Report - findpdf.net/A-Brothers39-Revival-The-Story-of-the-Wesleys-Lycoming-College.html

Report Overview

Submitted URL
findpdf.net/A-Brothers39-Revival-The-Story-of-the-Wesleys-Lycoming-College.html
IP
67.227.226.240
ASN
#32244 LIQUIDWEB
Submitted
2023-01-28 08:12:04
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
alia-iso.com	unknown	2022-12-19T09:09:53Z	2023-03-13T05:42:10Z	1.9 kB	2.4 kB	52.7.54.238
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	830 B	34 kB	104.17.24.14
winnersailor.com	unknown	2022-06-07T11:40:43Z	2023-02-27T01:21:20Z	539 B	3.4 kB	188.114.96.1
begin-offers.com	unknown	2022-12-27T09:49:04Z	2023-01-28T20:41:01Z	608 B	40 kB	104.21.70.148
o445185.ingest.sentry.io	unknown	2020-09-15T12:39:18Z	2023-03-07T15:28:49Z	537 B	512 B	34.120.195.249
healsailor.com	unknown	2023-01-13T20:20:00Z	2023-02-02T10:09:35Z	687 B	1.7 kB	172.67.143.27
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.209.122.114
cartining-specute.com	unknown	2021-02-01T00:37:43Z	2023-03-13T06:57:55Z	914 B	654 B	18.197.36.77
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.8 kB	128 kB	216.58.211.3
polyfill.io	102644	2016-02-12T01:04:58Z	2023-03-13T07:52:43Z	397 B	722 B	151.101.1.26
iframe.cloudflarestream.com	unknown	2019-07-05T15:40:24Z	2023-03-09T14:35:27Z	564 B	840 B	104.16.96.114
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-13T08:10:58Z	350 B	966 B	54.230.80.227
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	1.9 kB	104.18.20.226
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	417 B	630 B	142.250.74.106
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
findpdf.net	unknown	2012-11-04T09:40:36Z	2023-03-09T15:57:07Z	1.4 kB	3.8 kB	67.227.226.240
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	23.36.77.32
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	58 kB	34.120.237.76
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	604 B	93.184.220.29
customer-tqjuowcwyvj09sgh.cloudflarestream.com	unknown	2022-09-05T10:13:42Z	2023-03-07T17:00:48Z	2.3 kB	242 kB	104.16.96.114

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	begin-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYwOTkyMCwic2VjcmV0IjoiNTUxOWIwYzg2ZTlmZDI1ZCIsImRvbWFpbiI6ImhlYWxzYWlsb3IuY29tIiwiYXBpIjoib3B0aW11cy1sZCJ9	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	begin-offers.com/bitcoin-era/js/index.js	12 kB	2023-03-08	2023-03-14
Pretty URL begin-offers.com/bitcoin-era/js/index.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:58:55 Last Seen2023-03-14 12:46:34 Times Seen1 Hash 6933f10ca5da08aeeb0082c54f23cd4e 825a1081ab765a20f2978d35fc9914111311b7ff a981a91ee8631d7c999948e29ea13f8e362453cae6cf8d4e2c3e6bf3aec33c89 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 19:14:44 Times Seen118542 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	www.google.com/recaptcha/api.js?onload=f1tRecaptchaCallback&render=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc	947 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?onload=f1tRecaptchaCallback&render=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:46:09 Last Seen2023-03-13 14:31:11 Times Seen1 Hash ec7ab53f1ed66e55fdd15d8df9033266 7a0269b2d0fb9ec89847d2b54d85905ae7e179cf b8487125c292c425028901126552e3144c65ce21c17b7c4c8e87784c1cb07cc7 Loading...

	polyfill.io/v3/polyfill.min.js	101 B	2023-03-07	2024-04-04
Pretty URL polyfill.io/v3/polyfill.min.js IP 151.101.1.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:52 Last Seen2024-04-04 19:28:27 Times Seen15744 Hash 66a7d2a5dd73e9fca370d85360c85447 2e4ca9cb2ed0fcd0436ee10516b2bb441fc16a63 d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72 Loading...

	customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/437.801d47c8.chunk.js	22 kB	2023-03-07	2023-07-07
Pretty URL customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/437.801d47c8.chunk.js IP 104.16.96.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:18 Last Seen2023-07-07 07:29:27 Times Seen173 Hash abac150b3577d7480a74a55d99036272 a51468d92f3f7d5ffb3c37307b0dbbaa663050aa b62fdce22fe976f0097b1342eed8bd9ae117e9a76e342585f61a2960bba45ca7 Loading...

	customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/887.fb639d1f.chunk.js	36 kB	2023-03-07	2023-03-14
Pretty URL customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/887.fb639d1f.chunk.js IP 104.16.96.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:18 Last Seen2023-03-14 17:14:06 Times Seen1 Hash 7166a8708d577019d90495202e7dd78b 3bd81c65acec04a8c1e9b29473895ad8a9d15183 141b3dfecd47579624a59774b541eb6cbdc65163fa82d012bcf748e69c445b89 Loading...

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js	412 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:01:06 Last Seen2023-03-13 15:37:41 Times Seen1 Hash 10fa8a547b2ef125150037f815579540 32d80f0b24826584a73c4113d51300b7666282cb a0a04c24a9bdaac0e8aa2d22df95a7ae8c0d744a31b732da3d6e4bb279c79e40 Loading...

	findpdf.net/A-Brothers39-Revival-The-Story-of-the-Wesleys-Lycoming-College.html	1.5 kB	2023-03-13	2023-03-13
Pretty URL findpdf.net/A-Brothers39-Revival-The-Story-of-the-Wesleys-Lycoming-College.html IP 67.227.226.240 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:30:23 Last Seen2023-03-13 09:30:23 Times Seen1 Hash 1e5ebbd638229f3c31d95b04ae8ffb97 4555fdf7c798e5991d9ef1073189e8e8f9f9e7b0 23eafabace7818a0716588b3ffb156e3d667d494b221d29089739074ec1b1849 Loading...

	findpdf.net/page/bouncy.php?&bpae=GbhGdL0GvEx7j3O0K%2FSMkGA9KXfdADGbYcE2Br5wYm4HaHbjD7frvly%2F5sHVSdKH%2BjcsKk4TTFpAIzD%2Bka2V6vNMyAw3phcb%2Fw%2BGFMaU9UYKz0htGLUX85Tf4LBfIpFk2v2FQYxKrcwX1B3dA8uukv7VrEWsSLt9%2BghLIaHrWhOeaDReGZS1heFs%2FGdDeje2iSJTm1HHUkAWDfa4zo4Dg%2FjsW%2Bm2Nd%2FLoxwhm1X1LPI3Kis9aCYZpiy1VHu3S2lRgQKgC00Pb7m%2FsZrMDdzKExYFd7udjaxrDxLlBelrK8MJpx4Ru9KfQOv35pugoK2mpYxTVW33o%2B9puTYQcNArZzwL8N45K9cr3bD5VTr6Chvr9qq9vKA2NSDnHPPVdJuJhdWBYHtH76fWtdP85YjvjSRIE1XaHvmv073sWml45N%2F59DNiIhm5AunzrAyZmOIytkA1dSrRImOHREkdV2Di2HmmCEBvT2lnxV3J4JgnoIvUpH7Ymm1Vk9Eu&redirectType=js&inIframe=false&inPopUp=false	702 B	2023-03-13	2023-03-13
Pretty URL findpdf.net/page/bouncy.php?&bpae=GbhGdL0GvEx7j3O0K%2FSMkGA9KXfdADGbYcE2Br5wYm4HaHbjD7frvly%2F5sHVSdKH%2BjcsKk4TTFpAIzD%2Bka2V6vNMyAw3phcb%2Fw%2BGFMaU9UYKz0htGLUX85Tf4LBfIpFk2v2FQYxKrcwX1B3dA8uukv7VrEWsSLt9%2BghLIaHrWhOeaDReGZS1heFs%2FGdDeje2iSJTm1HHUkAWDfa4zo4Dg%2FjsW%2Bm2Nd%2FLoxwhm1X1LPI3Kis9aCYZpiy1VHu3S2lRgQKgC00Pb7m%2FsZrMDdzKExYFd7udjaxrDxLlBelrK8MJpx4Ru9KfQOv35pugoK2mpYxTVW33o%2B9puTYQcNArZzwL8N45K9cr3bD5VTr6Chvr9qq9vKA2NSDnHPPVdJuJhdWBYHtH76fWtdP85YjvjSRIE1XaHvmv073sWml45N%2F59DNiIhm5AunzrAyZmOIytkA1dSrRImOHREkdV2Di2HmmCEBvT2lnxV3J4JgnoIvUpH7Ymm1Vk9Eu&redirectType=js&inIframe=false&inPopUp=false IP 67.227.226.240 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:30:23 Last Seen2023-03-13 09:30:23 Times Seen1 Hash 3462f6bfedfacd25715bafd134a19149 960577db4e6c93f3fd983b952b5213ecc3e84b4d 3e498c86e8f0de44b6946f13384ec13f526888407f8327c87a802e8bd64c3982 Loading...

	alia-iso.com/zcvisitor/6cc7032b-9ee3-11ed-8c72-129ff9135a05/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=e7573180-76db-11ed-9544-0a918cbcbb97	849 B	2023-03-13	2023-03-13
Pretty URL alia-iso.com/zcvisitor/6cc7032b-9ee3-11ed-8c72-129ff9135a05/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=e7573180-76db-11ed-9544-0a918cbcbb97 IP 52.7.54.238 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:30:23 Last Seen2023-03-13 09:30:23 Times Seen1 Hash 985b737220ba25dcce532b6adbf5ab3f c159d642cb25186c76056d38a41532b63a32af0d 5acf5fb5fbf2aef93d55f2c50568bc222c058965445b6c584409d51fc7336534 Loading...

	alia-iso.com/zcredirect?visitid=6cc7032b-9ee3-11ed-8c72-129ff9135a05&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	319 B	2023-03-13	2023-03-13
Pretty URL alia-iso.com/zcredirect?visitid=6cc7032b-9ee3-11ed-8c72-129ff9135a05&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 52.7.54.238 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:30:23 Last Seen2023-03-13 09:30:23 Times Seen1 Hash 1304b311c0476f00c9de5df6dd945cad 0e89b05c209f147fa36a0bba73e3eeec4745d593 33291bff53f57948e4cb60617b9f7618ed1f8e3496ccaad2fd34d3547baa2898 Loading...

	begin-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYwOTkyMCwic2VjcmV0IjoiNTUxOWIwYzg2ZTlmZDI1ZCIsImRvbWFpbiI6ImhlYWxzYWlsb3IuY29tIiwiYXBpIjoib3B0aW11cy1sZCJ9	75 B	2023-03-08	2024-04-19
Pretty URL begin-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYwOTkyMCwic2VjcmV0IjoiNTUxOWIwYzg2ZTlmZDI1ZCIsImRvbWFpbiI6ImhlYWxzYWlsb3IuY29tIiwiYXBpIjoib3B0aW11cy1sZCJ9 IP 104.21.70.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:58:56 Last Seen2024-04-19 11:36:10 Times Seen3 Hash 7bb8ea835c2a09156ddf221d8821f46e 7f7c03df97c4c6da17cabf8226f8545536917b44 17bcd3facd962c8d6c1c1403e4b76fadbe2105842a0e396f86a519b7ae3eb192 Loading...

	begin-offers.com/static/funnels-sdk/v6/dist/assets/js/main.min.js?v=6.1.7	359 kB	2023-03-13	2023-12-04
Pretty URL begin-offers.com/static/funnels-sdk/v6/dist/assets/js/main.min.js?v=6.1.7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:06:04 Last Seen2023-12-04 21:51:52 Times Seen6 Hash fdd5ea64d1abbbb499940babf814ac5b b156bce8fc0df96575fa289e6ae02f01fac0904f b81c3bc1fa7c97feb68a4fe9237d4392a66da3c5ca440a2e9b8c597d633b2db8 Loading...

	begin-offers.com/static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js	96 kB	2023-03-07	2024-02-07
Pretty URL begin-offers.com/static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:46:10 Last Seen2024-02-07 09:19:14 Times Seen40 Hash 17d612404d9731db67630ee297f66abd 9ef5280325d5ea01df58a3e85567184253b17430 6150752db531183dee8aa964cc8bca035e2688be412515c8a6a1566e3d059dad Loading...

	begin-offers.com/bitcoin-era/js/custom.js	1.0 kB	2023-03-08	2023-03-14
Pretty URL begin-offers.com/bitcoin-era/js/custom.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:58:55 Last Seen2023-03-14 12:46:34 Times Seen1 Hash 4cd72537421ffb19dc59933773f369fc f9a5937522ffd72ce08852547d421ce7bc9be30a bae0f45460d4cf6289029c6462961dc65d5d04edef84c8dd377bb9f43cf72064 Loading...

	customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=3b52b4f7fc368dfabd2a8e562b76bdfa	774 kB	2023-03-08	2023-04-15
Pretty URL customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=3b52b4f7fc368dfabd2a8e562b76bdfa IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:58:56 Last Seen2023-04-15 12:46:10 Times Seen6 Hash f0706de51bb79f0fcd66dd783c9fe443 9dbcfe69fa75876f6b0b8a8eef386c1e6f12cd89 4c93c40e39658aebd2334c2dcb54dc54e4178e812bb270fd949935e115caf00c Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc&co=aHR0cHM6Ly9iZWdpbi1vZmZlcnMuY29tOjQ0Mw..&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=b918rbs7msso	69 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc&co=aHR0cHM6Ly9iZWdpbi1vZmZlcnMuY29tOjQ0Mw..&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=b918rbs7msso IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 22:54:58 Times Seen99085 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc&co=aHR0cHM6Ly9iZWdpbi1vZmZlcnMuY29tOjQ0Mw..&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=b918rbs7msso	35 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc&co=aHR0cHM6Ly9iZWdpbi1vZmZlcnMuY29tOjQ0Mw..&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=b918rbs7msso IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:30:23 Last Seen2023-03-13 09:30:23 Times Seen1 Hash 7d356aa2bc26f68337f3924a4101b347 2dc4ddb683dfd6ae27e0ccf1382d831f3b5e69fc cae19361c1d940b3a506719bffa71842f40e56ce3b0c8abadbe81a3bac1382b9 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d7aec0eb4329ec6812e51eb2a3fab1a8	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 19:39:52 Last Seen2023-03-13 17:26:35 Times Seen1 Hash d7aec0eb4329ec6812e51eb2a3fab1a8 1d51133eb4e741d9a5d96d1e8ec7944653ca4161 569ca77f87058495ab438ddd60282e2438f2c62bd040b56cff89232d3fc12356 Loading...

	#2 Eval - 05d96224839b72f0df81e8225144d378	62 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 19:39:52 Last Seen2023-03-13 17:26:35 Times Seen1 Hash 05d96224839b72f0df81e8225144d378 8d22a7d4163ee0ddaa42d5e7213f016c171710cc 54f7e5c8791fdd930e2cb2bc5f7fa5b7eaa741341ed10a401c999169db515488 Loading...

	#3 Eval - 782709676279fc3e5a27c5d3c2463afc	16 kB	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 19:39:52 Last Seen2023-03-13 17:26:35 Times Seen1 Hash 782709676279fc3e5a27c5d3c2463afc 11588c15760d7bc9fa3143c1be09dcae20861ce8 9379275ad27034fcf68d55a7ad83cb0c3e44ebdca2bde908b345ba36c18a09ae Loading...

	#4 Eval - a54d7f6105d0228b4c05928563eda75f	18 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 09:30:23 Last Seen2023-03-13 09:30:23 Times Seen1 Hash a54d7f6105d0228b4c05928563eda75f 36594e45d6b33b26bf2bca4f03b479285ac2aff4 61e32fb658e9ea48db529f6aeb90a00c55954a961fcb27f487ae947140c71f21 Loading...

	#5 Eval - c81b46ad8d2d428c18483be3a40b6d64	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 19:39:52 Last Seen2023-03-13 17:26:34 Times Seen1 Hash c81b46ad8d2d428c18483be3a40b6d64 df4f47063bbb236fb0523516df0f1e80bdf3ff33 e12c1209e13ba8bc70ecfd0a5fd091233268871a34a1c46780d258ae2c14fa8e Loading...

HTTP Transactions (52)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Sat, 28 Jan 2023 11:28:54 GMT
Date: Sat, 28 Jan 2023 08:11:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14943
Expires: Sat, 28 Jan 2023 12:20:56 GMT
Date: Sat, 28 Jan 2023 08:11:53 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 07:43:04 GMT
content-type: application/json
age: 1729
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10175
Expires: Sat, 28 Jan 2023 11:01:28 GMT
Date: Sat, 28 Jan 2023 08:11:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 6aYQ61Y9Vvw5aq4lI9jh80ctdnhEXSat5t+9hXdjwJAo7xj5zpbykSLGUhzmB8nQ/T+utQaLzp0=
x-amz-request-id: GTZN8016G6EZ14G2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 07:20:53 GMT
age: 3060
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 08:11:53 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 07:49:03 GMT
age: 1371
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

findpdf.net/A-Brothers39-Revival-The-Story-of-the-Wesleys-Lycoming-College.html

67.227.226.240

200 OK

2.2 kB

URL HTTP/1.1
findpdf.net/A-Brothers39-Revival-The-Story-of-the-Wesleys-Lycoming-College.html
IP
67.227.226.240:0
ASN
#32244 LIQUIDWEB

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (622)
Size
2.2 kB (2242 bytes)
Hash
bbd2c6d27bdbce97a0e604575b6bc2db
d8dd4476fcd7d03bd46e5971c724c5ab637a137e
5d413ad5533246e7cb7dfa645072f5c9758a70623bdd56251891ac19bdd228b3

HTTP Headers

GET /A-Brothers39-Revival-The-Story-of-the-Wesleys-Lycoming-College.html HTTP/1.1
Host: findpdf.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 08:11:53 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12672
Expires: Sat, 28 Jan 2023 11:43:06 GMT
Date: Sat, 28 Jan 2023 08:11:54 GMT
Connection: keep-alive

findpdf.net/page/bouncy.php?&bpae=GbhGdL0GvEx7j3O0K%2FSMkGA9KXfdADGbYcE2Br5wYm4HaHbjD7frvly%2F5sHVSdKH%2BjcsKk4TTFpAIzD%2Bka2V6vNMyAw3phcb%2Fw%2BGFMaU9UYKz0htGLUX85Tf4LBfIpFk2v2FQYxKrcwX1B3dA8uukv7VrEWsSLt9%2BghLIaHrWhOeaDReGZS1heFs%2FGdDeje2iSJTm1HHUkAWDfa4zo4Dg%2FjsW%2Bm2Nd%2FLoxwhm1X1LPI3Kis9aCYZpiy1VHu3S2lRgQKgC00Pb7m%2FsZrMDdzKExYFd7udjaxrDxLlBelrK8MJpx4Ru9KfQOv35pugoK2mpYxTVW33o%2B9puTYQcNArZzwL8N45K9cr3bD5VTr6Chvr9qq9vKA2NSDnHPPVdJuJhdWBYHtH76fWtdP85YjvjSRIE1XaHvmv073sWml45N%2F59DNiIhm5AunzrAyZmOIytkA1dSrRImOHREkdV2Di2HmmCEBvT2lnxV3J4JgnoIvUpH7Ymm1Vk9Eu&redirectType=js&inIframe=false&inPopUp=false

67.227.226.240

200 OK

982 B

URL HTTP/1.1
findpdf.net/page/bouncy.php?&bpae=GbhGdL0GvEx7j3O0K%2FSMkGA9KXfdADGbYcE2Br5wYm4HaHbjD7frvly%2F5sHVSdKH%2BjcsKk4TTFpAIzD%2Bka2V6vNMyAw3phcb%2Fw%2BGFMaU9UYKz0htGLUX85Tf4LBfIpFk2v2FQYxKrcwX1B3dA8uukv7VrEWsSLt9%2BghLIaHrWhOeaDReGZS1heFs%2FGdDeje2iSJTm1HHUkAWDfa4zo4Dg%2FjsW%2Bm2Nd%2FLoxwhm1X1LPI3Kis9aCYZpiy1VHu3S2lRgQKgC00Pb7m%2FsZrMDdzKExYFd7udjaxrDxLlBelrK8MJpx4Ru9KfQOv35pugoK2mpYxTVW33o%2B9puTYQcNArZzwL8N45K9cr3bD5VTr6Chvr9qq9vKA2NSDnHPPVdJuJhdWBYHtH76fWtdP85YjvjSRIE1XaHvmv073sWml45N%2F59DNiIhm5AunzrAyZmOIytkA1dSrRImOHREkdV2Di2HmmCEBvT2lnxV3J4JgnoIvUpH7Ymm1Vk9Eu&redirectType=js&inIframe=false&inPopUp=false
IP
67.227.226.240:0
ASN
#32244 LIQUIDWEB

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
982 B (982 bytes)
Hash
02dd99278a15fcf63f3250c5e5630816
aafb857dd633517f7cb1bf5dab5bd5119707360a
9fa09bc1bf062adb455c459d7a0e0c52ca13515f9081bfefaf18f24623a61f75

HTTP Headers

GET /page/bouncy.php?&bpae=GbhGdL0GvEx7j3O0K%2FSMkGA9KXfdADGbYcE2Br5wYm4HaHbjD7frvly%2F5sHVSdKH%2BjcsKk4TTFpAIzD%2Bka2V6vNMyAw3phcb%2Fw%2BGFMaU9UYKz0htGLUX85Tf4LBfIpFk2v2FQYxKrcwX1B3dA8uukv7VrEWsSLt9%2BghLIaHrWhOeaDReGZS1heFs%2FGdDeje2iSJTm1HHUkAWDfa4zo4Dg%2FjsW%2Bm2Nd%2FLoxwhm1X1LPI3Kis9aCYZpiy1VHu3S2lRgQKgC00Pb7m%2FsZrMDdzKExYFd7udjaxrDxLlBelrK8MJpx4Ru9KfQOv35pugoK2mpYxTVW33o%2B9puTYQcNArZzwL8N45K9cr3bD5VTr6Chvr9qq9vKA2NSDnHPPVdJuJhdWBYHtH76fWtdP85YjvjSRIE1XaHvmv073sWml45N%2F59DNiIhm5AunzrAyZmOIytkA1dSrRImOHREkdV2Di2HmmCEBvT2lnxV3J4JgnoIvUpH7Ymm1Vk9Eu&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: findpdf.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://findpdf.net/A-Brothers39-Revival-The-Story-of-the-Wesleys-Lycoming-College.html
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 08:11:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

34.209.122.114

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.209.122.114:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iqAtYYmy+h2wRkFQ7HEciw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8KY8DELEB/erm/iOnZO9MwHNflQ=

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6843891562ba7987aa29649d0a96fd3c
5d5b2cc383c48b50d4808f05ae0efd11d14d7236
72223100722b06ff5735c8ddde0fdb4c5512105c2633953b9250d9f723c9d016

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 08:11:54 GMT
Etag: "63d454d2-1d7"
Last-Modified: Sat, 28 Jan 2023 07:37:33 GMT
Server: ECS (dcb/7FA3)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eg5HJUNGAkvMGhzaTrIFPJHXXK6F2vB4lBayvEwo3i8Aqf4LgtM8KQ==
Age: 2061

alia-iso.com/favicon.ico

52.7.54.238

404 Not Found

653 B

URL HTTP/2
alia-iso.com/favicon.ico
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcredirect?visitid=6cc7032b-9ee3-11ed-8c72-129ff9135a05&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sat, 28 Jan 2023 08:11:55 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: yyiFiAeN
X-Firefox-Spdy: h2

cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinnersailor.com%2Fapi%2Fv3%2Foffer%2F7%3Faffiliate_id%3D477%26url_id%3D89%26aff_sub2%3Dw129hpnscvuugg7mi423re3e&caid=4d02b807-8e18-45a2-be63-5d40ac7a88cf&zpid=6cc7032b-9ee3-11ed-8c72-129ff9135a05&cid=w129hpnscvuugg7mi423re3e&rt=R

18.197.36.77

302 Found

0 B

URL HTTP/2
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinnersailor.com%2Fapi%2Fv3%2Foffer%2F7%3Faffiliate_id%3D477%26url_id%3D89%26aff_sub2%3Dw129hpnscvuugg7mi423re3e&caid=4d02b807-8e18-45a2-be63-5d40ac7a88cf&zpid=6cc7032b-9ee3-11ed-8c72-129ff9135a05&cid=w129hpnscvuugg7mi423re3e&rt=R
IP
18.197.36.77:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zp-redirect?target=https%3A%2F%2Fwinnersailor.com%2Fapi%2Fv3%2Foffer%2F7%3Faffiliate_id%3D477%26url_id%3D89%26aff_sub2%3Dw129hpnscvuugg7mi423re3e&caid=4d02b807-8e18-45a2-be63-5d40ac7a88cf&zpid=6cc7032b-9ee3-11ed-8c72-129ff9135a05&cid=w129hpnscvuugg7mi423re3e&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/
Cookie: cc-v4=e0m28qDr%2B3h7lpY2g5TbVFprc0A7O8Xn%2BpZ9ENO783%2BcG8jt5GvAXK3xSvLr%2FxV1nDxislxQnN3d0q1bqmDR%2Bm1UDEWarWXaMCHa9gwH6ghgQH227puUtN2qOzElIM5aOF4jNcot0W1NmZ3ySwq3sg%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sat, 28 Jan 2023 08:11:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://winnersailor.com/api/v3/offer/7?affiliate_id=477&url_id=89&aff_sub2=w129hpnscvuugg7mi423re3e
pragma: no-cache
set-cookie: cc-v4=yaUhyAMJ7%2FK9ZobpqatcD1Ip9joOuVDnLHTLxxIZ3xGlVDD8Z7iHmvqlkgd6eCvc7Wzdc0ACSbofuTKPZDg8Qiua%2BDwaQeELM%2FoLUXsshfS%2BCj3XYPir1zUy5EsjluMF%2FWGHFqTggcNX1OcDDtVJBw%3D%3D; Max-Age=31536000; Expires=Sun, 28-Jan-2024 08:11:55 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
34679925126e95d5f683820f49c4820d
1d2880ef306716b58f09a05c2d85433a4a2c1abf
8f9a2baee380376f04c1e3b93f8aa065be480997f7f4bbe995ef545a5dec7487

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8F9A2BAEE380376F04C1E3B93F8AA065BE480997F7F4BBE995EF545A5DEC7487"
Last-Modified: Fri, 27 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Sat, 28 Jan 2023 14:11:36 GMT
Date: Sat, 28 Jan 2023 08:11:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8379
Expires: Sat, 28 Jan 2023 10:31:34 GMT
Date: Sat, 28 Jan 2023 08:11:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8379
Expires: Sat, 28 Jan 2023 10:31:34 GMT
Date: Sat, 28 Jan 2023 08:11:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 36909
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 18:36:01 GMT
age: 48954
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13376 bytes)
Hash
195316042e7f798eeeb7993fecb3a383
4aeca24ad4702f87feaf9674ea0c1ff6d71826a3
b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13376
x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-DvHIyoAMF6fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jqb6G21QeTDiI0HWT9Fd87D-HkAOiesyfN9vr7vMxrOUADBxV-_Fug==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:42 GMT
age: 36973
etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7585 bytes)
Hash
ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 35755
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4975 bytes)
Hash
c982569d070f24dba1259603091c22e3
0f93acb5bee53670cc4ef486922f7333d96a2f4e
9a5a2d8a181a763ee6f60c27b396a0e3d7b1527e5177b2aff8d511db250753ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4975
x-amzn-requestid: 633350b7-4686-40d5-8c9d-3c097f8e2d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EBGuaoAMFbSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b3-4201212c1a0eb2a65d3f494c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XRAeWdoEkbnzXKOs_EdgQ1r9BGOeDNh4FRXm-fv0KiCz4juqk8UKIw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:35 GMT
age: 36740
etag: "0f93acb5bee53670cc4ef486922f7333d96a2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9364 bytes)
Hash
f185f0b4f90d06dbb397b44ed9c73dbe
a48e2c369a048447e0e25e4791eb603859391c1c
b466060fc132cc8d23fcb83001206606e2d5502118c65e9f55795b5adbff2fa6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9364
x-amzn-requestid: e556be7b-567a-4c9a-931e-ff6fee42d3a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T8GbFoAMFySg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-6f4476e9388c77a057153277;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LPkLrx7l9Qf_GKdtJq_77RUkvgnKZlCaDN34xsB5bEO8c9VQEJPAew==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
age: 36917
etag: "a48e2c369a048447e0e25e4791eb603859391c1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
34679925126e95d5f683820f49c4820d
1d2880ef306716b58f09a05c2d85433a4a2c1abf
8f9a2baee380376f04c1e3b93f8aa065be480997f7f4bbe995ef545a5dec7487

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8F9A2BAEE380376F04C1E3B93F8AA065BE480997F7F4BBE995EF545A5DEC7487"
Last-Modified: Fri, 27 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Sat, 28 Jan 2023 14:11:36 GMT
Date: Sat, 28 Jan 2023 08:11:55 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/whV5vfVJWi4

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/whV5vfVJWi4
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f230a70c2b83f1b756a17dce88982d2b
0fa9d550701efe22eb8a5be7f3af0a2139da647f
a054c16f6b201430e4900327d624a0fd479be2459d2ecabcd8ea665a93d847f5

HTTP Headers

POST /s/gts1p5/whV5vfVJWi4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 08:11:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/whV5vfVJWi4

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/whV5vfVJWi4
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f230a70c2b83f1b756a17dce88982d2b
0fa9d550701efe22eb8a5be7f3af0a2139da647f
a054c16f6b201430e4900327d624a0fd479be2459d2ecabcd8ea665a93d847f5

HTTP Headers

POST /s/gts1p5/whV5vfVJWi4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 08:11:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

90 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
90 kB (89894 bytes)
Hash
3eb33c7612ee217eaef0181dd95c4f83
d42f5f7bb176d7268a8e862ee67b8e940553b3f8
411bbdc637106cb6c72e435a17604ce27fd20f2880ceec0170c661b4604ac82a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 08:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

104.17.24.14

200 OK

30 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32077)
Size
30 kB (30360 bytes)
Hash
5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begin-offers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 740558
expires: Thu, 18 Jan 2024 08:11:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRxIHykrUNRczlK5A%2BXf7IpFIkwINiekMjX3wPRMHmZpIbIo0nbjIE0sLZ6wrnchGvoH%2BQqBJ45dRSUydXJrV0%2B3i%2FbVjqQs4sqa3sknBt672dLCE%2FC6zukvyC%2FtTc2TmqDqD1zl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 790842a3ff3fb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.1.0/css/flag-icon.min.css

104.17.24.14

200 OK

1.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.1.0/css/flag-icon.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (33688), with no line terminators
Size
1.5 kB (1478 bytes)
Hash
6005cbb851a11d96e671ddf9d436c8bf
1382edddadb6c772a690af96e42c300716faeb61
9fe48f40dcfcf138c0990c952b1a3caab503373452a39a49c2cd0ebdbd86448a

HTTP Headers

GET /ajax/libs/flag-icon-css/3.1.0/css/flag-icon.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begin-offers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:57 GMT
content-type: text/css; charset=utf-8
content-length: 1478
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5d-8398"
last-modified: Mon, 04 May 2020 16:10:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 205746
expires: Thu, 18 Jan 2024 08:11:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBolFl8KdzM1iJbYcXw8dowCtDyq9wPezU2VxMF43Rybgv68OAYIlkkMTRPeQ7ANZHRti4hBR%2BrUaK8cfIVJ0KN3jXlWrRjLI%2B7Kh2qFce3%2FNoWYrtTvq%2FjEjG4agEpeJU8rJyXg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 790842a3ff46b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
622311873d3819b9911301b09bc2d43c
9f08d648e40479aa12da033da15b80a15017c739
6138674cec17da8b7bb02bf0686bf3e7aefa2bce6a5f844ebd80e10b665818b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 08:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

polyfill.io/v3/polyfill.min.js

151.101.1.26

200 OK

94 B

URL HTTP/2
polyfill.io/v3/polyfill.min.js
IP
151.101.1.26:0
ASN
#54113 FASTLY

File type
ASCII text
Size
94 B (94 bytes)
Hash
eb8b0ba88b3acfb11ea81d5c02be9108
4b7f14cc2db25abdbe25472934b7469b2488f9d4
7237f15a97fe102c6ed13eadc0f7980da03cd06a20dfb7c7b8050e60dada617d

HTTP Headers

GET /v3/polyfill.min.js HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://begin-offers.com
Connection: keep-alive
Referer: https://begin-offers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 25 Jan 2023 17:58:34 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Sat, 28 Jan 2023 08:11:57 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=14
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94
X-Firefox-Spdy: h2

winnersailor.com/api/v3/offer/7?affiliate_id=477&url_id=89&aff_sub2=w129hpnscvuugg7mi423re3e

188.114.96.1

302 Found

2.0 kB

URL HTTP/2
winnersailor.com/api/v3/offer/7?affiliate_id=477&url_id=89&aff_sub2=w129hpnscvuugg7mi423re3e
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.0 kB (1993 bytes)
Hash
d779ca8478bf47b7bd937ef1956a1ecc
ab9cddb7aab00af1ad6ba17f3c47087ff69c63c5
79739fa3c003ad346daa76bd8f62fa9b270734a7f7c6ff8e051bd388dc4df86e

HTTP Headers

GET /api/v3/offer/7?affiliate_id=477&url_id=89&aff_sub2=w129hpnscvuugg7mi423re3e HTTP/1.1
Host: winnersailor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 28 Jan 2023 08:11:55 GMT
content-type: text/html; charset=UTF-8
location: https://healsailor.com/api/v1/leads-workflow/funnel/1/7?tp_hash=a728d15b760a2191ec4ea6ace405de48&tp_offer_id=7&tp_affiliate_id=477&tp_advertiser_id=1&tp_source=&tp_aff_sub=&tp_aff_sub2=w129hpnscvuugg7mi423re3e&tp_aff_sub3=&tp_aff_sub4=&tp_aff_sub5=
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials,Authorization
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials
cache-control: private, must-revalidate
expires: -1
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FtodPdjd7PRiYUCA6HktMrR2slBKhF%2BP84eDCQJS6KvK67IHRo2J4QP1V9V7I1u0cVokJHuYMscOiGcXlK4IAA8W0P9Dao196J6IeOizC25BBd7cV%2FwWze5088PKhvLLU%2Fs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790842995f72b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
dd982f9167c89cc4e58f13ae68519639
559bd8f3e9342e3ecb65d2003103742d65c2caea
bad0f1e417e15bcf998e326afeeae537ae48511153bdc9e4ba2077bfa23d2706

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 08:11:57 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "9F2C8E07A2F0D29659B6E2E673912372D04243CD"
Expires: Sat, 28 Jan 2023 19:00:00 GMT
Last-Modified: Sat, 28 Jan 2023 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3523
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790842a448bdb512-OSL

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 08:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

3.1 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
3.1 kB (3075 bytes)
Hash
e0ee8733bee785855dea22b5c70dffd6
4aa6ac38d79b721d9e12672d57b451db0fe2aad3
9dbe09b366775e0c7a4b4ec235c349f8e4a5b9db7f20f20400bbf73b8e09bd76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 08:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
fc81ce4eba230ccd979f601519306fe6
021ac321b6e2d95d1555436cf06c77661c72db64
658fdfecf78769788b7b7764ba4f51bd00867e00c6b467fbabd6671733cb14c2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6078
Cache-Control: max-age=99401
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 08:11:57 GMT
Etag: "63d3a258-117"
Expires: Sun, 29 Jan 2023 11:48:38 GMT
Last-Modified: Fri, 27 Jan 2023 10:07:20 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

begin-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYwOTkyMCwic2VjcmV0IjoiNTUxOWIwYzg2ZTlmZDI1ZCIsImRvbWFpbiI6ImhlYWxzYWlsb3IuY29tIiwiYXBpIjoib3B0aW11cy1sZCJ9

104.21.70.148

200 OK

39 kB

URL HTTP/2
begin-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYwOTkyMCwic2VjcmV0IjoiNTUxOWIwYzg2ZTlmZDI1ZCIsImRvbWFpbiI6ImhlYWxzYWlsb3IuY29tIiwiYXBpIjoib3B0aW11cy1sZCJ9
IP
104.21.70.148:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
39 kB (39080 bytes)
Hash
c7747038bfbd4e5336a6368e7d4ece01
48d21434b008d8455b3757b30fe87e94233b8241
09ed14e32eb131be52d87ca647ddb7efb80094a9e35ed761e4fd3f617b51f3b6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bitcoin-era/index-no.html?d=eyJpZCI6MTYwOTkyMCwic2VjcmV0IjoiNTUxOWIwYzg2ZTlmZDI1ZCIsImRvbWFpbiI6ImhlYWxzYWlsb3IuY29tIiwiYXBpIjoib3B0aW11cy1sZCJ9 HTTP/1.1
Host: begin-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:57 GMT
content-type: text/html
last-modified: Fri, 20 Jan 2023 08:30:12 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcGW0XbaDvzt%2B3aUWIjemvS0sNmeJafGvvf384efKTPeggms3yQZIzAxdzCBqOYLppjL1%2BOBOwqh9%2FjC5aJgv%2FlOSGOlEBlPjoeRp3uDNKYWYUfWNFV1kUPGbqC0%2F0slLHD2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790842a18ad7b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

iframe.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa?muted=true&autoplay=true&loop=true&defaultTextTrack=no

104.16.96.114

200 OK

548 B

URL HTTP/2
iframe.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa?muted=true&autoplay=true&loop=true&defaultTextTrack=no
IP
104.16.96.114:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
548 B (548 bytes)
Hash
c29b2048441edc8f72dfef4d29d586a4
7857bd1f204e2512219e14c9931ae73204c0318b
9b7abd0437ac5d3a739d82544ceb76353e040f0aa8d2af13365fe565cc8f33a2

HTTP Headers

GET /3b52b4f7fc368dfabd2a8e562b76bdfa?muted=true&autoplay=true&loop=true&defaultTextTrack=no HTTP/1.1
Host: iframe.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begin-offers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:57 GMT
content-type: text/html; charset=utf-8
vary: origin, referer, Accept-Encoding
access-control-expose-header: cf-ray
stream-dw-version: 2023.1.14
server: cloudflare
cf-ray: 790842a49d54b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 08:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/thumbnails/thumbnail.jpg?height=480

104.16.96.114

200 OK

68 kB

URL HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/thumbnails/thumbnail.jpg?height=480
IP
104.16.96.114:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
68 kB (67819 bytes)
Hash
596fb0b03d841b9da2c0fb41a9b59efc
bdc54932bc92b0420b582c37417f949639c395da
38f44831f18cbcd0708de2aa1998f97c4935bea792981f15b2c34cfbcdd50e0f

HTTP Headers

GET /3b52b4f7fc368dfabd2a8e562b76bdfa/thumbnails/thumbnail.jpg?height=480 HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframe.cloudflarestream.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:58 GMT
content-type: image/jpeg
content-length: 47589
cf-ray: 790842a7c89bb50c-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 862500
cache-control: public, max-age=864000
last-modified: Mon, 12 Dec 2022 21:10:08 GMT
strict-transport-security: max-age=31536000
vary: origin, referer, Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: range
access-control-expose-header: cf-ray
core-cache-status: MISS
served-in-seconds: 1.220
stream-dw-version: 2023.1.14
server: cloudflare
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/437.801d47c8.chunk.js

104.16.96.114

200 OK

172 kB

URL HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/437.801d47c8.chunk.js
IP
104.16.96.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (22530), with no line terminators
Size
172 kB (171948 bytes)
Hash
cec288af0062a8891c2a8daa11c764f7
8f55c8449660c78f6b25e0fc76ea9fbdac31676e
84f986eea6477684398b8e9673465d59ff124ae14c1d5a97b3ff28428584fc9c

HTTP Headers

GET /embed/437.801d47c8.chunk.js HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframe.cloudflarestream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:58 GMT
content-type: application/javascript
cf-ray: 790842a76853b50c-OSL
age: 132
cache-control: max-age=180
etag: W/"abac150b3577d7480a74a55d99036272"
expires: Sat, 28 Jan 2023 08:07:45 GMT
last-modified: Wed, 28 Dec 2022 09:24:41 GMT
cf-cache-status: HIT
access-control-expose-header: cf-ray
stream-dw-version: 2023.1.14
timing-add-origin: *
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

30 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
30 kB (30455 bytes)
Hash
6f304bfa50cc818c94dcb542113c5746
aa56958294318f30eb159eaf25e789246aff320a
e2a83b86e3be6e6bb11bc8d5a6e52c452b15c9f479e5a1994da8ae280ec3a437

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 08:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
82a4aa1a2e357dbae86030fb317b8a77
fe1a8ceb29c40b0501ec84f55b0e64c890b5030c
7bafb1b7c3ad1c8aa48d7570212e0886a6a3205a2068412776b584136f519de1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BAFB1B7C3AD1C8AA48D7570212E0886A6A3205A2068412776B584136F519DE1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14631
Expires: Sat, 28 Jan 2023 12:15:50 GMT
Date: Sat, 28 Jan 2023 08:11:59 GMT
Connection: keep-alive

o445185.ingest.sentry.io/api/5421136/envelope/?sentry_key=a37bd96361a84a13aec68cc8fc230f3c&sentry_version=7

34.120.195.249

200 OK

41 B

URL HTTP/2
o445185.ingest.sentry.io/api/5421136/envelope/?sentry_key=a37bd96361a84a13aec68cc8fc230f3c&sentry_version=7
IP
34.120.195.249:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
41 B (41 bytes)
Hash
cc65e348f9bd228faadfb32703737d05
69f261727987e588cfd4031e957435fc60961280
1d485d7f7fe8cb33fbd59f6e1f8db583cd281c419f7ddebba71f5228530c9787

HTTP Headers

POST /api/5421136/envelope/?sentry_key=a37bd96361a84a13aec68cc8fc230f3c&sentry_version=7 HTTP/1.1
Host: o445185.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://begin-offers.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://begin-offers.com
Content-Length: 23652
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 08:11:59 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: https://begin-offers.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
82a4aa1a2e357dbae86030fb317b8a77
fe1a8ceb29c40b0501ec84f55b0e64c890b5030c
7bafb1b7c3ad1c8aa48d7570212e0886a6a3205a2068412776b584136f519de1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BAFB1B7C3AD1C8AA48D7570212E0886A6A3205A2068412776B584136F519DE1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14631
Expires: Sat, 28 Jan 2023 12:15:50 GMT
Date: Sat, 28 Jan 2023 08:11:59 GMT
Connection: keep-alive

alia-iso.com/zcredirect?visitid=6cc7032b-9ee3-11ed-8c72-129ff9135a05&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

52.7.54.238

200 OK

0 B

URL HTTP/2
alia-iso.com/zcredirect?visitid=6cc7032b-9ee3-11ed-8c72-129ff9135a05&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /zcredirect?visitid=6cc7032b-9ee3-11ed-8c72-129ff9135a05&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcvisitor/6cc7032b-9ee3-11ed-8c72-129ff9135a05/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=e7573180-76db-11ed-9544-0a918cbcbb97
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:55 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: xhqwcLCN
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Lato:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begin-offers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 08:11:57 GMT
date: Sat, 28 Jan 2023 08:11:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

alia-iso.com/zcvisitor/6cc7032b-9ee3-11ed-8c72-129ff9135a05/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=e7573180-76db-11ed-9544-0a918cbcbb97

52.7.54.238

200 OK

0 B

URL HTTP/2
alia-iso.com/zcvisitor/6cc7032b-9ee3-11ed-8c72-129ff9135a05/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=e7573180-76db-11ed-9544-0a918cbcbb97
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /zcvisitor/6cc7032b-9ee3-11ed-8c72-129ff9135a05/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=e7573180-76db-11ed-9544-0a918cbcbb97 HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://findpdf.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:54 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: pdjjtQZN
X-Firefox-Spdy: h2

healsailor.com/api/v1/leads-workflow/funnel/1/7?tp_hash=a728d15b760a2191ec4ea6ace405de48&tp_offer_id=7&tp_affiliate_id=477&tp_advertiser_id=1&tp_source=&tp_aff_sub=&tp_aff_sub2=w129hpnscvuugg7mi423re3e&tp_aff_sub3=&tp_aff_sub4=&tp_aff_sub5=

172.67.143.27

302 Found

0 B

URL HTTP/2
healsailor.com/api/v1/leads-workflow/funnel/1/7?tp_hash=a728d15b760a2191ec4ea6ace405de48&tp_offer_id=7&tp_affiliate_id=477&tp_advertiser_id=1&tp_source=&tp_aff_sub=&tp_aff_sub2=w129hpnscvuugg7mi423re3e&tp_aff_sub3=&tp_aff_sub4=&tp_aff_sub5=
IP
172.67.143.27:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/v1/leads-workflow/funnel/1/7?tp_hash=a728d15b760a2191ec4ea6ace405de48&tp_offer_id=7&tp_affiliate_id=477&tp_advertiser_id=1&tp_source=&tp_aff_sub=&tp_aff_sub2=w129hpnscvuugg7mi423re3e&tp_aff_sub3=&tp_aff_sub4=&tp_aff_sub5= HTTP/1.1
Host: healsailor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 28 Jan 2023 08:11:56 GMT
content-type: text/html; charset=UTF-8
location: https://begin-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYwOTkyMCwic2VjcmV0IjoiNTUxOWIwYzg2ZTlmZDI1ZCIsImRvbWFpbiI6ImhlYWxzYWlsb3IuY29tIiwiYXBpIjoib3B0aW11cy1sZCJ9
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials,Authorization,sentry-trace
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials
cache-control: private, must-revalidate
expires: -1
pragma: no-cache
set-cookie: laravel_session=eyJpdiI6IlwvSW1FT1JQY1g4N09qZHI0N05xbWRnPT0iLCJ2YWx1ZSI6IjhsNHRubkxjNzdBbHE5SUk5cGo2MGdPMG9ZTHZFeW1INXEwS1FhSUpvTjFmcEZJWjFVMkVIMEt6MXNmU21Xb1Y5TXJrdmpaSTdiK1l4a0s5WWpTdkFBPT0iLCJtYWMiOiJmNDkwNTZmZmQzMDZjZWYwMzc2M2FjNTRlM2M5MzFhMzgzMWEzNjhjZDU5NDFmY2E4YTMzODhlYjQ2NjI1YTEyIn0%3D; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFZJJnOtjDG8fy0h9MoTm7k33NNQytI6EeY8WALu9dFD1BQQYBbIELYDczcU8nd7Uz6fXvsau3FcExfKEzbRLFCOJiuEbrRtlSKofry3waW2BoJ1LyYOcTbG2b00hFa0vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7908429e1d94b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/887.fb639d1f.chunk.js

104.16.96.114

200 OK

0 B

URL HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/887.fb639d1f.chunk.js
IP
104.16.96.114:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed/887.fb639d1f.chunk.js HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframe.cloudflarestream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:58 GMT
content-type: application/javascript
cf-ray: 790842a77856b50c-OSL
age: 132
cache-control: max-age=180
etag: W/"7166a8708d577019d90495202e7dd78b"
expires: Sat, 28 Jan 2023 08:08:31 GMT
last-modified: Wed, 28 Dec 2022 09:24:43 GMT
cf-cache-status: HIT
access-control-expose-header: cf-ray
stream-dw-version: 2023.1.14
timing-add-origin: *
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/metadata/playerEnhancementInfo.json

104.16.96.114

200 OK

0 B

URL HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/metadata/playerEnhancementInfo.json
IP
104.16.96.114:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /3b52b4f7fc368dfabd2a8e562b76bdfa/metadata/playerEnhancementInfo.json HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iframe.cloudflarestream.com/
Origin: https://iframe.cloudflarestream.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:58 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=600
vary: origin, referer, Accept-Encoding
access-control-allow-headers: range
access-control-expose-header: cf-ray
stream-dw-version: 2023.1.14
server: cloudflare
cf-ray: 790842a7886bb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js

104.16.96.114

200 OK

0 B

URL HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js
IP
104.16.96.114:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed/sdk-iframe-integration.fla9.latest.js HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iframe.cloudflarestream.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 08:11:57 GMT
content-type: application/javascript
cf-ray: 790842a5eebab50c-OSL
age: 124
cache-control: max-age=180
etag: W/"f0706de51bb79f0fcd66dd783c9fe443"
expires: Sat, 28 Jan 2023 08:09:12 GMT
last-modified: Thu, 10 Nov 2022 21:36:22 GMT
cf-cache-status: HIT
access-control-expose-header: cf-ray
stream-dw-version: 2023.1.14
timing-add-origin: *
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML