=58165&aff_sub5=messenger
IP
172.255.248.105:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with no line terminators
Size
162 B (162 bytes)
Hash
a34acec9feace06e12c5e3ac7b8ecfef
f51ef3e05fe84b0d68f3c418a4930ff8fda6ad99
f96750507f77a4687778057ad58e71cd6ae55a0d6d1da4a3757d2b3e73c2c006

HTTP Headers

GET /aff_c?offer_id=7234&aff_id=58165&aff_sub5=messenger HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Sun, 28 Aug 2022 21:25:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 162
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 27 Sep 2022 21:25:54 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
Location: aff_c?offer_id=4856&aff_id=58165&aff_sub5=messenger
Vary: Accept
Cache-Control: no-store, no-cache

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
21b1296f31569e4fb94048c52df34904
3e3194f640d71b9da28e809660443e332bdba310
7ebe5d06efe28c8507b4cdfbf68c6e5bbd9919ba776990fb8a22d90cca0c1c1b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4993
Expires: Sun, 28 Aug 2022 22:49:07 GMT
Date: Sun, 28 Aug 2022 21:25:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 28 Aug 2022 20:25:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eGIXMPxz94wzjOSl7Q7XuPzmXaHq6gsxomoma0miOmkwxGiACne2tA==
Age: 3599

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 27 Aug 2022 22:35:58 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YWRnVqUkkWEzhRrCAPSpSLqXf5J4toxfDn-o0NaBrrFca7YUPdc9YA==
age: 82196
X-Firefox-Spdy: h2

go.gkrtmc.com/aff_c?offer_id=4856&aff_id=58165&aff_sub5=messenger

172.255.248.105

302 Found

496 B

URL HTTP/1.1
go.gkrtmc.com/aff_c?offer_id=4856&aff_id=58165&aff_sub5=messenger
IP
172.255.248.105:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (496), with no line terminators
Size
496 B (496 bytes)
Hash
e3babbe87324059d8f5654456a13b68f
82be127751be7f002a7d8479f247945406439747
87339ab4a4b8e2b0e25f8832d8a12b75d645ee0fe56696421fd92b01ce7c58b7

HTTP Headers

GET /aff_c?offer_id=4856&aff_id=58165&aff_sub5=messenger HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: language=en
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Sun, 28 Aug 2022 21:25:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 496
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 27 Sep 2022 21:25:54 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
4856=37_58165_4856_6f1519a688d27c4097cd5c00496842ed; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 27 Sep 2022 21:25:54 GMT
op_4856=0; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 27 Sep 2022 21:25:54 GMT
user_id=bb49de1a-1f76-40e3-b7b4-f42feacf0216_da4a58f99b9ce349a2d850ccfd4c1eb7; Domain=go.gkrtmc.com; Path=/; Expires=Fri, 27 Aug 2027 21:25:54 GMT; Secure; SameSite=None
Location: /rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1
Vary: Accept
Cache-Control: no-store, no-cache

go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1

172.255.248.105

200 OK

255 B

URL HTTP/1.1
go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1
IP
172.255.248.105:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
997bfcab4e7a51023ff8da026ed4374a
35d15ad133e52c1b9dea0b3696a8719521387a9e
070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1 HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: language=en; 4856=37_58165_4856_6f1519a688d27c4097cd5c00496842ed; op_4856=0
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 Aug 2022 21:25:54 GMT
Content-Type: text/html
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 21:25:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

go.gkrtmc.com/favicon.ico

172.255.248.105

404 Not Found

123 B

URL HTTP/1.1
go.gkrtmc.com/favicon.ico
IP
172.255.248.105:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
123 B (123 bytes)
Hash
c728bf241d9141b8d3100ae5140e09c5
07f0da1bdfadd0354b090781f1e3264ac22b6c39
34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1
Cookie: language=en; 4856=37_58165_4856_6f1519a688d27c4097cd5c00496842ed; op_4856=0

HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 28 Aug 2022 21:25:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b64a12f0b948f8e20e388b9c818c8fa7
f9169f8818b7fa9b0f7ac73916181cd7a6308a10
f9a3516205d2ac6e7c9596c0622c8fcda40a1433f5c31ba2e0038d26603d1562

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9A3516205D2AC6E7C9596C0622C8FCDA40A1433F5C31BA2E0038D26603D1562"
Last-Modified: Sun, 28 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14822
Expires: Mon, 29 Aug 2022 01:32:57 GMT
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 28 Aug 2022 21:17:12 GMT
Cache-Control: max-age=3600
Expires: Sun, 28 Aug 2022 21:42:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hRkfkF5X4MpxOF0eX1LPy9zs45OV-82YBJcnsC5AoaBkQl0SvIYKxg==
Age: 523

cdn-dimi.akamaized.net/landings/272467/1651156469/js/function.js?1651156469

184.31.15.67

200 OK

1.7 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/js/function.js?1651156469
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
1.7 kB (1664 bytes)
Hash
7d0ea0bb0a721384f49fe3bb48d62f14
f361d8725c7e07b9ba73d1b960cc5abc9e2110d2
4e1455940d28871be9cdcdf74964601950ba44dfbbbd6d033f1029c04f66fb74

HTTP Headers

GET /landings/272467/1651156469/js/function.js?1651156469 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: q0U2tZOJNnbFVM3fzkR8KDFXGeLASyMJtl/QidjJcbRvf2JMHOGXgBC/aTQKn61v7sbXPmOIKoc=
x-amz-request-id: WAYR8AHXY4ZX55Q1
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "9fd4fc63fa92401630001a683af5337c"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 1664
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/css/popup.css?1651156469

184.31.15.67

200 OK

621 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/css/popup.css?1651156469
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
621 B (621 bytes)
Hash
d460524cb378ad1c0c5e5e511bd09e1b
9f0f3529eb498bc4eab26766064fab90c2848d50
cd7c12c13371ea9d7c66971dbc66e982efefd25841b09b3546557eb2672340e2

HTTP Headers

GET /landings/272467/1651156469/css/popup.css?1651156469 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 9jwNMekiNJlH1NvGw2vkBEMac1iAN0q8f3JG5x1nh00ZjrSf0pEwFrzllhT3JXNDyyGLDNhiV28=
x-amz-request-id: WAYR7VQ189K3WMBZ
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "32395a25e9d49bea1b5e82464274387f"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 621
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/js/translate.js?1651156469

184.31.15.67

200 OK

9.6 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/js/translate.js?1651156469
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text
Size
9.6 kB (9638 bytes)
Hash
8badcfd10587c70d58dad12af8fea761
c472af3c395b8ae13cc14e5f15ca29e6abe174f4
3c14fc5fa9340e501d21ac34143f896f8951450534b47798d0ee0af453d930f2

HTTP Headers

GET /landings/272467/1651156469/js/translate.js?1651156469 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 821nM9hRcgwDpfACwvbSsAh6tzM6SHB+q28M5uwS8WiMXUpjPU3uq6BAIvRyzzft/n6ce6hTF18=
x-amz-request-id: WAYZN328WN0T811Q
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "550af8d0290ff0ea48907f82fc414e57"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 9638
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/js/jquery-2.2.4.min.js?1651156469

184.31.15.67

200 OK

30 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/js/jquery-2.2.4.min.js?1651156469
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (32065)
Size
30 kB (29855 bytes)
Hash
2fa28552f1ee4e1382ee43930b53afb8
803670da6a35378bf4eb73acc8e72fe4feb5ca30
ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494

HTTP Headers

GET /landings/272467/1651156469/js/jquery-2.2.4.min.js?1651156469 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: hmwSt7vSCZuhTHh1HpLksgDpyG1P+0Ng37aTDh82nAsZm5aTP2YzLrBvErYaz4MlbUtnjRM4L9Y=
x-amz-request-id: WAYZ5KQ911QFT5HR
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/js/captcha_v4.js?1651156469

184.31.15.67

200 OK

1.8 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/js/captcha_v4.js?1651156469
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
1.8 kB (1779 bytes)
Hash
4d446df27c0abb4af02cbb5d24d326ae
f189b21578f8501027767fd3179660709140d7c8
36b3517f9e903488039b7328041d4a4871e62cf557d89f00ab71bd9a661675b3

HTTP Headers

GET /landings/272467/1651156469/js/captcha_v4.js?1651156469 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: HWuJHiZn8iREpEF1Lu5Ryy9xYQOpwIG5yrijXDsL0eOuM6unPVhPRG8ZZyEzV77HeE09L8BlISw=
x-amz-request-id: 7A334BEVGJ4J67HK
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "da989376f05bfd7e90d84af530d556cc"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 1779
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/css/main.css?1651156469

184.31.15.67

200 OK

2.1 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/css/main.css?1651156469
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
troff or preprocessor input, ASCII text
Size
2.1 kB (2050 bytes)
Hash
66d6d9020919e9b5c27a2686a4be2e8a
424af44ead724157bf9612f235c97d580299303c
d77aae4d1d38e0f093d68a9260557e82b723d068b8b0d029e211effa0c0ec3f3

HTTP Headers

GET /landings/272467/1651156469/css/main.css?1651156469 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 9KaBLP2/upJpHaHfLrsFK7KC989GCsKKeTXIFFKC81IfsWZKoWhjS8tHC3VNlA2ll25K5e9L1zA=
x-amz-request-id: WAYJZ62ARTE0V263
Last-Modified: Thu, 28 Apr 2022 16:22:07 GMT
ETag: "6dff8ffa072de95f8e836abcf6096a66"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 2050
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/css/css.css

184.31.15.67

200 OK

487 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/css/css.css
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
487 B (487 bytes)
Hash
172f67a42aff3511bec6b56b9a38202f
197e73f41b5e3bf7752459477d00fe1809000317
d252ca52974e7a1e4f2b7d01210fe8d6a592f391026af7897b0b5b852358a59f

HTTP Headers

GET /landings/272467/1651156469/css/css.css HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/272467/1651156469/css/main.css?1651156469
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
x-amz-id-2: C9tQeGi5/2tgcqL0fIFg8ELGwZFragSloinQwUJk7gf2YpUi3cdKeJZgXooBGlmBig4LpIpm5WY=
x-amz-request-id: WAYV00F9DARXTGV4
Last-Modified: Thu, 28 Apr 2022 16:22:07 GMT
ETag: "2a423589b966f0d0aae2eba461e9d14b"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 487
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
396ffb5d17a8a353f8f748959fcf7966
8301f51528695b9c8a48de0e6e889b603f34308c
a5c0dd3453bdba148aea970cda083b70b3ba680286a6c65878cc369d20f1d216

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1849
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 21:25:55 GMT
Last-Modified: Sun, 28 Aug 2022 20:55:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b60f31bf1dfc910d0b031da4b57aeb9
b8122448f5a86c44f7016a54423d3ed40a13c97a
d90b29d7a5265652ce8ba1b77e47610dde65179be14d5e595e0cd3e214dd26b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 21:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b60f31bf1dfc910d0b031da4b57aeb9
b8122448f5a86c44f7016a54423d3ed40a13c97a
d90b29d7a5265652ce8ba1b77e47610dde65179be14d5e595e0cd3e214dd26b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 21:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-dimi.akamaized.net/landings/272467/1651156469/images/blocked-icon.png

184.31.15.67

200 OK

502 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images/blocked-icon.png
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 23 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
502 B (502 bytes)
Hash
87487ad255dde0624f59abb85602defc
caafad17df41875bed690353ead6cc495a9bf8c2
f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d

HTTP Headers

GET /landings/272467/1651156469/images/blocked-icon.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: rj3SFkCBdJcBkvWFRdANyGUx6o2zy9TJFJO9ftlSrA0V4upKO+AkYGyOkMc7v71HwIFbOPKKy5Y=
x-amz-request-id: 1ENNBGYNSV2745M7
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "87487ad255dde0624f59abb85602defc"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 502
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b60f31bf1dfc910d0b031da4b57aeb9
b8122448f5a86c44f7016a54423d3ed40a13c97a
d90b29d7a5265652ce8ba1b77e47610dde65179be14d5e595e0cd3e214dd26b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 21:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-dimi.akamaized.net/landings/272467/1651156469/images//blocked-icon.png

184.31.15.67

200 OK

502 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images//blocked-icon.png
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 23 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
502 B (502 bytes)
Hash
87487ad255dde0624f59abb85602defc
caafad17df41875bed690353ead6cc495a9bf8c2
f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d

HTTP Headers

GET /landings/272467/1651156469/images//blocked-icon.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: rj3SFkCBdJcBkvWFRdANyGUx6o2zy9TJFJO9ftlSrA0V4upKO+AkYGyOkMc7v71HwIFbOPKKy5Y=
x-amz-request-id: 1ENNBGYNSV2745M7
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "87487ad255dde0624f59abb85602defc"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 502
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_01.jpg

184.31.15.67

200 OK

4.4 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_01.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size
4.4 kB (4418 bytes)
Hash
c055214619483e5aa9d107f8774cd537
572410e2bfbf6c6e56fd8e0f9ee6be66aaef8794
7bf1f67bd28f031724eb22cc5430d09a754ee9cd77ba5694a436f69ba0bca384

HTTP Headers

GET /landings/272467/1651156469/images//1_01.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: zWXtpH3cI9sXlszsdLo0glQdCJ+Q9m5zNEVNE8cm5wWk3MY8ocMWdkrNvBAxCuNa84uXQdZ9BN0=
x-amz-request-id: 20GYY1YG5D9QDBA9
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "c055214619483e5aa9d107f8774cd537"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 4418
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

fonts.googleapis.com/css2?family=Cinzel:wght@400;700&display=swap

142.250.74.10

200 OK

6.7 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Cinzel:wght@400;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
6.7 kB (6714 bytes)
Hash
54508ed67abcd974ef9d329820620427
afe1f099b1ea6573fa421e37b7b4611a3b55697f
9c9613d4e0f95ec3e6b27b17b9a529edae6dcbcd04c820a256a5b8e1b8032d06

HTTP Headers

GET /css2?family=Cinzel:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Aug 2022 21:25:55 GMT
date: Sun, 28 Aug 2022 21:25:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_05.jpg

184.31.15.67

200 OK

7.5 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_05.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size
7.5 kB (7514 bytes)
Hash
e53dfbbdc4b9eacea79802f8844391b3
cb0775e9475c80fe99969c38a4a5183d725373df
41910f202c17ed6631f2dd0715f7fc3112ff48ee042d7986206b0fca81c1e5e9

HTTP Headers

GET /landings/272467/1651156469/images//1_05.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: uPbQ+bJAKvXrM8+eSGbs8K5Vy6CChBG65iul4B4bVLGub2UDQtVFr78AksemJdMUqOAZkCfveVA=
x-amz-request-id: SFHN4CM81VA221A8
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "e53dfbbdc4b9eacea79802f8844391b3"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7514
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_04.jpg

184.31.15.67

200 OK

5.3 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_04.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size
5.3 kB (5344 bytes)
Hash
7ec11c7760a6a5a5de22f6fc453b4ddc
f40cf305a40946b5060aec3a307261efada4468a
ec18bd62f2438e936d8cdf2ea310159ab74561f41e99dae10c38d955e44cb5a3

HTTP Headers

GET /landings/272467/1651156469/images//1_04.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: s62YhYxuSPIbfqd/tBBub5RuxLImCc/QdY9hqqVHg2DCls19JIDB07ZDmypnS82yOdCjpBG7XVY=
x-amz-request-id: SFHS5TWPSYN8RS87
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "7ec11c7760a6a5a5de22f6fc453b4ddc"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 5344
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_03.jpg

184.31.15.67

200 OK

3.8 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_03.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size
3.8 kB (3836 bytes)
Hash
24a4ee91af3e16776caa218e0ef4f35b
cbe972685220dc7ce658b6b458ed93452aea7e90
71f511d132a578fa822b73d3951ddc683e90cb211a988d85ea8473533e6bc44f

HTTP Headers

GET /landings/272467/1651156469/images//1_03.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 2K3a7ke9vJqDl0LWC+TIZ3G2z6SCixOzzw8xKtLTwsuTByFfjqfKV5RGYufTpRsV0BFCpfw2leU=
x-amz-request-id: 20GZNP4AVK7M3TNW
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "24a4ee91af3e16776caa218e0ef4f35b"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 3836
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_06.jpg

184.31.15.67

200 OK

7.1 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_06.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size
7.1 kB (7103 bytes)
Hash
8b5ecef44b9507ed6adb209e0cfb4569
9c30c2ab27b513110da27307ae510d36b603df85
f7e01e564ceaa70552260fd6998c98972926decc802e13196df9a40e9e3bcdae

HTTP Headers

GET /landings/272467/1651156469/images//1_06.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: IkgEFAjVRlBBDaflGslCvAn1QJNhIl9iAmEdbGMVBzPli1B8GCOjzDVOERecwJILuLj7PHaubSg=
x-amz-request-id: SFHHT7WDE778PKNK
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "8b5ecef44b9507ed6adb209e0cfb4569"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7103
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_07.jpg

184.31.15.67

200 OK

5.2 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_07.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size
5.2 kB (5242 bytes)
Hash
e3bb22992ae95c6aaa3c234f945ac770
ad0f44086781d2eff1e6397dac8eccfeb932bfd0
d6ee1ba746e78956661c2616cbe8255e4bc6f6c0c6fdc379140f610e8ad5d30e

HTTP Headers

GET /landings/272467/1651156469/images//1_07.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: GeHvUbpad2TA532OSh5+qn1+25VqhFmkkcOUw7vvvG2DVvAJDDmvcsKw+76n12drADIkKC1DnVc=
x-amz-request-id: SFHWEVYAVVDXZRR8
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "e3bb22992ae95c6aaa3c234f945ac770"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 5242
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_08.jpg

184.31.15.67

200 OK

10 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_08.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size
10 kB (10441 bytes)
Hash
8170bbf94084b43ddb4ff577301b80da
2c2d1a83305fdf7acb0ea8abe6c25e77de0d21da
f69cb6a0a0ec9255edd4269011e7d6d5cef74f2475936cec3ec96f3a9b4438f8

HTTP Headers

GET /landings/272467/1651156469/images//1_08.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 2+0JUNRBtZzqyvdS27NAM5m1dH37D5bNJkZAaZyMRpdfhqHU9hzPr4GF+/Gg9qUZSRIi9Whjg34=
x-amz-request-id: SFHVW40EEVQT404B
Last-Modified: Thu, 28 Apr 2022 16:22:07 GMT
ETag: "8170bbf94084b43ddb4ff577301b80da"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 10441
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_09.jpg

184.31.15.67

200 OK

5.9 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images//1_09.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size
5.9 kB (5946 bytes)
Hash
66c24e49341e4959fafdfc09d3ac9f0d
1b527772a5105eddfa42d926c897f88a3fc8be88
8af75c87ce4cd57acf9b6085be9830fe19ef1e0a2e3767fc06214bd03fd3d282

HTTP Headers

GET /landings/272467/1651156469/images//1_09.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: XulJZtx+y7XxaGrLDy4KFUD8JB686CXAl6c4wwL7+plt0E6iDEscA66LwE+4M+6TZHOhYLfki3E=
x-amz-request-id: FQ4VXAT52873JZCJ
Last-Modified: Thu, 28 Apr 2022 16:22:07 GMT
ETag: "66c24e49341e4959fafdfc09d3ac9f0d"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 5946
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/272467/1651156469/images/JTUSjIg1_i6t8kCHKm459WlhzQ.woff

184.31.15.67

200 OK

24 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images/JTUSjIg1_i6t8kCHKm459WlhzQ.woff
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, TrueType, length 23480, version 1.1\012- data
Size
24 kB (23480 bytes)
Hash
8102c4838f9e3d08dad644290a9cb701
5af1938d1327395f47c84e57b6ba7756234d2262
60cebea4c9183f51fbd323f14dd729e18768be4f6395467013216ae36526cf9c

HTTP Headers

GET /landings/272467/1651156469/images/JTUSjIg1_i6t8kCHKm459WlhzQ.woff HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rkkmj.dirtyteenagers.com
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: X6onjQNmx7+MUX8E6+g9YijfSVc6DGu9/P9rF4FngTvCqaYYh/76SSeRCoKbcfMMlfbdpPqmmUQ=
x-amz-request-id: 1ENHTT00GGXY085E
Last-Modified: Thu, 28 Apr 2022 16:22:05 GMT
ETag: "8102c4838f9e3d08dad644290a9cb701"
Accept-Ranges: bytes
Content-Type: application/x-font-woff
Server: AmazonS3
Content-Length: 23480
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1bb8df25d5aa0c6ff660f97b81e64458
be7596032c78bc836b7e780a3b20e5d5518f89f3
80892cb99d64aa076366b4b9fb5f303271d0e97fd9d7734402f571027fb490e8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 21:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap

142.250.74.10

200 OK

14 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (13841 bytes)
Hash
c16883534e5149c1291829310779bb5c
184017d915a661a5f4eced7c77f7d5a9666b6fd3
2983c1a35cbd0b667c13f4eb29aa45a08dadddb2af24d576ce1d428e35503619

HTTP Headers

GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Aug 2022 21:25:55 GMT
date: Sun, 28 Aug 2022 21:25:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/images/favicon.ico

184.31.15.67

200 OK

4.1 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/images/favicon.ico
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 3PLd1JbxzMUZnvLfJ08LlqJVa0X1bm3g8lDKKuDaPcpHRGpUOyvL763tb+Zgy/zeSb8kMvb/P10=
x-amz-request-id: 2XWP9N688THY1C8H
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 4103
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

push.services.mozilla.com/

44.238.190.151

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.238.190.151:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2ajNMFpGkigb7feEyhIJrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EzAqbVFb963Zx9QOj7jPSha37dc=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1bb8df25d5aa0c6ff660f97b81e64458
be7596032c78bc836b7e780a3b20e5d5518f89f3
80892cb99d64aa076366b4b9fb5f303271d0e97fd9d7734402f571027fb490e8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 21:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 28 Aug 2022 22:18:04 GMT
Date: Sun, 28 Aug 2022 21:25:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 28 Aug 2022 22:18:04 GMT
Date: Sun, 28 Aug 2022 21:25:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 28 Aug 2022 22:18:04 GMT
Date: Sun, 28 Aug 2022 21:25:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 28 Aug 2022 22:18:04 GMT
Date: Sun, 28 Aug 2022 21:25:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 28 Aug 2022 22:18:04 GMT
Date: Sun, 28 Aug 2022 21:25:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ffd5e13-a021-41cd-b8a0-c47ab5824b67.jpeg

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ffd5e13-a021-41cd-b8a0-c47ab5824b67.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6143 bytes)
Hash
85306ac4e917d959101d95a326ecede9
d4034cc5264cce974cc6c5e38a712170fe2640cf
dc10c89e607d309e9f9b5ef5856a2775bc0e96629a09a03641af3fc8a7b6f468

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ffd5e13-a021-41cd-b8a0-c47ab5824b67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6143
x-amzn-requestid: b714dab3-5fd9-49ab-85c3-be842523fe5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitbkFZRIAMF5pQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f7d-61caf56c26c2365762b0165d;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:41:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tmJzZhBRPLy8YUEJZ1Ha17ySrq77JD3nZFNTZY8GNc5dvKPVVpPmZQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:53:51 GMT
age: 84725
etag: "d4034cc5264cce974cc6c5e38a712170fe2640cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7505 bytes)
Hash
ef5729bf444dd3cc7b8e7945187e09ee
ec62fa681d45d696fc7308fede11cd16979594fd
34d5df4a669399f171489c9cd0f90a53eea21c35c1ccd310df39cc356c9922cd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7505
x-amzn-requestid: 66ed5a9b-1b9c-40c4-b757-7c13e9dc6410
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitJxFFSIAMFhrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f0b-24404d4f7a2cae8f4c3bcb97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:39:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: r5P4oNSmxtoViJUfOF5jx7lWb9H1mGWPalhuWVplCADHXoUU_lcccg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:11:06 GMT
etag: "ec62fa681d45d696fc7308fede11cd16979594fd"
content-type: image/jpeg
age: 83690
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0c25f-9ee9-4270-8c84-3f4087fa909d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11901 bytes)
Hash
e619074d7134995ce35ea8e904053165
aa2f0fdb2fcfb0e6d33f520baf0d69af261129e4
a725cb2c6eddc63bdf463943f3ed045b564471e3a32f911caba37d82a7c1f0f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0c25f-9ee9-4270-8c84-3f4087fa909d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11901
x-amzn-requestid: 830f99b6-b678-4ad4-913f-94923fa289e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitVpFJWIAMFo1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f57-64bfc0256b49c9351c59a0a3;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HOIciw-U_MePRwtV_1mbSpSwrMq4jUTo5K6Tm4kBmd-jvOptN1dbvA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:09:02 GMT
age: 83814
etag: "aa2f0fdb2fcfb0e6d33f520baf0d69af261129e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c51c541-314b-4130-a3af-d06caf60bb7b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7058 bytes)
Hash
d86049a1b34617a0d41fb4ef97009303
0c0aa0266043aa373afb74a15ab605fba7ceb654
02bcd4310d68f5cffd90c1cced9e9789876f3c51c1edb21f9b0dec1e659118b6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c51c541-314b-4130-a3af-d06caf60bb7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7058
x-amzn-requestid: 9059da6e-9360-445d-8605-e05f29234b44
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiuGcGYqoAMFRfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a908f-3faf9a64271fb8a02010d3e5;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:45:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: IevbIr8ZUpryBbm6-c5-3MXJ4eXrXrHxTFGNl3-alDedXci9AzRzxw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:24:08 GMT
etag: "0c0aa0266043aa373afb74a15ab605fba7ceb654"
content-type: image/jpeg
age: 82908
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78cd7e71-95b2-4fb2-99cc-1b8645fc4d73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10824 bytes)
Hash
e0a52aaf6cfd3c91ef396ec21e668634
96e49f02f48d8e212335722d7a95eba9b21050de
edd20b6a1790cc65fd16f64e6e58c01140d814ffb27a6fe6f41c7dc285a76b2b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78cd7e71-95b2-4fb2-99cc-1b8645fc4d73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10824
x-amzn-requestid: abf116d5-7ffd-4100-bbbb-f8ebcc903e48
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaJqgGfToAMFfmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307230f-058b88810d3d902475af52a3;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:21:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 1QjI_En26B7SLes62WrxkEODPzBCDiUUo8ttH3vOUYsTTTo-ucHIqA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 07:43:27 GMT
age: 49349
etag: "96e49f02f48d8e212335722d7a95eba9b21050de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c76ac95-9347-4b2c-b714-273aa0c3ce73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6921 bytes)
Hash
f492a725bd0ff1ffb9bda36a618c8163
54ebcbafcc02053b2e9477ef29e89c9924abb9e0
bbe69be8f14be3d6fdf09fee9cfdcee5847875bc9f6f6097e4afe1692553c125

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c76ac95-9347-4b2c-b714-273aa0c3ce73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6921
x-amzn-requestid: 727cc3c0-9535-43cf-8aa6-1f46d74a5e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xis-bGrXIAMF6ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8ec2-4794034041513a7022688600;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s_ITjoM4nQ-z0l4iSmsxpbalk2wXhRMjw_00b6NbSh5MCHvFApfPpg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:10:01 GMT
age: 83755
etag: "54ebcbafcc02053b2e9477ef29e89c9924abb9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1

52.19.101.114

200 OK

0 B

URL HTTP/2
rkkmj.dirtyteenagers.com/c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1
IP
52.19.101.114:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1 HTTP/1.1
Host: rkkmj.dirtyteenagers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://go.gkrtmc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 21:25:55 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=630bdd6300022ca6; Path=/; Expires=Thu, 27 Oct 2022 21:25:55 GMT; Secure; SameSite=None
unique_id2=630bdd630003cbe3; Path=/; Expires=Sat, 26 Nov 2022 21:25:55 GMT; Secure; SameSite=None
630bdd630003cbe3_c=1; Path=/; Expires=Sat, 26 Nov 2022 21:25:55 GMT; Secure; SameSite=None
ref_token=20904; Path=/; Expires=Tue, 27 Sep 2022 21:25:55 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Sun, 28 Aug 2022 21:25:55 GMT; Secure; SameSite=None
630bdd630003cbe3_sl=[272467]; Path=/; Expires=Sun, 11 Sep 2022 21:25:55 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/272467/1651156469/images/2.mp4

184.31.15.67

206 Partial Content

0 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/272467/1651156469/images/2.mp4
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landings/272467/1651156469/images/2.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 206 Partial Content
x-amz-id-2: mAey8XDucWDlE6nAdJmulTWYFA+rP9xaFRKPT3w1fKCsOHrVN/ESdTacUyR9Fibc3+8vOS8W3H0=
x-amz-request-id: 1ENJHH16TC30F9AR
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "8a5b2a8272d3f75839eaf91af309f6bc"
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Range: bytes 0-1414763/1414764
Content-Length: 1414764
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP