Overview

URLcola.trffclb.com/a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=638e4ba6248f9b5eb1327271&source=888.jp.webview-android.
IP 51.83.143.92 (France)
ASN#16276 OVH SAS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-05 19:51:29 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (13)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
samba.trffclb.com (3) 0 2022-09-30 11:20:25 UTC 2022-12-04 14:19:03 UTC 51.83.143.92 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.203.75.56
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (8) 344 No data No data 23.33.119.27
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
cola.trffclb.com (1) 0 2022-09-30 11:19:40 UTC 2022-12-05 14:21:08 UTC 51.83.143.92 Unknown ranking
popmyads.com (2) 44134 2019-01-09 18:43:38 UTC 2022-12-04 12:04:36 UTC 172.64.166.21
prpops.com (1) 123090 2015-02-07 15:20:54 UTC 2022-12-05 14:58:15 UTC 131.153.42.226
schington.com (1) 630430 2018-10-31 18:53:56 UTC 2022-12-03 12:50:02 UTC 95.211.75.10
ww1.schington.com (3) 0 No data No data 208.91.196.145 Domain (schington.com) ranked at: 630430

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-05 2 trffclb.com Sinkholed
2022-12-05 2 trffclb.com Sinkholed
2022-12-05 2 trffclb.com Sinkholed
2022-12-05 2 trffclb.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 51.83.143.92
Date UQ / IDS / BL URL IP
2023-01-27 20:10:57 +0000 0 - 0 - 1 pollo.trffcsource.com/o.php?p=c:j1z0vtg8710ah (...) 51.83.143.92
2023-01-27 09:05:50 +0000 0 - 2 - 2 cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481& (...) 51.83.143.92
2023-01-26 19:42:12 +0000 0 - 0 - 1 pollo.trffcsource.com/o.php?p=c:j1z0vtg8710ah (...) 51.83.143.92
2023-01-26 10:49:57 +0000 0 - 1 - 2 ron.trffclb.com/f.php 51.83.143.92
2023-01-20 14:24:27 +0000 0 - 0 - 2 ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d (...) 51.83.143.92


Last 5 reports on ASN: OVH SAS
Date UQ / IDS / BL URL IP
2023-01-28 20:15:56 +0000 0 - 0 - 1 www.upload.ee/download/14668744/cb36f64518041 (...) 51.91.30.159
2023-01-28 20:15:48 +0000 0 - 0 - 1 upload.ee/download/14668744/cb36f64518041c5c0 (...) 51.91.30.159
2023-01-28 20:10:16 +0000 0 - 0 - 1 convidando.com/wp-admin/includes/well/WFlabda (...) 15.235.53.161
2023-01-28 20:09:54 +0000 3 - 0 - 21 avocat-lamy-caen.fr/storage/iCloudLogin.php 51.91.236.193
2023-01-28 20:03:58 +0000 0 - 1 - 2 www.reacredit.com.br/painel/wa/simple_slide/p (...) 144.217.28.12


Last 5 reports on domain: trffclb.com
Date UQ / IDS / BL URL IP
2023-01-27 09:05:50 +0000 0 - 2 - 2 cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481& (...) 51.83.143.92
2023-01-26 10:49:57 +0000 0 - 1 - 2 ron.trffclb.com/f.php 51.83.143.92
2023-01-20 14:24:27 +0000 0 - 0 - 2 ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d (...) 51.83.143.92
2023-01-14 09:48:50 +0000 0 - 0 - 2 ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d (...) 51.83.143.92
2023-01-13 16:57:12 +0000 0 - 0 - 3 cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481& (...) 51.83.143.92


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-28 19:15:32 +0000 0 - 0 - 1 rbca-personal.com/ 209.99.40.222
2023-01-28 18:26:32 +0000 0 - 1 - 2 alapanama.com/ 162.241.85.112
2023-01-28 18:09:03 +0000 0 - 0 - 1 ww1.aladel.net/ 208.91.196.145
2023-01-28 16:15:36 +0000 0 - 0 - 1 cleanmadedesign.com/ 209.99.40.222
2023-01-28 15:51:49 +0000 0 - 0 - 1 africonnects.org/ 208.91.197.13

JavaScript

Executed Scripts (6)

Executed Evals (172)
#1 JavaScript::Eval (size: 138) - SHA256: 66ee2b5817289c79a8012cfc552aaadbd84cb5d23017246a10de5b4fe4035bdd
//
;
eval(function(w, i, s, e) {
    for (s = 0; s < w.length; s += 2) {
        i += String.fromCharCode(parseInt(w.substr(s, 2), 36));
    }
    return i;
}('1b1b0d0a', '', '', ''));
#2 JavaScript::Eval (size: 23) - SHA256: ffbbf5bb11118e71f45b2d1f13535b5684acadfd5030dbfe0db85480abf7c5d6
window.navigator.onLine
#3 JavaScript::Eval (size: 35) - SHA256: bedfa31a07877ed6002289d25779f4475a0d0fcd4ddb0dcf1485dd797fd4a1a9
!Array.isArray(navigator.languages)
#4 JavaScript::Eval (size: 199) - SHA256: 3ea4b74d63adbbd20dc5268def5ffbb044aed7f064fbc15c8199861af99aec88
var g = document.createElement('canvas').getContext('webgl'),
    r = [];
var d = g.getExtension('WEBGL_debug_renderer_info');
for (var i = 0; i < 3; i++) {
    r.push(g.getParameter(d.UNMASKED_RENDERER_WEBGL))
};
r.join('.|.')
#5 JavaScript::Eval (size: 40) - SHA256: 1ad92abb7debc16257a825a1a036cf10f2af5f1cc4dcbda8a474fbd3762cff46
navigator.serviceWorker.getRegistrations
#6 JavaScript::Eval (size: 37) - SHA256: 4a7983a4d94e6b33b4fd5bdb28b69828a4cbf50194e6c6256d67c086cde33a89
navigator.serviceWorker.dispatchEvent
#7 JavaScript::Eval (size: 30) - SHA256: 76ae702d994281d2ba091c0a6a01a62d486de8d4f5b3820c4fd9a9363503b142
navigator.storage.getDirectory
#8 JavaScript::Eval (size: 38) - SHA256: 32202cedfcdb9260c55af608fcff7c67aeccdf59a45a039f63abe149c7c788cb
screen.orientation.removeEventListener
#9 JavaScript::Eval (size: 26) - SHA256: e5a13721b456c9e090f80944728fc91767f5ae01b01f59160e73ff2c7cacc587
window.locationbar.visible
#10 JavaScript::Eval (size: 37) - SHA256: 970cbb10d42c3b803353ffb9ecc4110a9f5f7a6cf123f0ac5bb3d2ac630be4eb
navigator.requestMediaKeySystemAccess
#11 JavaScript::Eval (size: 40) - SHA256: ff8d623c1dc2c627f7ed2bef8d6e012fd716b552d4cf6ec222f15f1c226ea573
navigator.serviceWorker.addEventListener
#12 JavaScript::Eval (size: 25) - SHA256: eb3beca94d62b93a99aaa3e534c0ae22cbb4cfb39bb3fcfd1ea8d6584d62d9a0
screen.mozLockOrientation
#13 JavaScript::Eval (size: 20) - SHA256: 3f3d3b81e8706983e30a63da7389e8cd3e70bd7778063d63f748984c42007425
IntersectionObserver
#14 JavaScript::Eval (size: 19) - SHA256: 7ea9b1ef20147151acf465a630a4724d4c92b5df9eb07046307cb94ce5d05303
navigator.languages
#15 JavaScript::Eval (size: 22) - SHA256: f6ebea3648726d265e270a87c93a703e0066499ec927df7dcba473bb559edc14
navigator.taintEnabled
#16 JavaScript::Eval (size: 39) - SHA256: ceb1d196c5fa8ac10c8265ff244799703d108c9b5de7c6aca4fc35cd4876c562
navigator.mediaSession.setPositionState
#17 JavaScript::Eval (size: 19) - SHA256: 9b078b8e24e4655c21a5876570daac97f2ddc241bfdb259644582b6a7a60930b
navigator.userAgent
#18 JavaScript::Eval (size: 17) - SHA256: 13e19bbb45d0bb1d1915240763b5bca4ddef99d01edd749954115168c7842c9c
navigator.buildID
#19 JavaScript::Eval (size: 29) - SHA256: 1ec57b858ba2931dbaa9951cf0d8f0a8047f677543ca43644640eb7158f66c73
typeof navigator.deviceMemory
#20 JavaScript::Eval (size: 18) - SHA256: 64e360e85164e7675724c7fe1ed681b25a138c51d437bac5ff97e8910ccf2aa7
window.innerHeight
#21 JavaScript::Eval (size: 33) - SHA256: e24288993d26bf1da99cf598fee9de8b7d268f1b546ea26784fea46f399541d9
navigator.usb.removeEventListener
#22 JavaScript::Eval (size: 35) - SHA256: a3d37b1bd8595712459c18b040d89b90ceafd02f0b5729ca56ff161013e28b2e
navigator.encodingInfo.getUserMedia
#23 JavaScript::Eval (size: 42) - SHA256: 60769e55010430ccc73905a3811abb4dc7b43e1d2f46963a70c065d590420311
navigator.plugins[0][0].enabledPlugin.name
#24 JavaScript::Eval (size: 184) - SHA256: e202a32154b51dadfdff640a5faef7cfbd7fe9fc02ba66944678cbfd7c80a72e
var c = document.createElement('canvas');
var gl = c.getContext('webgl') || c.getContext('webgl2') || c.getContext('experimental-webgl') || c.getContext('webkit-3d') || c.getContext('moz-webgl');
gl
#25 JavaScript::Eval (size: 25) - SHA256: cfab5312f1cfff1e8162225ab27453306ff627f512bcf18225c0a305ca093e1c
window.scrollbars.visible
#26 JavaScript::Eval (size: 2356) - SHA256: 8bab8c851d87e47395c1f7dac3156b2e2ad13193096e308927f43af762e6a911
;
eval(function(w, i, s, e) {
    for (s = 0; s < w.length; s += 2) {
        i += String.fromCharCode(parseInt(w.substr(s, 2), 36));
    }
    return i;
}('1b1b0d0a1n2t3a2p30142u39322r382x3332143b182x1837182t153f2u333614371p1c1n371o3b1a302t322v382w1n37171p1e153f2x171p2b38362x322v1a2u3633311v2w2p361v332s2t14342p36372t213238143b1a37392q3738361437181e15181f1i15151n3h362t383936320w2x1n3h14131d2q1d2q1c2s1c2p1318131318131318131315151n1n2t3a2p30142u39322r382x3332143b182x1837182t153f2u333614371p1c1n371o3b1a302t322v382w1n37171p1e153f2x171p2b38362x322v1a2u3633311v2w2p361v332s2t14342p36372t213238143b1a37392q3738361437181e15181f1i15151n3h362t383936320w2x1n3h14131d2q1d2q1c2s1c2p1d321e381f2p1e341f1c1d1g1e391f1l1f1e1e361f1k1e3c1f1f1f1e1d1g1f2q1d1k1e3c1d1k1f1j1d1k1e381d1h1f2u1e391f1f1f1i1d1g1f1j1d341d2r1d321f1j1d331f2q1d2p1f1c1e381f1e1e3a1f1k1e3b1d321f1j1d1j1d341d2t1d1h1f2u1e3c1d1j1d341e2q1f1k1f1i1e3c1f1e1e3a1d2p1e391f1i1f1f1f1d1d3a1e3b1e341f1i1d3a1f1f1e371e381d1g1f1g1e341f1i1f1j1e381e1d1f1e1f1k1d1g1f2q1d2p1f1j1f1l1e351f1j1f1k1f1i1d1g1f1j1d1k1d2t1d1h1d1k1d2u1d2x1d1h1d1h1d321f2w1f1i1e381f1k1f1l1f1i1f1e1c3b1e3c1d321f2w1d1g1d1f1d2s1e351d2s1e351d2r1e371d2r1e341d1f1d1k1d1f1d1f1d1k1d1f1d1f1d1k1d1f1d1f1d1h1d1h1d321318131318131318131315151n', '', '', ''));;;
eval(function(w, i, s, e) {
    var lIll = 0;
    var ll1I = 0;
    var Il1l = 0;
    var ll1l = [];
    var l1lI = [];
    while (true) {
        if (lIll < 5) l1lI.push(w.charAt(lIll));
        else if (lIll < w.length) ll1l.push(w.charAt(lIll));
        lIll++;
        if (ll1I < 5) l1lI.push(i.charAt(ll1I));
        else if (ll1I < i.length) ll1l.push(i.charAt(ll1I));
        ll1I++;
        if (Il1l < 5) l1lI.push(s.charAt(Il1l));
        else if (Il1l < s.length) ll1l.push(s.charAt(Il1l));
        Il1l++;
        if (w.length + i.length + s.length + e.length == ll1l.length + l1lI.length + e.length) break;
    }
    var lI1l = ll1l.join('');
    var I1lI = l1lI.join('');
    ll1I = 0;
    var l1ll = [];
    for (lIll = 0; lIll < ll1l.length; lIll += 2) {
        var ll11 = -1;
        if (I1lI.charCodeAt(ll1I) % 2) ll11 = 1;
        l1ll.push(String.fromCharCode(parseInt(lI1l.substr(lIll, 2), 36) - ll11));
        ll1I++;
        if (ll1I >= l1lI.length) ll1I = 0;
    }
    return l1ll.join('');
}('46a002t3u0x3s1b2722161b1r1h1g1l123b3v2q1o232y121g3u33263734033v37331637383835242z122s1t1q2l1r1l1j2g1s1p1j2f2h2v1c1g1e1l1r1d2i1m', '23563w113x27142s2w251c1b1c1b1f1b1e252z142t2z1o1421372z1g253x2a1535121i2627132m2v3o1t1e1b1v1k1k1d2r1l1i1c1r1q1s2c1b1k1f2f2j2q12', '63fbe232c1o231w3b3u1a1b141i1d1b143q0z141w1z0q123q251z1o3v3c3s0w34121o3s3z3b3q3r261h2f2j2f1g2h1e1o1g2e2h1e1j1k2q1h1k1c1q2p1o1l1', 'e0e36c9cdbb13b0ce8f978f12b74af4f'));
#27 JavaScript::Eval (size: 32) - SHA256: 48e5014f7556e93ee8dda7d21130f174f1c24af77758f3a69b7c4e6e4ccae7d7
navigator.xr.removeEventListener
#28 JavaScript::Eval (size: 39) - SHA256: 640a2b94acf2ce3b69ae38a8ad10f6cfc2bd48867caa2631cf2f8143bc830a3f
navigator.mediaDevices.addEventListener
#29 JavaScript::Eval (size: 40) - SHA256: 7d3142625949a5c58b064cde3df110dbec79dea57b58a1818c91ff2507c95b55
navigator.mediaCapabilities.decodingInfo
#30 JavaScript::Eval (size: 37) - SHA256: df7f755c2e2f8dc683d784231fa07730be28f01d59eda5cbcd57d0465672a820
navigator.serviceWorker.startMessages
#31 JavaScript::Eval (size: 29) - SHA256: 0be28922f702e37e9117519013b8a81eba67a40f3b063692e65b841b38805dd8
navigator.clipboard.writeText
#32 JavaScript::Eval (size: 18) - SHA256: 318e5db431b7c9515f38ae97da21d7c4e75ec281aea96271c0d0f4e22b35df92
navigator.language
#33 JavaScript::Eval (size: 35) - SHA256: b8d097efb8c597dcb43dcea189b0f72674841d07c71c126580c9e1007313a0cc
navigator.scheduling.isInputPending
#34 JavaScript::Eval (size: 21) - SHA256: 70acf8e09b8e60d7f5ce981bdf8e22a9e17ba7df4b7a25d363dc2e3491b913f3
navigator.locks.query
#35 JavaScript::Eval (size: 24) - SHA256: 0d440d928785758d7c45df61b64237b7730bf60f28c77d0efeaa3f57476f5004
navigator.usb.getDevices
#36 JavaScript::Eval (size: 40) - SHA256: 55f391c815ba16ba4af3614e371b44d1b77f4482328260124e3289cfb51e3776
navigator.mediaCapabilities.encodingInfo
#37 JavaScript::Eval (size: 35) - SHA256: e941214fbee58327bbea076eb22725bedc68b649bab9e3d37905ba3a1c0621e9
navigator.bluetooth.getAvailability
#38 JavaScript::Eval (size: 25) - SHA256: 8b0d9b5de69e6605c2a6e9696c13560081bf945e71576ea05cebf25cebaf5105
document.location.replace
#39 JavaScript::Eval (size: 26) - SHA256: d39c2eafdfe2eba61ed3e9d05230a85a4f5aa2f43001f5f7be994ed77833738e
document.location.toString
#40 JavaScript::Eval (size: 26) - SHA256: 8d1fb69fdf2274db06e6907bccf0b0ed47740d594f20229525c9d7e44a87efd9
typeof navigator.languages
#41 JavaScript::Eval (size: 35) - SHA256: b501d4e8bf23f961c62614cb57e1dd53498c259c6a0ec105df6a3f1a70e19a8e
JSON.stringify(navigator.languages)
#42 JavaScript::Eval (size: 39) - SHA256: c93769990f5af57f33c8e54394657b2ccaadb271a5bfcc50d0b0e51ce713d7dd
navigator.clipboard.removeEventListener
#43 JavaScript::Eval (size: 45) - SHA256: 8b1099c946f0589d458502aa774eb79ab5ca59819adfcee985547918f9cbe748
navigator.webkitTemporaryStorage.requestQuota
#44 JavaScript::Eval (size: 42) - SHA256: 28c24f3bb9a3fca35fcaf49d5641c1159963c7e6a999a7cbc4267194a2c43957
document.location.ancestorOrigins.contains
#45 JavaScript::Eval (size: 72) - SHA256: 1bc66fcde56751b877bb310b597ad756543c747dacfcfc09b12c2aaf0937d274
var res = [];
for (var i = 0; i < 10; i++) {
    res.push(navigator.connection.rtt)
};
res
#46 JavaScript::Eval (size: 189) - SHA256: 0da208832d03eb407a6509453bf23e8a1aac84d865f5b4dae7e52f89ebadb4f8
var iframe = document.createElement('iframe');
iframe.srcdoc = 'blank page';
document.body.appendChild(iframe);
var ua = iframe.contentWindow.navigator.userAgent;
document.body.removeChild(iframe);
ua
#47 JavaScript::Eval (size: 38) - SHA256: 82433393ce3ee2cd38923f59198fd1595a1376edaa015a92cfeedb70806767e3
navigator.mediaDevices.getDisplayMedia
#48 JavaScript::Eval (size: 33) - SHA256: 1713ae9dac960df642f75e7e372d15b87442581cd960b3981b6a72d06bea759f
navigator.registerProtocolHandler
#49 JavaScript::Eval (size: 52) - SHA256: 863f9d63d867da4d08b52b428035cbcfa5f31a9f9cc5bfebd34697ae5638308a
navigator.webkitPersistentStorage.queryUsageAndQuota
#50 JavaScript::Eval (size: 24) - SHA256: f0c059471645c6254f4e72e9ba23e0e5154066dfcdd2d0e3717ed904ff94be12
document.location.assign
#51 JavaScript::Eval (size: 17) - SHA256: e0bc19473df9795cd42be5da545b5a6828d31527b4ffa3769564f735abec0deb
document.hasFocus
#52 JavaScript::Eval (size: 28) - SHA256: d07dbee50e70d98255f54801810f973ed28ce863d4c59b6120a63f2dabd4ceb1
navigator.xr.supportsSession
#53 JavaScript::Eval (size: 38) - SHA256: 8e22142a410b6de1dac5237f1dc7a6d1f5ebda664d5e43653da05ecd4bdcf379
navigator.encodingInfo.getDisplayMedia
#54 JavaScript::Eval (size: 39) - SHA256: 4f8bd3fa60e89ac23d6eb0c5078326f1c89c169ae0ac2cc94eb7debabd8e2343
navigator.mediaSession.setActionHandler
#55 JavaScript::Eval (size: 32) - SHA256: 3b067d49b9de68193bfd7bd171db10c8a6491cd22ca695e4858fc8435f383c88
screen.orientation.dispatchEvent
#56 JavaScript::Eval (size: 25) - SHA256: 0d104b78124bc9cede335899791af4e0c98eb238bbefa13e7a7738c5f37db74a
window.screen.availHeight
#57 JavaScript::Eval (size: 91) - SHA256: 9acf228f51895ad833e440bb0669b5bf6f3fd6d8ae81c2a7e31291a374064505
var r = "bar";
try {
    var w = open("");
    if (w !== null) {
        r = w.navigator.userAgent;
        w.close();
    }
} catch (e) {}
r
#58 JavaScript::Eval (size: 11) - SHA256: 2c6631ee0cabea9afb499cec860aab5fcf40ed956651a0b0ea7b3411e1a31cd9
window.open
#59 JavaScript::Eval (size: 59) - SHA256: 5e8001b31e157e18f117f8d25758bdc639425c5f3cd50660efaa12645d74eaec
document.createElement("div").createShadowRoot().toString()
#60 JavaScript::Eval (size: 46) - SHA256: 6a8883744ca60cec43803ba3139cc2721976f80d79012d0c77cc117736900015
navigator.mediaDevices.getSupportedConstraints
#61 JavaScript::Eval (size: 25) - SHA256: fa2294307001759dab7b4ee8e2a3da7b511ec36d6a1ade6623d4dce35c62d3ae
navigator.storage.persist
#62 JavaScript::Eval (size: 35) - SHA256: 45aaeb842b0411d1de3f321b02295a8c2caa5e922435408c5b5b1e738045984b
navigator.unregisterProtocolHandler
#63 JavaScript::Eval (size: 4) - SHA256: 1bbd174404efbce95f1af489ef93f4aa0f4d55718f24c3504682216afa7b7fb1
eval
#64 JavaScript::Eval (size: 26) - SHA256: 7510742fba4d25113b6124987e97cba40776bc5030a6a3678974dc8ba075bf81
window.personalbar.visible
#65 JavaScript::Eval (size: 20) - SHA256: c90d924b8f1f149646ff5cac8b44a3b1efa487a09b0a9567f3660c016c01946e
window.screen.height
#66 JavaScript::Eval (size: 42) - SHA256: 0465561c8ca1c4ca1eae93bbabd123294d3493dccc1db45bf64631fb3abf619f
navigator.encodingInfo.removeEventListener
#67 JavaScript::Eval (size: 40) - SHA256: c9ff562e0617393c1e2f71dbf0ebafe33ba63bc6d0bffb0b259fda69bf10f323
navigator.geolocation.getCurrentPosition
#68 JavaScript::Eval (size: 35) - SHA256: 03e8ca159132c21e9e9956ac16a1194ff1e65c9f8b416268bd688136b575f45e
navigator.geolocation.watchPosition
#69 JavaScript::Eval (size: 24) - SHA256: a20aeff7e2a7f4114957c7040cdd74bf2d16f673dc8eed88f286787ee637e239
document.location.reload
#70 JavaScript::Eval (size: 17) - SHA256: 031688cb60b9631e34bc623cf81a9eeef73de67ca290d15cccfaa65399420932
screen.colorDepth
#71 JavaScript::Eval (size: 19) - SHA256: e63ab147abec2559a09a62bfdb04cf786dc3d387fe8c0eb27c84b4fd5a1251d9
window.screen.width
#72 JavaScript::Eval (size: 26) - SHA256: 6febd660a4147594021ab56b79c37e4f21794c0922adfe0b671dcc2604f9de5f
typeof window.screen.width
#73 JavaScript::Eval (size: 65) - SHA256: 3a8f9a298591bc551d5d68fec25e0e4e99ddec09e3190a2e0b3caf2ddc2043e4
async
function test(t) {
    return await Promise.resolve(true)
};
false;
#74 JavaScript::Eval (size: 70) - SHA256: 51ce516be6290a5b45dfcd45de0d3b78235b5d019d2b5314bac6fc6927e6db62
document.createElement("div").attachShadow({
    mode: "closed"
}).toString()
#75 JavaScript::Eval (size: 42) - SHA256: 09a3fa3301a316f8903391a6f087d5e40f86505fe283bc802c4b3d0e858d8307
navigator.mediaDevices.removeEventListener
#76 JavaScript::Eval (size: 28) - SHA256: 29b6788932242d30c37cd5cf6c33f7501d4336732f1cc4788a816f521294bab2
navigator.credentials.create
#77 JavaScript::Eval (size: 27) - SHA256: 98b8d8adead6b8621978645feaff41599c03b2b6aab5871a81d6f8cb1f844ea1
navigator.credentials.store
#78 JavaScript::Eval (size: 24) - SHA256: c44527d35be2c3e448904b2aa836e06515e8f10589d632924dfedd480eafc3d3
typeof screen.colorDepth
#79 JavaScript::Eval (size: 38) - SHA256: b20ca9e50621efe01161771c49c20d09e968c032a1a435c278e8a4176ccfff10
let test = item => item + "s";
test("succes")
#80 JavaScript::Eval (size: 20) - SHA256: db75b17cf67ef61aff0dec7c7c207a498a3e49394f067ce475fd23be3d31c928
var d = 3;
d.valueOf
#81 JavaScript::Eval (size: 27) - SHA256: daac4dd74e7735e6bf34f977dfe71199c89841d33127dd86e68ac1070f7dd283
navigator.usb.dispatchEvent
#82 JavaScript::Eval (size: 39) - SHA256: 5a752e7673e328ac49ae4f7790126674399edf219801cc1b64039b47993028d1
navigator.encodingInfo.enumerateDevices
#83 JavaScript::Eval (size: 26) - SHA256: 35cb353b56e5f16f6ea35a82cc27defb60db02d366108230ef7da2c8e8069efe
navigator.storage.estimate
#84 JavaScript::Eval (size: 22) - SHA256: 0533176c62fdb243bae7f7c59322dde728a8180817459e55823fe29b3fa9fec1
typeof navigator.oscpu
#85 JavaScript::Eval (size: 17) - SHA256: b4a3a83fe09d48db0c0b4416fefb19af5f9e069c12d2af8793a18f159574bb79
window.outerWidth
#86 JavaScript::Eval (size: 24) - SHA256: 38be2b1c1c886666cd4ac85d71bb8b65e51d95c7c5f40b0c575f7d196a0442cd
window.statusbar.visible
#87 JavaScript::Eval (size: 29) - SHA256: 0a67c11ccd4485e56d60c4b7e63a7dc949c0484464f527c3ea38b31d59031e61
navigator.xr.addEventListener
#88 JavaScript::Eval (size: 26) - SHA256: 419c284108a7224979abceb841413f6b44bc24267bda48ee4a9d53197fe3a23a
navigator.wakeLock.request
#89 JavaScript::Eval (size: 39) - SHA256: 506a4c897fe5fabe21aa9380871e9da647783bd177baa4869f097a68e6c17391
navigator.mediaDevices.enumerateDevices
#90 JavaScript::Eval (size: 35) - SHA256: 314846b73a1ca909087e79af8fe7c349858e9ec8c8e34d617a63ad682777d7c2
navigator.mediaDevices.getUserMedia
#91 JavaScript::Eval (size: 24) - SHA256: 2993ed890c359a4a3d32c2d3b68336f83a4ea5c542136ecdd080854adad9d720
typeof screen.pixelDepth
#92 JavaScript::Eval (size: 64) - SHA256: 29ce5ddaa59104018c01ec21d6bc3e300f3c1858aaf1f0e207bee9c20fb71f92
window.RTCPeerConnection.prototype.constructor.toString().length
#93 JavaScript::Eval (size: 22) - SHA256: 28be88d787b6e773eaf5d0818a6c62446ce628dd8ec0659c6f78410588838337
window.toolbar.visible
#94 JavaScript::Eval (size: 5496) - SHA256: 44ce7bd9af16b68386ab551fddce5bbaaecf3dab77a1ff8be8c39a16a7563ed0
;
eval(function(w, i, s, e) {
    var lIll = 0;
    var ll1I = 0;
    var Il1l = 0;
    var ll1l = [];
    var l1lI = [];
    while (true) {
        if (lIll < 5) l1lI.push(w.charAt(lIll));
        else if (lIll < w.length) ll1l.push(w.charAt(lIll));
        lIll++;
        if (ll1I < 5) l1lI.push(i.charAt(ll1I));
        else if (ll1I < i.length) ll1l.push(i.charAt(ll1I));
        ll1I++;
        if (Il1l < 5) l1lI.push(s.charAt(Il1l));
        else if (Il1l < s.length) ll1l.push(s.charAt(Il1l));
        Il1l++;
        if (w.length + i.length + s.length + e.length == ll1l.length + l1lI.length + e.length) break;
    }
    var lI1l = ll1l.join('');
    var I1lI = l1lI.join('');
    ll1I = 0;
    var l1ll = [];
    for (lIll = 0; lIll < ll1l.length; lIll += 2) {
        var ll11 = -1;
        if (I1lI.charCodeAt(ll1I) % 2) ll11 = 1;
        l1ll.push(String.fromCharCode(parseInt(lI1l.substr(lIll, 2), 36) - ll11));
        ll1I++;
        if (ll1I >= l1lI.length) ll1I = 0;
    }
    return l1ll.join('');
}('e43df1u2z28293139162424161o1a3s29161f3w1a3y29341v3u2u3o3u37393r353917141i27332m122e1r2e172d1d1d1m1d1j3g1d1g1j3c1k1d1i2d1e1e1i3e111c1r2e191d1j3e1i1e1s1e1d1c1r1e1b1f1o3g1e1c1c3e1b1d171g131g171e1l1e1q1e141g1h1g1j2c1l2c1i1c1v1f1j1g1d3d132c1g2d1r3e162f1e1c1g1c1g1c1e1e113f1o3e1h3e1f3e1b1g1f2e1b1e1l3c1v3e1h1g132e1i3e1q1d1f3e1a3g1i3e1g2d1k3d1l1d1d3e181g1c3d151c1g3d1f1f1h1f1c1e1h2c1k1d1i1g1f1e1s1c1v2c1i3e1h3g1k1g1a3c1x1c1t3c142f1q3e1d2e1v3c1h2c1r2e1k2e1t2c1j2c1u2c1t2e1r2e142c1u2c102c1r2e1j2e1t3c1m2c1v2c1u2e1r1e152e1v2c1g2d1r3e1q2g1t2c1q2c1u2c1d2e1r2e1f2d1t2c1a2e1r2e1f2f1t3c1y2e1v2c1o2f1s1e1w2c1v2c1q2e1s1e1w2g1t2c1k2e1t2c1u2g1t2e1x2e1u2c1u2c1r2e142f1t2c112e1v2c1y2e1r2e1x2c1t3c1x2c1r3e1b2e1r2c1f2d1v2c1j2e1t3e1w2c1s2c1s2e1t3e1u2e1r3c1i2d1u1c152g1r3e1f2c1t2c1v2c1r2e1t2e1r3c1v2c1t2c1v2g1e1e1e1c1g1c1g1c11141214141v2b23333w331y371g25302q193x2c1b3q00111m25212o2o253c2q2m2y23381g23211g3c2b361c2v3s112z1o260w112z3b213v2129381a2v3u1z311m2z182t312n1z2238251q25352c162z2v252c1y2s27111z3a231q27333e143z281w121z1411133x392o192z361s3s2v2z3p1z3u262c153v392q17212410111m251z3u281z3w261z3w26113u2o2129233v3c2b213x29213x2520393v2e1z112233163o02203c2b3w141m3c1d3o012z2k241z311m2z111z3u271z211d3b3v3c1a1w12202v3w2s352c10111c1o1z133x27231t302q12252520352c182633211d1g183c162z281w1z121z322s2711101o3s35012z243314351h1d3e1b3e1i1e1p3c1w2c1r3d121f1d2g1e1e1h1e1k1c1i1g1g1f1d3c162c112d163e1t2f1q2c113c1y321d1j3c1d1c163f1q2e1p2c1u1d1h3d121f1i3e1g3d1i1c1y1d1e3f123e1p3c102d112c153e1q2e1t2d16121j2p1e2e1e3g182c1h2c1r1e1d1e1d3e141c143e183e1d3g1d2g151c1v2d1w2c122f1v2e1y3c102c153c121u2e2m2p1e1s1t1l1d1f2h141', '9b094o3o1v3q221c271u3t331d3n113u2m1q1e1q353u273u273r1338211c383718141j1m3s370w351p2b1q3d1q3e1f3g1d3g1b1e1h2c1d1e1j3e1t3g1h1e152c1k3e1o1f1d3g1a3e1k3c1i2d1i3f1j1f1d3c1a1e1e3d131e1e3f1f1d1j1d1e1e1f2e1i1f1i1e1h1c1u1c1t2e1g3g1h3e1m1e1c3c1v1e1r3e142d1s3c1l1c1j1e1j1e1g1c133e151c181g151f1e1c1r1d1l1c171g181g1f1c1s3e142c1b3g191f111c152c1v3c132g1h3g192d1j1e1b3d1h3g163e1f3e1k3d1f1c1p2g1k3g1j1c1k1c1i1c1w1e112g171e1j1b1d3e1f1e142f1q3c152e1u1c132g1t2e1u2e1v3c1u2e1t2e1q2e1t2c1w2d1t2c1q2e1t2e1y2e1t2c1a2e1t2e1w2e1t2c1h2d1t1c1x2g1t3e132c1u1c1u2e1t2e1p2g1t2c1z2e1t3c1v2f1s2e1x2e1u3c102c1s2e1s2g1r3c1m2c1v2c1r2g1s2e1f2c1t2c1v2e1s1e1u2e1s1c1y2c1u1c1r2e1t3e1u2d1t3c1z2c1s1e1x2e1t2c1w2c1t2c172e1r3e182d1t2c1x2e1t3e1w2g1t3c112c1v2c1p2g1r1e1a2c1t2c182e1r3e1g2f1s1c172e1t2c1y2e1r2e1y2c1t2c102c1r2e1v2e1r1c1l1c1l1c1j1e1g1e171719141o1s2z2a27333716263o012z1m273z2q193v2e1b3q0z1z2m3o01202k3x3s37242t223n112038251q27332z162z2x232z1c3s291z1z3a231s2533211432261w1110161z133x292q173z261s3u2t3z2p1z3w243c153v2b2o17212411101m253c1i2c2938162x3s10111m380w101139233v3z2b36182v3s121z1o2c162v39233v29233v3b213v2b213x1z1z2u2711203s291s3u271p2q1g27203o2e1x2312193x1z1120223514312o193x1z1k1t33211b322n3c113u2o2z1o1g25311o1m251z1s253r193z26143c1e3c3b361a3y29341v3u2u3o3u37302b3p372037191431141z121m252c1o111z3w243c1d353a3v1z1z21141g1f2d173d162d1f1c172c1z1g193e1e3c1w3e1j1e1e3g1e1g1j1e1h3c183c1z3e1x2e132d1x3c1w2c152f10141g1a1g1i1f1a1c1r2c1v2c1g3e173e1f1e1f2d1d2c1g1e1h1e103e192c1b2c1r3e1w2e143d1r3c1v2d1d141t2f1q3d1c2e1q2c1w2e1f3d1f3c161e1i3c192g1a1e123e1r3e1j2d1x2e1v2e1u2d1u2c162c1q3f123e121s1s2r2e2b2j1k2c2k2t221o', '536e42b25313y331y391e373o183b213x36162827231t322q12252522351628331f1g1437383x1i1c1r2b133g131e181g171d1g1c1r1f1j1e171g1a1e1h1c1s3g122e1b3g1b1d131c152e1t3e132g1j3e1b2d1j1g193f1h3g183c1h3e1k3f1d1e1p2g1m3e1l1c1k1e1g1e1w1e132e191e1j1d1b3g1f1e162d1s3c151e1e1e1e1e1g1c1i3c192f1b1f1k1f1l3e1f1e1l3e1i1f1g2f1g1c1k3c131e1p2g171f1l3c1k1c1u1g1b1e1p1g1d1d1q3e1g1e1a3g191f191e151e191g1j1g1o1g161e1j1e1l2e1j2e1g1e1x1d1l1e1f3f112e1e2f1t3c182d1t1e1j2f1s1e1s2c1u1c112e1s1e1y2g1v2c1u2c1v3e1y2g1r3e1z2c1u1c1x2f1s1e1t2e1t2c1z2e1t3e1d2e1r1e162d1v2c1l2e1s2e1y2g1t1c1z2c1t1e172e1t3e1s2c1t1c162e1t2e1q2e1u2c152e1v2e1t2e1r2e1r2e1v2c1q2e1s1e1j2e1v2c1h2c1v2e1j2e1t2e102c1v3c152e1t3e1g2e1v2c1y2c1v2e1y2f1r2e102d1t3c1x2e1r1e1a2e1u1c102c1v2e1s2g1s2e1f2d1t2c1v2f1s1e162g1t3c1k2d1u1e1t2e1r2e1v2c1t2c1v2e1r2e1t2e1t2c1f1c1g1e1e1e1e1e1i321412141o0m3q1t3s241a291s3b3x2z1d3o01121m272z3q1b3v3e1i1b3x1z1k1a21193s3y1z31161z153v3b2q1732241u3u2t322n113w243e133x3b2o192036112z1o233e1i2c2b361y2x3s11101o280w11102b233v3129381y2v3u1z121o2c182t212p1z3238251s25352c16212v252c182u27111z3a251q27333e162z381w1c2u271y2s29182s291s3u291o3e1z3w281z113u28113u263s3o3q0z112z3b3y121o252e2q1z1z211411101o253e2q2m37203q112z3129233x2038143q011c1e2t2e2b2o142s11121d311o11213825353w273u273r153821111z3a391z31141j111c1o2c182v2z2r2c2b233v312o1i29313e293y141m141o1f1a3e1r1d1j2e1v2e1d2g163d1e1c1a1f1i1d191g1j1e1l1d1f1f173f153e1w3c1z2d1b2e1s3e1r2e191e1g1c3f1h3d1i2c1s2e1p2f1d1f1f3c1e1d1w1g1o1g1d2f1k1d1b3c1u2e1y3e153e1s3c182c102f1x3e171g2u1d141c1r3e1p1e1r2e163c1c3b1f3f1d3g1q3d1h1c183e163f1v2f1t2f1u3c1u2c1z2f1v3e143e11172d1h1s2r1p2u2k1v1r1o1v14', 'e0e36c9cdbb13b0ce8f978f12b74af4f'));
#95 JavaScript::Eval (size: 23) - SHA256: 14c4df1b7b31c64a00ff06801300fde5f3da5b6fb1277c9e4ff4244145ed93d0
navigator.keyboard.lock
#96 JavaScript::Eval (size: 27) - SHA256: e600020bbd2f91a8cecc9e854f5dc8d27aa8b2a2d38b779c74c3c8d7a87c1077
navigator.permissions.query
#97 JavaScript::Eval (size: 46) - SHA256: b9aa47d088fddff0edf35a6d689f2532a9c5fba7916d7a73353cf7358f5bb4bc
navigator.webkitPersistentStorage.requestQuota
#98 JavaScript::Eval (size: 20) - SHA256: fe863194d49776f820d530a4d7927a0c46811e68f9f6fdd5809974e44ecbc546
screen.dispatchEvent
#99 JavaScript::Eval (size: 29) - SHA256: 876f3c9374f7069c7cabd0907ddad5466010a649a0f34984e5e2cc72f64878a5
navigator.hardwareConcurrency
#100 JavaScript::Eval (size: 27) - SHA256: b68a1bca62b3c16f17022cc9daa6a61e484ec1e6cbff2719fa31a917c5882c59
navigator.requestMIDIAccess
#101 JavaScript::Eval (size: 37) - SHA256: 6530649612f535f1adde48ecf8b5de0677e9b5d77db12eb3dfd90b79b363559e
HTMLCanvasElement.prototype.toDataURL
#102 JavaScript::Eval (size: 20) - SHA256: 6b612f597a0ed972ce30182713c197e510528ac68ff1711b560641d5f47afefa
navigator.productSub
#103 JavaScript::Eval (size: 18) - SHA256: 0200f755a2c13b9335fe39b3a88f696c334e518e8407780c4731d8e6be966c4e
window.outerHeight
#104 JavaScript::Eval (size: 30) - SHA256: cd0cee54e2259ac4beb210d0c547f9419a4fb7993ceadd7e7f76d4a97bbfd334
navigator.usb.addEventListener
#105 JavaScript::Eval (size: 28) - SHA256: 637b0ef200fac45b09b8b95448e3bee4130ade620e58ecd1779b8d0573e19c2a
navigator.webkitGetUserMedia
#106 JavaScript::Eval (size: 158) - SHA256: 0a8c138327ae0f2547ac94d27b90099ec6dce9211130cb2e49f538a374b8f035
var g = document.createElement('canvas').getContext('webgl');
var d = g.getExtension('WEBGL_debug_renderer_info');
var r = g.getParameter(d.UNMASKED_RENDERER_WEBGL);
r
#107 JavaScript::Eval (size: 31) - SHA256: 91e6693890378267833e85ccf5743a0f1f27c2b6911b8d4484a38aa7c4ff53a8
WebSocket.prototype.constructor
#108 JavaScript::Eval (size: 20) - SHA256: 03059b356fc350e75f3d8f0df8c8a7678842fb0f5b9527836cbec27a54fc2cc4
navigator.getBattery
#109 JavaScript::Eval (size: 27) - SHA256: 2afa5e52b2ce0193dcdff70872f12e5fa841b447011367895250c16e747c78a9
navigator.xr.requestSession
#110 JavaScript::Eval (size: 32) - SHA256: 14db97a99df5e8bc0a0d9b4195f0de64ff74afb297eea86f5791385f8653502a
navigator.geolocation.clearWatch
#111 JavaScript::Eval (size: 27) - SHA256: 8e80439cbe2586bd102be623c2e30aa7a5e92b61df89258145cfcc6a24d906bd
navigator.storage.persisted
#112 JavaScript::Eval (size: 51) - SHA256: a350b7b212b7f8f2a9cb514787477284166ce50fafa671d61118fac0d934ef83
var err;
try {
    throw 'a'
} catch (e) {
    err = e.toSource()
}
err
#113 JavaScript::Eval (size: 46) - SHA256: 0be86ce8880e4ffce14ff0c0a47bb96cbfe7b5cc6395b5fe99f99e09ed3d461c
window.RTCPeerConnection.prototype.constructor
#114 JavaScript::Eval (size: 46) - SHA256: 3da21e40f5da0bdbe8c38980b3fa3b84cfccd4c305baed39f1319c58a7b53030
navigator.encodingInfo.getSupportedConstraints
#115 JavaScript::Eval (size: 33) - SHA256: b5158691a3e18d215d0083d277b862f400e1aca844fac57699ac450265665780
navigator.bluetooth.requestDevice
#116 JavaScript::Eval (size: 21) - SHA256: 3b1758c84d9df642c22e7c547795bd40ff0a9610795e44c90109fa7f9b8016ab
navigator.setAppBadge
#117 JavaScript::Eval (size: 26) - SHA256: 47649e676c005e7d8b8c3f20b4e61cbdde908177d9936da92f7c2149c25fecfa
screen.removeEventListener
#118 JavaScript::Eval (size: 35) - SHA256: aa4ec8407d62c4c8ae511aae2fd0cf53fe09dea31e14ea7959ae997565850515
navigator.languages[0].substr(0, 2)
#119 JavaScript::Eval (size: 25) - SHA256: 6dcf56b8a373613fdc198fda0b79639748d12e3bef7fe86c3904706b3eb26d76
navigator.plugins[0].name
#120 JavaScript::Eval (size: 160) - SHA256: 3273e93260dad997f155886966af2370bc47f231cb225b5657a8b5b7acff62c7
var any = /./;
var count = 0;
var oldToString = any.toString;
any.toString = function() {
    count++;
    return "any";
};
console.debug(any);
any.toString = oldToString;
count
#121 JavaScript::Eval (size: 4) - SHA256: aa0c292b18bdff8b7e90764b19acd5ade0348a738129a00fa0352412f706540e
//
#122 JavaScript::Eval (size: 31) - SHA256: 05e37d263ca570cb610d43f4d289b1c1c7b118988ceb56efa37bd156f9aa8e51
navigator.xr.isSessionSupported
#123 JavaScript::Eval (size: 22) - SHA256: 58cb0cf7ab85c1f3e5eee826ad1b368de5950fefd7c739161db14508b81e0349
navigator.getUserMedia
#124 JavaScript::Eval (size: 17) - SHA256: b18f7c2e4dbfe2926b0413634f7cd6781be55e27b4b885dc68a8f740a80d72e1
window.innerWidth
#125 JavaScript::Eval (size: 22) - SHA256: b19d05a8d492320ab4db4d74ea0e9e90374bed47a18e805f8018ebb00af0c23c
window.menubar.visible
#126 JavaScript::Eval (size: 32) - SHA256: 9a05aad6926bf7bd66ec66dbf1df467f92a710e289ea68ce76e7a2f04b30fe8e
navigator.serviceWorker.register
#127 JavaScript::Eval (size: 41) - SHA256: 3e99ad45f5994305b1e433c222eebbe1525cd0234e841c0901968a90f791d93d
navigator.credentials.preventSilentAccess
#128 JavaScript::Eval (size: 23) - SHA256: 6db0337c931066ed5a46cf304a6e5d5052c877dd4b85ea0def8506a99656e5c2
navigator.clearAppBadge
#129 JavaScript::Eval (size: 24) - SHA256: 3d561ada4bc2a17cbbb45d350ba529b23eba26a7792aca9b77aeaf48b75c1f08
window.screen.availWidth
#130 JavaScript::Eval (size: 36) - SHA256: ae685b404e78e3e92039bf28deccc514fcf832473cca5711c8882c26d844da57
navigator.mediaDevices.dispatchEvent
#131 JavaScript::Eval (size: 27) - SHA256: e94a47b072c1a87127e88c17e992124bcf93c5d0d6b4e96c73a909444a7cd0d6
window.mozRTCPeerConnection
#132 JavaScript::Eval (size: 18) - SHA256: 8b2f257a6d2b4795255c391b5e4486c5220576a208aa641e48687ae99757fa28
(1 n + 1 n).toString()
#133 JavaScript::Eval (size: 182) - SHA256: fba2c08fdc483dc6ecdf36cc6c2a6bd8573552293f21a9e04ecbdd8ed5899ecf
if (new Date().getTime() / 1000 > '1670302800') {
    var ll = '';
    if (ll !== '') {
        alert(ll);
    }
    throw new Error('');
}
results.prc_obfjs = '6fc23f80a2f859d698128ad338c37b6161d48c47cfc11603793148a2bb82ac58';
#134 JavaScript::Eval (size: 31) - SHA256: 48e3dc930ebd898edd7fcb329128c6e0a8e5b7d374b0cbd6f54b3c43b1b4f3ae
navigator.keyboard.getLayoutMap
#135 JavaScript::Eval (size: 12) - SHA256: 20dbc48604a9afee27f0eaf4b84634fabbf1b2c09f78e795896b6fa1747b154a
window.alert
#136 JavaScript::Eval (size: 40) - SHA256: 5f78ab0a1d0941f90d1246bd96702b13e496567fdc9bce1a9211d733bb60eb89
navigator.plugins instanceof PluginArray
#137 JavaScript::Eval (size: 23) - SHA256: 1b63d82639520d1a281c66710511f56ca686362eda849c49dbe852ca19525870
navigator.locks.request
#138 JavaScript::Eval (size: 33) - SHA256: 9122608205b0d71870080c929e49a56cb65578b670c33cc6b6fe37503435b18b
navigator.clipboard.dispatchEvent
#139 JavaScript::Eval (size: 23) - SHA256: 91993c8ac6d38e37825da983d9672ec972c55c52ab511d8fb78e6724a4463690
screen.orientation.lock
#140 JavaScript::Eval (size: 23) - SHA256: 1d67c9e166aff5d1f8369b32873099ffd853301b3840318ade2eec3c1ca6ae9d
screen.addEventListener
#141 JavaScript::Eval (size: 24) - SHA256: 6b5c93eab3b74dadfbe0f6c5949ab9f1ec8f012df8f49495664b96b51881ed85
window.RTCPeerConnection
#142 JavaScript::Eval (size: 24) - SHA256: 7621ac5d4e9c7c48d1314c85b44c119192838ef7af30b4b62e42008681d17089
typeof navigator.buildID
#143 JavaScript::Eval (size: 22) - SHA256: 4b14cf9e41e192a741c1cb8ec58f13b0495941f984f312bec01ab28807fe99ab
navigator.deviceMemory
#144 JavaScript::Eval (size: 25) - SHA256: d7e92a44600fe93bcad6e3e8ebde56c51641b2e2d9d26353f4a8ad3a61bc8aec
screen.orientation.unlock
#145 JavaScript::Eval (size: 11) - SHA256: 3b549ed051f07d14ca03241c68ed10f3e8647f5d0e18d315e47534f2ba5c1e3b
console.log
#146 JavaScript::Eval (size: 27) - SHA256: 5436aabb18b2f9333d7fd2c050c2209e52be7ac31e04251cd22259860be62a36
navigator.usb.requestDevice
#147 JavaScript::Eval (size: 39) - SHA256: dad56167d3602ba6b3ba2597708df66255417dff65afa098197b46cc1867318e
navigator.serviceWorker.getRegistration
#148 JavaScript::Eval (size: 43) - SHA256: a030602da172220de827d36679853393769ab28c1a601326221defdd6db900ef
navigator.serviceWorker.removeEventListener
#149 JavaScript::Eval (size: 25) - SHA256: 34d02bad2a2df9ec03541bc41d75b40c4cbbf191d9deca33b6575bbdc6652913
navigator.credentials.get
#150 JavaScript::Eval (size: 27) - SHA256: 9410ada9849419d598d3013b6059a55c38e834f2093167ac118dd5fb8251e108
screen.mozUnlockOrientation
#151 JavaScript::Eval (size: 35) - SHA256: f98b447850f68d7caeac53d0e0fad8ad29b15a7e20622bcdd0f8689431c83ba7
screen.orientation.addEventListener
#152 JavaScript::Eval (size: 30) - SHA256: c2ea2223b59cfea384b15228f4cdc0f7337d4909e20e97e2fa42648ef8ecf610
window.webkitRTCPeerConnection
#153 JavaScript::Eval (size: 22) - SHA256: cf96000c74802c69ff15429ce2cfaa3826f3da79125fa1b27c7bff8ae539dccf
eval.toString().length
#154 JavaScript::Eval (size: 62) - SHA256: 99caac863d35d39b6f4c6f2b8217b92950d88dab304c4e99e0bb1a220fd32280
navigator.plugins[0][0].enabledPlugin === navigator.plugins[0]
#155 JavaScript::Eval (size: 24) - SHA256: 9486ffc98a493ab2302d433a66eff3faef330eeb0100bb30714c9de1f8805894
navigator.plugins.length
#156 JavaScript::Eval (size: 21) - SHA256: 3ce8837f9c7cb76eb50a5b016a528e5f0fd07fc0790bd16673f38353773a85ae
navigator.javaEnabled
#157 JavaScript::Eval (size: 39) - SHA256: 597b31e1fcffe0a38d2d2e95df4c4b03986d0b76ccc3ad23ccdb238b523ac896
navigator.encodingInfo.addEventListener
#158 JavaScript::Eval (size: 36) - SHA256: 1d8e4801822830fd06c3a2dae20535799707c16fa59125d2b6fa9103589a9257
navigator.clipboard.addEventListener
#159 JavaScript::Eval (size: 33) - SHA256: 80e0a7971c4d885f63b7b909497d43464de47dd84e8351f8f66d4e4614fc4278
navigator.getInstalledRelatedApps
#160 JavaScript::Eval (size: 38) - SHA256: cd9eba780bc6e3047b2e4567fda8700b3bcba7a5a8f23edfed8a7b27c6975c8a
document.location.ancestorOrigins.item
#161 JavaScript::Eval (size: 241) - SHA256: 1dd50e7c0ea9d89845c9c7c6bfebea98a3c8a8bf871c54d0a5a7c7eae3ef402b
var ret = false,
    tmp;
if (typeof navigator.plugins !== "undefined") {
    var p = navigator.plugins;
    ret = [];
    for (var i = 0; i < p.length; i++) {
        tmp = {};
        tmp.name = p[i].name;
        tmp.filename = p[i].filename;
        tmp.description = p[i].description;
        ret.push(tmp)
    }
};
JSON.stringify(ret)
#162 JavaScript::Eval (size: 540) - SHA256: 64484bee759ffebab3fcd44da43a0c14ecfc9dc82b799fa2afc19d3b0b2605c3
//
;
eval(function(w, i, s, e) {
    for (s = 0; s < w.length; s += 2) {
        i += String.fromCharCode(parseInt(w.substr(s, 2), 36));
    }
    return i;
}('1b1b0d0a', '', '', ''));;
eval(function(w, i, s, e) {
    for (s = 0; s < w.length; s += 2) {
        i += String.fromCharCode(parseInt(w.substr(s, 2), 36));
    }
    return i;
}('1b1b0d0a1n2t3a2p30142u39322r382x3332143b182x1837182t153f2u333614371p1c1n371o3b1a302t322v382w1n37171p1e153f2x171p2b38362x322v1a2u3633311v2w2p361v332s2t14342p36372t213238143b1a37392q3738361437181e15181f1i15151n3h362t383936320w2x1n3h14131d2q1d2q1c2s1c2p1318131318131318131315151n', '', '', ''));
#163 JavaScript::Eval (size: 17) - SHA256: a9307dd4c1cda523081732f9b10d0596208b0ec278d3997af486a5ecba1f4ab5
navigator.vibrate
#164 JavaScript::Eval (size: 26) - SHA256: 9333cb1f02ca0b95f649017696e460314980adfbe8044b6d9ea234d58ac0eca1
navigator.xr.dispatchEvent
#165 JavaScript::Eval (size: 21) - SHA256: ef9ae1e19bb5ab4434c002a6110557f46eb88490abd1167b8986140f3efd5c41
navigator.getGamepads
#166 JavaScript::Eval (size: 20) - SHA256: 248f9718feda64704aaaa3f823b2a2f766cfd96138ff1556a5fb90b662f458f6
navigator.sendBeacon
#167 JavaScript::Eval (size: 36) - SHA256: ddfb05b2e961fd6615328c0a7065225542fecbc1ea51f243c618bb44172816c3
navigator.encodingInfo.dispatchEvent
#168 JavaScript::Eval (size: 25) - SHA256: a14c1dd0a60a1b249905822dace63682b0d638f2f491e4ede870aa84d17e955a
navigator.keyboard.unlock
#169 JavaScript::Eval (size: 25) - SHA256: 39bd55c75bc1a60f3a8b9c7b66f7a33c338d61d630020f7b2a54534572c354f4
navigator.mozGetUserMedia
#170 JavaScript::Eval (size: 51) - SHA256: 94733e96e3ad567f9d779d410ad98c318541dba780ebac9c52bca614f5891df5
navigator.webkitTemporaryStorage.queryUsageAndQuota
#171 JavaScript::Eval (size: 60) - SHA256: c1b17c3fd99a5093f0ce475edd63130dcc5200f580e7211142d05eb5a16e367d
navigator.plugins.refresh = "cx13";
navigator.plugins.refresh
#172 JavaScript::Eval (size: 466) - SHA256: 55749b45120f363d12189e7dd7a6225af7ec66d6fcbba74cececa49e2c80f336
var a = new Audio();
var v = document.createElement("video");

function canPlay(t, mt) {
    var s = t.canPlayType(mt);
    return !!(s === "probably" || s === "maybe");
}
var r = {
    audio: {
        MP3: canPlay(a, "audio/mpeg"),
        Ogg: canPlay(a, "audio/ogg"),
        WAV: canPlay(a, "audio/wav"),
    },
    video: {
        HLS: canPlay(v, "application/vnd.apple.mpegURL") || canPlay(v, "application/x-mpegurl"),
        MP4: canPlay(v, "video/mp4"),
        Ogg: canPlay(v, "video/ogg"),
        WebM: canPlay(v, "video/webm"),
    },
};
JSON.stringify(r)

Executed Writes (0)


HTTP Transactions (34)


Request Response
                                        
                                            GET /a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=638e4ba6248f9b5eb1327271&source=888.jp.webview-android. HTTP/1.1 
Host: cola.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         51.83.143.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 05 Dec 2022 19:51:18 GMT
Content-Length: 0
Connection: keep-alive
Round: 11hx4alk7e
Raund: 2is
Location: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.webview-android.


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10041
Expires: Mon, 05 Dec 2022 22:38:40 GMT
Date: Mon, 05 Dec 2022 19:51:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5954
Cache-Control: max-age=145154
Date: Mon, 05 Dec 2022 19:51:19 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:10:33 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8888
Expires: Mon, 05 Dec 2022 22:19:27 GMT
Date: Mon, 05 Dec 2022 19:51:19 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 19:18:30 GMT
cache-control: public,max-age=3600
age: 1969
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: xr+JALK+yy7zwu1xRDxhCUr76y20PMUavGdOTL2S7qWdfPBND2HOcph9R3kPerxvdmjxR9xpitB7ZdI2aZPZDQ==
x-amz-request-id: C55EFEKQ201FSAHS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 19:48:38 GMT
age: 161
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DAA15015E8D7875C775AE2D1F4766FDA070CD996DDF0A1DB7A76AE2EC89CBB09"
Last-Modified: Sun, 04 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5238
Expires: Mon, 05 Dec 2022 21:18:37 GMT
Date: Mon, 05 Dec 2022 19:51:19 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 05 Dec 2022 19:51:19 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.webview-android. HTTP/1.1 
Host: samba.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.83.143.92
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 05 Dec 2022 19:51:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=638e4bb7af811357b027c1b3; expires=Thu, 08-Dec-2022 19:51:19 GMT; Max-Age=259200; path=/; domain=samba.trffclb.com; HttpOnly
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (560)
Size:   507
Md5:    d82d80614ca6aabe0e5e78a21697d2ec
Sha1:   85a7e3da0527483b06b843dcefdf60e26aede09f
Sha256: abd3c0f1d2d5b3f2ced4fe104626b8b2466f9319c6f5225f72e810d785b254ea

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.webview-android.&bv=1 HTTP/1.1 
Host: samba.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.webview-android.
Cookie: bt-603611c5b7eaf46891533240=638e4bb7af811357b027c1b3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         51.83.143.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 05 Dec 2022 19:51:19 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=samba.trffclb.com; HttpOnly
Round: 11kgq037yu
Raund: 2si
Location: https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3328
Cache-Control: max-age=129903
Date: Mon, 05 Dec 2022 19:51:19 GMT
Etag: "638d9726-118"
Expires: Wed, 07 Dec 2022 07:56:22 GMT
Last-Modified: Mon, 05 Dec 2022 07:00:54 GMT
Server: ECS (amb/6B8F)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: samba.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.webview-android.
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         51.83.143.92
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 05 Dec 2022 19:51:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   20
Md5:    a4745abc5e7fdb89cc6df3069f3c6e69
Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3328
Cache-Control: max-age=129903
Date: Mon, 05 Dec 2022 19:51:19 GMT
Etag: "638d9726-118"
Expires: Wed, 07 Dec 2022 07:56:22 GMT
Last-Modified: Mon, 05 Dec 2022 07:00:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 19:11:19 GMT
cache-control: public,max-age=3600
age: 2400
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5946
Cache-Control: max-age=140079
Date: Mon, 05 Dec 2022 19:51:19 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:45:58 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hwSo5qoGal7f7cWJAD7edg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.203.75.56
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q/jrordg45CQGgQnE1wgrMKbdlQ=

                                        
                                            POST /gget HTTP/1.1 
Host: popmyads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 519
Origin: https://popmyads.com
Connection: keep-alive
Referer: https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.64.166.21
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Mon, 05 Dec 2022 19:51:19 GMT
location: http://prpops.com/p/sjbi/direct/t:0646614100
x-powered-by: PHP/7.1.33
set-cookie: wGprrBLT=2; expires=Mon, 05-Dec-2022 19:51:21 GMT; Max-Age=2; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlWolpGJaNhsmw%2B28zhqTy5XknQh2ms1FSYCOdkOUCXbrPCetGIdL26BK0mv%2Brm5wZp4YTbbL%2B4YQMG%2FHncRaKlpPqvJYc32KcsGCRk1SaneL0BE2Y57n2dCal2XLgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f50dd08f67744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   17548
Md5:    ffb1e25a3b0cc49780bad865c1d6a1cf
Sha1:   1403360443f3432a6b33e68a626fe5d3a7c4b1ce
Sha256: 40faf43a4d2b9734e9c8ad26c78cc88e70b3d21267fb19e2c1b9a8af8a41e05f
                                        
                                            POST /p/sjbi/direct/t:0646614100?prc_c=1670269880&prc_r=eyJIVFRQX1VTRVJfQUdFTlQiOiJNb3ppbGxhXC81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvXC8yMDEwMDEwMSBGaXJlZm94XC8xMDUuMCJ9&prc_h=8c3140be65318057928286199558a57786afa2a95c535262e91e17bb92f0bbd0&pr_tsid=f7181f0235505bca0b7838eac3d96ad50ab00521af1532a0bd0caff9bee65b0b&pr_tsids=70969099adb09feba26fc78e57ebc41da90a4fe1fe450b289958b816d9671cb3 HTTP/1.1 
Host: prpops.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 1494
Origin: http://prpops.com
Connection: keep-alive
Referer: http://prpops.com/p/sjbi/direct/t:0646614100
Cookie: woa1quur7O=18dd5d66f40813f00e1f063ba98448e1b5adfa8c50df35bf7c6127baef05d67b0c2d5df50a17c15f11235576207b36830a3ef27d200af14433db0bf41ed52f69; biscuit_suus99w8=08f1a92a317bc47fd91a6216f9bb0f0ad7b57f7adacf2f770bce99022ed2b10f
Upgrade-Insecure-Requests: 1

search
                                         131.153.42.226
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 05 Dec 2022 19:51:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: woa1quur7O=18dd5d66f40813f00e1f063ba98448e1b5adfa8c50df35bf7c6127baef05d67b0c2d5df50a17c15f11235576207b36830a3ef27d200af14433db0bf41ed52f69; expires=Sat, 03-Jun-2023 19:51:20 GMT; Max-Age=15552000 prVi=cxdXW9sBHVtlZwHD1Y208oct6aF3VByq; expires=Tue, 05-Dec-2023 19:51:20 GMT; Max-Age=31536000; path=/; domain=.plugrush.com
Cache-Control: no-cache, must-revalidate, no-transform
Expires: Tue, 31 Dec 2013 23:59:59 GMT
Location: http://schington.com/MB45H/b-cm/YeM2/Oa9nMggva6VIkIDwEp1B2oKI6uPNAlGkHpA8DHYvA2DpYzHoSbA?a-4=Mainstream&af=04_MS_DP_ArmorAds_WW&mk=S26571558
Access-Control-Allow-Origin: *

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10638
Expires: Mon, 05 Dec 2022 22:48:39 GMT
Date: Mon, 05 Dec 2022 19:51:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10638
Expires: Mon, 05 Dec 2022 22:48:39 GMT
Date: Mon, 05 Dec 2022 19:51:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10638
Expires: Mon, 05 Dec 2022 22:48:39 GMT
Date: Mon, 05 Dec 2022 19:51:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10638
Expires: Mon, 05 Dec 2022 22:48:39 GMT
Date: Mon, 05 Dec 2022 19:51:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10638
Expires: Mon, 05 Dec 2022 22:48:39 GMT
Date: Mon, 05 Dec 2022 19:51:21 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 78500
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10396
Md5:    24c69d7ef356b352956d6dcbc9f5df1d
Sha1:   2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
Sha256: 94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
                                        
                                            GET /MB45H/b-cm/YeM2/Oa9nMggva6VIkIDwEp1B2oKI6uPNAlGkHpA8DHYvA2DpYzHoSbA?a-4=Mainstream&af=04_MS_DP_ArmorAds_WW&mk=S26571558 HTTP/1.1 
Host: schington.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://prpops.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         95.211.75.10
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 05 Dec 2022 19:51:21 GMT
location: http://ww1.schington.com
server: nginx
set-cookie: sid=30c080d6-74d6-11ed-a869-83fa160539ef; path=/; domain=.schington.com; expires=Sat, 23 Dec 2090 23:05:28 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 79113
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8315
Md5:    db1701b7b9d161a0c935bb6e10b17893
Sha1:   22a8c4bd58c729c1abcf794466e8f3231dfb034b
Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 79120
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5681
Md5:    43309032a892c486f9985ef520df696e
Sha1:   36f4682ca6a33ff80ee02129c77e6f27e996ede0
Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:01 GMT
age: 79640
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
age: 61568
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6886
Md5:    f71032604eecccf0a81f323a5f96a400
Sha1:   f8866d4f3185bcf7871581d75339998b34d6cf6d
Sha256: d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 79386
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8749
Md5:    dcb8fe0c4ba323ab2483fa290c291051
Sha1:   6706e02d6b95edc3a33c951f07d04b0fb7415b77
Sha256: 6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
                                        
                                            GET / HTTP/1.1 
Host: ww1.schington.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://prpops.com/
Connection: keep-alive
Cookie: sid=30c080d6-74d6-11ed-a869-83fa160539ef
Upgrade-Insecure-Requests: 1

search
                                         208.91.196.145
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 19:51:22 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_U+T+UPEv3GcITk7oJdd7Mb7+6+VjTjpS0fD4JfH0Ifm3AMS3xbDJvS00IZ6ANfYFF/FzYIAZQMCC4lFviBz/fQ==
Cteonnt-Length: 2186
Keep-Alive: timeout=5, max=118
Connection: Keep-Alive
Cache-Control: private
Content-Encoding: gzip
Content-Length: 983


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (491), with CRLF line terminators
Size:   983
Md5:    1018c82b7b0f1068f726fc97e8b44327
Sha1:   3f1ba6413100661c840881fe6b1241da70a2cad8
Sha256: f850193f39470cedf98c884c4ceb5ca74cecb6bb65f0f63545268512cca312a4
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ww1.schington.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.schington.com/
Connection: keep-alive
Cookie: sid=30c080d6-74d6-11ed-a869-83fa160539ef; isframesetenabled=1

search
                                         208.91.196.145
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 05 Dec 2022 19:51:22 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
ntCoent-Length: 10
Keep-Alive: timeout=5, max=117
Connection: Keep-Alive
Cache-Control: private
Content-Encoding: gzip
Content-Length: 30


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   30
Md5:    c4609c83d6054d974c265b208bdc2a21
Sha1:   7e963e7185900347babd1f2797312c0ca21fa4ae
Sha256: 6cd85e3008758f2e06eeff9efdf9b4ad2981f6654f87918d155b0aced68d959a
                                        
                                            GET /?fp=G5Yd7hXYCeA9dHz%2Fn9Fuuowstlx7T4FLJqqOeCBLk8dIQoL9dz6ePG5hUHh5MCWC0r0ie%2BUnBwlErnJUbS2Y6H%2B7rjagC47HAsOxJLq3lDUflQetSMSX8pUgxC%2BimrXNh60f%2B%2F99JWKmq9jM0Zb4znYPuSpmqP1sREw%2BQpJmDbtKPZOJZY5G0co9pfo4%2Fq7lAreTPo8EpTjJDSna2AgOL40ulHY3cVX5NBZUsF%2FPkXkwfQ8tpcytQAOUn7eQ5mv4kM3yGtTJs1yUOFDtVdEwJw%3D%3D&prvtof=e4UJ5hB8%2BjK4DFihQr38YHZWa7gz5mCpt0Sf4WZKduc%3D&poru=zYbXQ3NZ767%2B93BPLefsQsAnzFFIkBgK743SJIW4hFk%3D&_opnslfp=1& HTTP/1.1 
Host: ww1.schington.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.schington.com/
Connection: keep-alive
Cookie: sid=30c080d6-74d6-11ed-a869-83fa160539ef; isframesetenabled=1
Upgrade-Insecure-Requests: 1

search
                                         208.91.196.145
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 19:51:22 GMT
Server: Apache
ntCoent-Length: 272
Keep-Alive: timeout=5, max=113
Connection: Keep-Alive
Cache-Control: private
Content-Encoding: gzip
Content-Length: 195


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   195
Md5:    c6462ed23c8cc368bd681226f89ea628
Sha1:   9bcadae0cb0ed0ff9661a5e409dd5120e2b68900
Sha256: 839370a7060ce2aca81cb5add1709bb5c9ce2b3fd8045c7a795d336a02a63499
                                        
                                            GET /serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= HTTP/1.1 
Host: popmyads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://samba.trffclb.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.64.166.21
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 05 Dec 2022 19:51:19 GMT
x-powered-by: PHP/7.1.33
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2hav4kYW1As%2FK62ciDJMymPOQEcpjjU8KCy1xhdup9ChNA6yrzsve9x%2F87w%2FWiVLwdFm0JNnnB645qcYbJ34D85le6IvMtYRVJAVPMzB58o5P7Srct2WoWl4fdtZXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f50dbce3c7744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---