Report - literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=[earn,your,freedom,3d,v0,03,eyf3d,-,dikgames]&refer=dikgames.com/earn-your-freedom-3d/&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75:3:1

Report Overview

Submitted URL
literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=[earn,your,freedom,3d,v0,03,eyf3d,-,dikgames]&refer=dikgames.com/earn-your-freedom-3d/&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75:3:1
IP
192.243.59.13
ASN
#39572 DataWeb Global Group B.V.
Submitted
2022-12-01 18:32:29
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.33.119.27
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.2 kB	93.184.220.29
bongacams7.com	74141	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	585 B	792 B	195.85.23.221
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
0delay.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	655 B	921 B	45.80.70.203
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	72 kB	34.120.237.76
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	1.0 kB	172.64.155.188
d31qbv1cthcecs.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	4.8 kB	143.204.55.36
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	54.230.245.110
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	518 B	694 B	142.250.74.67
go.gkrtmc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	2.4 kB	172.255.248.105
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.131
i.bcicdn.com	37608	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	89 kB	195.85.23.226
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	519 B	694 B	142.250.74.132
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	609 B	712 B	108.177.14.157
literalcorpulent.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	4.7 kB	192.243.59.12
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.216.88.5
www.spikereekvelocity.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.0 kB	173.233.137.52
bngtrk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	583 B	77 kB	31.192.112.221
no.bongacams7.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	40 kB	195.85.23.221

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	go.gkrtmc.com/rd.html?go=https%3A%2F%2Fbongacams7.com%2Ftrack%3Fc%3D336957%26subid%3D37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%26subid2%3D43922%26csurl%3Dhttps%3A%2F%2Fbongacams7.com%2Fmembers%2Fjoin	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	literalcorpulent.com	Sinkholed
2022-12-01	medium	literalcorpulent.com	Sinkholed
2022-12-01	medium	literalcorpulent.com	Sinkholed
2022-12-01	medium	spikereekvelocity.com	Sinkholed
2022-12-01	medium	spikereekvelocity.com	Sinkholed

JavaScript (49)

	URL	Size	First Seen	Last Seen
	no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~	74 B	2023-03-11	2023-03-11
Pretty URL no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:45:08 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 14dd0b3286f26c9b2ae460fa8638ea4f 93a9d040e08e41544e1add3e7be09f8056823860 fcdbbb5aeb6b6976ef90431d82216490d30d082832d8ed08cf623e51345911b3 Loading...

	i.bcicdn.com/js-min/1Xb5t/b5c6.js	204 B	2023-03-08	2023-03-13
Pretty URL i.bcicdn.com/js-min/1Xb5t/b5c6.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:33 Last Seen2023-03-13 01:31:22 Times Seen1 Hash 1fdabec9af43367b5b194b68481d2b98 0f689bfdea9f356b7e46a269ff1c24d5f2cc5586 fe3f81f377b89e661962c05aa5dcf43438965239742666cc7257f40953e3ea5d Loading...

	i.bcicdn.com/js-min/1Xb5t/be388.js	50 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/be388.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:33 Last Seen2023-03-11 23:49:19 Times Seen1 Hash b63b67227c21cedd45731217c8ed702d 87635214513b95789420d26d3fcd4836f40cf3ff 02248c984abb99ef3650f617cec1db5c98375cbac03a98ee8a258abcd0aa6b0b Loading...

	i.bcicdn.com/js-min/1Xb5t/ff97n.js	4.9 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/ff97n.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:32 Last Seen2023-03-11 23:49:18 Times Seen1 Hash b5cae4a55357f92b18268448af996462 70275eee2595cf1548c67d35310a4559c326bfd6 0c80d510ce2352e55e0e41b2b24b98cde84a1264e5e2361fd1f3ce8fd9a7ef1a Loading...

	i.bcicdn.com/js-min/1Xb5t/a1089.js	1.7 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/a1089.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:33 Last Seen2023-03-11 23:49:18 Times Seen1 Hash 0a8aee6d6ce006c7f02393ca01c4fb34 f8226fd223021c36527c71950be3ad705c2abb62 dbcada878b4f2be6a03ea5f608c98417b9e0c1235409ce2aeba6a8754dc0f243 Loading...

	i.bcicdn.com/js-min/1Xb5t/8104e.js	362 B	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/8104e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:50:32 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 773df87777c0a9b56f68428964eed4d7 229fcaf6cadbad67032969ae702a1c6679149f36 b6cdfd085ea90d94d81a65ce08e987efd8545d8fca1daa1f912bd338babdeb14 Loading...

	i.bcicdn.com/js-min/1Xb5t/714a1.js	1.4 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/714a1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:50:32 Last Seen2023-03-11 23:45:08 Times Seen1 Hash cda3f81cd3b8977d999c25a2bc132fda d11f53bedc848392c980d4699258ab8ce4e2c42a eaca170111148ac574fb01d9020acd1e593bee6021bf9ba4631f733ece386a5c Loading...

	go.gkrtmc.com/rd.html?go=https%3A%2F%2Fbongacams7.com%2Ftrack%3Fc%3D336957%26subid%3D37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%26subid2%3D43922%26csurl%3Dhttps%3A%2F%2Fbongacams7.com%2Fmembers%2Fjoin	214 B	2023-03-07	2023-04-05
Pretty URL go.gkrtmc.com/rd.html?go=https%3A%2F%2Fbongacams7.com%2Ftrack%3Fc%3D336957%26subid%3D37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%26subid2%3D43922%26csurl%3Dhttps%3A%2F%2Fbongacams7.com%2Fmembers%2Fjoin IP 172.255.248.105 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-04-05 01:54:10 Times Seen23 Hash db888f185ef0a5aacd560b2ebdf5801a 62ae899bed1b545b27ef5dbe037581e1fb55c544 0d532a064a29ec58ac0297fe0d64a35aff9bbdeceac63bcc54a914a426491d5e Loading...

	no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~	371 B	2023-03-08	2023-03-11
Pretty URL no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:32:27 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 208b761d7fa5ad0228b3140f45ee209b 111245587caebe7d7f3a95f18ef3b27c7f5c05f4 8bb993666a74e6463901045746555f790cb8526463748443f791cab10ab1c98a Loading...

	no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~	317 B	2023-03-07	2023-08-25
Pretty URL no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2023-08-25 13:55:40 Times Seen253 Hash f542667a5c11b0d4382eed8af1050cd8 391837e792b745509c9700e5e9d2a8b64bd31087 24067f4f80a1d539212654233a76f704a6cf1258a0a0746fc30bdcb2dace1d64 Loading...

	no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~	3 B	2023-03-07	2024-04-24
Pretty URL no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-24 10:22:31 Times Seen1139 Hash f67be96ce768fb5b40aecf0438f97886 d27fecd03a022cc6f670ca42ef1b99d5f5bcc74c 3441b5696d6abf2bd959d18bcb31dde8239a6ad8185bfa659af60bc764c238a8 Loading...

	i.bcicdn.com/js-min/1Xb5t/5b17v.js	2.1 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/5b17v.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:32 Last Seen2023-03-11 23:49:18 Times Seen1 Hash 5bafd66370abb1d457174947332778cd 69b1312a57b6dd01538396f56e61e107270e200c be298f63baede1cbebce0398ff190c7cee8e03ab5d37cebd22717beaf073594e Loading...

	i.bcicdn.com/js-min/1Xb5t/68348.js	4.8 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/68348.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:50:33 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 2aebae518c59f64984ec7c23b61504d4 f1e359d9d4a43ca685b05e31ef1243c6c3084004 ce737ed27bf31f786fcd1574a60a040ba67d7198d029a2178454aa34b00ac788 Loading...

	i.bcicdn.com/js-min/1Xb5t/8436j.js	15 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/8436j.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:50:32 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 01fb29238732fac565c54da4dc537be7 971cafe707bb15379b518c531024a5584f84c283 40958ab15cf08009c0e36a4bb23c66ba76dbe3e16f903d0556e66b9df814d526 Loading...

	i.bcicdn.com/js-min/1Xb5t/48a8p.js	2.4 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/48a8p.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:33 Last Seen2023-03-11 23:49:19 Times Seen1 Hash a08a6166474933fe9eefc3bd5f22fdb3 aa93b02169a3c8c543c074f93f92f0e4cbe9a9d9 88b692dbb0e0b00a2a1c0d9efbc6b1a08ecaffb0619dc9b98d1994baa138a17a Loading...

	www.spikereekvelocity.com/pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=16211754	357 B	2023-03-08	2023-04-05
Pretty URL www.spikereekvelocity.com/pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=16211754 IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:51 Last Seen2023-04-05 01:59:44 Times Seen29 Hash a221bdf2b93b4f94aca22fa6eaeed38c cd7fea3e6e6d8d4497f3935c35024368d62876db f43f8bd46a477a4aa650edc2483706fe3b16d1e8893bfc577cb3efa022df9e9f Loading...

	i.bcicdn.com/i18n-min/1669879664/messages/no.js	184 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/i18n-min/1669879664/messages/no.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:38:45 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 70c501536dacbd079a564c49e6675535 7b0b2443908e4409d78c7bd9384ef63172013e79 7fa227ec9b6a44389f1596b61e13e2ea6f52ee6b49665c1bf7f0659cd27d2ea7 Loading...

	i.bcicdn.com/js-min/1Xb5t/d.js	425 kB	2023-03-11	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/d.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:45:08 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 29f3a1bd9789ea8ef4cff0a50cbd622a 11096ecd0ca42cafd794381b3384d29257cda07c 31c6d6ab24632c56e086e1b6cd4a4b913bcb1f10a4ca936c27c55a7c1b70ca5a Loading...

	i.bcicdn.com/js-min/1Xb5t/3107.js	6.1 kB	2023-03-08	2023-03-13
Pretty URL i.bcicdn.com/js-min/1Xb5t/3107.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:32 Last Seen2023-03-13 01:31:22 Times Seen1 Hash c793e89544a24ac95d9906e056b1e751 94aa38c6e8b0bc0ce8570763ff9423895ef7725d b88ec9bf83166cb3bd7e57237eb2d01f6914457af518a91f8814dba30fbdf0aa Loading...

	i.bcicdn.com/js-min/1Xb5t/38581.js	14 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/38581.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:32 Last Seen2023-03-11 23:49:18 Times Seen1 Hash a183cac04d47510422bbb7b48a2450ad 38f5c776e539bc9fcb7fc6499bcca16aefe1685d ac26763c7974505f5c6d97078727691a02be335d207d7dc62169825da58d500b Loading...

	www.googletagmanager.com/gtag/js?id=UA-10874655-24	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-10874655-24 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:45:08 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 9e09701eba64f7080955f1b603cd9999 1f95303b86763313db84c90e34a0424b24736c0c 05d50db008a04417f03b3a834a183e1dd3e57ca7c6283d00658ad3b5959c8431 Loading...

	i.bcicdn.com/js-min/1Xb5t/d225.js	18 kB	2023-03-08	2023-03-13
Pretty URL i.bcicdn.com/js-min/1Xb5t/d225.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:33 Last Seen2023-03-13 01:31:22 Times Seen1 Hash fd7da13823900d40eabe46c783bcb94e 27d24e8813b2d9015d77fdeba35837596450bc47 78babcc36ec0f40cd961b6d99dbba7870d65591c3e0e3fda3c0caa1bf5d0cd51 Loading...

	i.bcicdn.com/js-min/1Xb5t/80024.js	46 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/80024.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:32 Last Seen2023-03-11 23:49:19 Times Seen1 Hash 7cff3714950b7aacfd76230ede3e62f3 049b290ea5b8ce0af2c9fea1066bbaf2f3cf9ca5 0b73a27a77f5112280de52324a9fd7255a99ce67472bb358b760269362f81a99 Loading...

	d31qbv1cthcecs.cloudfront.net/atrk.js	4.3 kB	2023-03-07	2023-11-20
Pretty URL d31qbv1cthcecs.cloudfront.net/atrk.js IP 143.204.55.36 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-11-20 12:42:18 Times Seen489 Hash d89453438fbf10dcf4c13265c40d5160 02d5f4e46c94bf34e12b2d773f63f643ea2b3518 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f Loading...

	i.bcicdn.com/js-min/1Xb5t/be447.js	17 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/be447.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:50:32 Last Seen2023-03-11 23:45:08 Times Seen1 Hash b025928655729783e557bc4f2ee38d64 ec49a188ffc0e23caa78765bfaab65ca372b70f3 051f44302929bf9282b7551ca9df26a180c2ace51f91f60b2e89d916eafde6e2 Loading...

	i.bcicdn.com/js-min/1Xb5t/b899s.js	234 B	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/b899s.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:50:32 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 2ba05374860bbaf9cc9128ba836bc307 e32956f2ecd1e25496ec24df0485e547880012e6 aa88987f9bcca37abb0302467688a7a5f7e6877614b8b46fa926996cbb8d0443 Loading...

	i.bcicdn.com/js-min/1Xb5t/2c44f.js	1.7 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/2c44f.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:32 Last Seen2023-03-11 23:49:19 Times Seen1 Hash 9ae3db83822e6640b9d92d7f5b71ad43 e255c2a6bdb88ad96035c926d19ef33df2929de3 1455eb80b00bfbfde03881dc6307d11db67a6a578cfe59a0c38f3e8fe3b1199e Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=%5Bearn%2Cyour%2Cfreedom%2C3d%2Cv0%2C03%2Ceyf3d%2C-%2Cdikgames%5D&refer=https%3A%2F%2Fdikgames.com%2Fearn-your-freedom-3d%2F&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75%3A3%3A1&shu=c5b65c99177d12df097d23f80df5a4aebdcd5f9bbe12e0cbcedd4f7cd3ffda44a9d731f821a5ede5d0e8b7aa06f5db1c74bdddf40cdafe95f772b5f83f85f7eba185d5e11c5306efb957fae69ab772d0c9fdedf7a2f0743341c9b3b0e50865b165&pst=1669919597&rmtc=t	29 B	2023-03-08	2024-01-15
Pretty URL literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=%5Bearn%2Cyour%2Cfreedom%2C3d%2Cv0%2C03%2Ceyf3d%2C-%2Cdikgames%5D&refer=https%3A%2F%2Fdikgames.com%2Fearn-your-freedom-3d%2F&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75%3A3%3A1&shu=c5b65c99177d12df097d23f80df5a4aebdcd5f9bbe12e0cbcedd4f7cd3ffda44a9d731f821a5ede5d0e8b7aa06f5db1c74bdddf40cdafe95f772b5f83f85f7eba185d5e11c5306efb957fae69ab772d0c9fdedf7a2f0743341c9b3b0e50865b165&pst=1669919597&rmtc=t IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:53 Last Seen2024-01-15 00:09:04 Times Seen889 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=%5Bearn%2Cyour%2Cfreedom%2C3d%2Cv0%2C03%2Ceyf3d%2C-%2Cdikgames%5D&refer=https%3A%2F%2Fdikgames.com%2Fearn-your-freedom-3d%2F&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75%3A3%3A1&shu=c5b65c99177d12df097d23f80df5a4aebdcd5f9bbe12e0cbcedd4f7cd3ffda44a9d731f821a5ede5d0e8b7aa06f5db1c74bdddf40cdafe95f772b5f83f85f7eba185d5e11c5306efb957fae69ab772d0c9fdedf7a2f0743341c9b3b0e50865b165&pst=1669919597&rmtc=t	469 B	2023-03-11	2023-03-11
Pretty URL literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=%5Bearn%2Cyour%2Cfreedom%2C3d%2Cv0%2C03%2Ceyf3d%2C-%2Cdikgames%5D&refer=https%3A%2F%2Fdikgames.com%2Fearn-your-freedom-3d%2F&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75%3A3%3A1&shu=c5b65c99177d12df097d23f80df5a4aebdcd5f9bbe12e0cbcedd4f7cd3ffda44a9d731f821a5ede5d0e8b7aa06f5db1c74bdddf40cdafe95f772b5f83f85f7eba185d5e11c5306efb957fae69ab772d0c9fdedf7a2f0743341c9b3b0e50865b165&pst=1669919597&rmtc=t IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:45:50 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 7ad4d7c8eb5983830c9522e772616cc6 0f8d2b7eb31ef6250f15a7483ea24fea8c0cc534 07645d5e99b39e5401b0dc977db4496c38b8a020843ba9666b4eec73bc295c58 Loading...

	no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~	341 B	2023-03-07	2023-03-17
Pretty URL no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2023-03-17 12:43:28 Times Seen1 Hash 61fa7c9194c1c1a47e9e4983b9345f5f e90b71d5be961a67c9d1fd56e9dcb19ce2b9a6d3 cba27ee7ad466ec761a803e98272a1dbf3cf348c6747af0ed3cb6f06aaf7f5b7 Loading...

	i.bcicdn.com/js-min/1Xb5t/4ed8f.js	562 B	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/4ed8f.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:32 Last Seen2023-03-11 23:49:19 Times Seen1 Hash 8e3575de5de3b084ef0620a351169407 be8317dea971d7bb6c798ce45896c3c2b5f19dc4 ffad820eaf14e7124a37c76b7e687ad41e6db47c0ed0ccdffb782a023c0c6c65 Loading...

	i.bcicdn.com/js-min/1Xb5t/28023.js	17 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/28023.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:32 Last Seen2023-03-11 23:49:18 Times Seen1 Hash 8423ba945bc2cd2194617bc38d1481bc 2e9d836f583e8d437ee2ec841e6c1b667e0f5542 d0c1eb6d75a32f6256b15c57b1d51efe783b745a759445f599695c67ed599f18 Loading...

	i.bcicdn.com/js-min/1Xb5t/2677r.js	24 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/2677r.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:33 Last Seen2023-03-11 23:49:18 Times Seen1 Hash 5d28f09b9f1294680196d2df81f678a9 95513227709e4cb7651373088096ef2efcd46e29 d1fbab7b63626cedc7ae12e5a73341f8cb350db9d1cfa6b341562b669d26f11e Loading...

	i.bcicdn.com/js-min/1Xb5t/7717s.js	15 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/7717s.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:33 Last Seen2023-03-11 23:49:19 Times Seen1 Hash b534e134b71712c2213e99a9171c19a5 c5b77f944a584b98746db9b41d08cc6443158f33 120133da416101d5277bcd62b4b962844d394a62d2b94424c6a280845df48fc3 Loading...

	i.bcicdn.com/js-min/1Xb5t/2779n.js	881 B	2023-03-08	2023-07-17
Pretty URL i.bcicdn.com/js-min/1Xb5t/2779n.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:33 Last Seen2023-07-17 03:14:53 Times Seen4 Hash 0ea30b43052b573f961145699510b453 18aea18aa11ecacad9aa0be980ff6114f94c0105 668ce136f959fecabd6a73c0252f3dc9cc74467dacbf492091a4d6f22e6d5ef5 Loading...

	i.bcicdn.com/js-min/1Xb5t/36ba0.js	2.3 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/36ba0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:50:32 Last Seen2023-03-11 23:45:08 Times Seen1 Hash e71c1f3f10ce81fff1f9f9093fa96fca 34d3d1d1ffe4fa2aa96c02ae7aa2ec05f3f57205 904363435f723fcf0610087efb243e2551fabfa066383afc0b5faa3151dd5402 Loading...

	i.bcicdn.com/js-min/1Xb5t/d38u.js	15 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/d38u.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:32 Last Seen2023-03-11 23:49:18 Times Seen1 Hash 69336db974783fd399bec12c1ef38aea 9a0ab18f1762da62ad539ad5f019964407e4f9c4 2cc5ef09a6752264651ecaf9e938bf9652089bb367f9487c74e48bcef2c840c6 Loading...

	i.bcicdn.com/js-min/1Xb5t/d224d.js	743 B	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/d224d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:50:32 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 0245109f67cc9d66a316e8ba1d8908d8 f46cc07da5cfed6ca9306844cef7a96b20f3de57 0dc0bf9274370777d4c174df27a4a7d65b1d078156e4e1a316cef77f24aed685 Loading...

	www.spikereekvelocity.com/pph1aeej?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=15077602	2.1 kB	2023-03-07	2023-04-05
Pretty URL www.spikereekvelocity.com/pph1aeej?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=15077602 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	www.googletagmanager.com/gtag/js?id=UA-10874655-51&l=dataLayer&cx=c	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-10874655-51&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:45:08 Last Seen2023-03-11 23:45:08 Times Seen1 Hash 8cd1fc7dfc6c7443112f40bcfa5c3055 fb27ba7990c48391a2c1084fce2e431bb3754e5a 7f8c8905107965cf72f2f511a447d78db1074defd0db81f6699b28e5b2a8971c Loading...

	i.bcicdn.com/js-min/1Xb5t/9984g.js	9.7 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/9984g.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:33 Last Seen2023-03-11 23:49:19 Times Seen1 Hash e1c237568bc0187aed77f949c2fcfe16 c483c763fba7113c4b4487b1892bc57c12d3eba3 c0905534ccf4c27473d411b81b45cdf71c54ddb69f323fde47b1b969ee519b07 Loading...

	i.bcicdn.com/js-min/1Xb5t/bfe7t.js	5.4 kB	2023-03-08	2023-03-11
Pretty URL i.bcicdn.com/js-min/1Xb5t/bfe7t.js IP 195.85.23.226 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:33 Last Seen2023-03-11 23:49:18 Times Seen1 Hash 2eb697a4dcd720ef0529b311a1cbb32c 4053fb4598556774c0006f8c961f86ef11ff34af b69b3091e30dc53a05e1f74ab75cd2a8873dcda30dfd4b3fabe285641cc95fcc Loading...

		Size	First Seen	Last Seen
	#1 Eval - 42cac211ca8d72efdf8d79c57b4f5539	93 kB	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-19 12:09:57 Times Seen375 Hash 42cac211ca8d72efdf8d79c57b4f5539 107886a2ab748d05ef78418b5bd7f4525cbb2dab a41dda9a04749b3638ce169066c2b44b2ae93247741d9705c240325bcc2ed9bd Loading...

	#2 Eval - 10d2de9e00afd48de1357eadf96188b4	24 kB	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-19 12:09:57 Times Seen377 Hash 10d2de9e00afd48de1357eadf96188b4 bf7ced043d350e146df57c04e88bc9dd492bdc96 80be6199469f1ae0da8f2d94edde28e8aa7657ec2751275b0eef77f5dfbcc3ff Loading...

	#3 Eval - ad93f3e34f73620eeb47b53e84ab1b50	3.5 kB	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-19 12:09:57 Times Seen378 Hash ad93f3e34f73620eeb47b53e84ab1b50 d88329f5afd9f6b384f7f1d9c34ce08e6adefb12 06356f5f4647c6fb96bd2994bfc06cf622ccec9fd040fe07f3ea8162d9d5c017 Loading...

	#4 Eval - 05d707543ebcfa6d152d58c069505be6	13 kB	2023-03-08	2024-04-19
Pretty Observations First Seen2023-03-08 20:32:27 Last Seen2024-04-19 12:09:57 Times Seen337 Hash 05d707543ebcfa6d152d58c069505be6 7d0fdd64035ce452084ce0ff2ab224d5ac9b5545 7af6d63d2da129018376be4a0fe21249a4fe5b92e4e9a67f84d7f94729591047 Loading...

	#5 Eval - 72023c25b8b0ad47a8a635a5164e6623	1.2 kB	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-19 12:09:57 Times Seen341 Hash 72023c25b8b0ad47a8a635a5164e6623 afdbd9f0acd1a8dcd94f7685bad6383b4511f6d3 4b674912bc526b6517fed1aa7a4c14ef3c615af79ed5591ff111245396eff362 Loading...

	#6 Eval - decde7a1c4349af20a30c68357270af6	4.8 kB	2023-03-07	2023-04-23
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2023-04-23 05:03:11 Times Seen115 Hash decde7a1c4349af20a30c68357270af6 3cf5e9097bdc26219705b1d9207be10c8911c431 7b89c05d4dcbedea0afb5cf6b4c85664f22ab8ae0fa4c7205aeba9f865e768d5 Loading...

HTTP Transactions (80)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18403
Expires: Thu, 01 Dec 2022 23:39:00 GMT
Date: Thu, 01 Dec 2022 18:32:17 GMT
Connection: keep-alive

literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=[earn,your,freedom,3d,v0,03,eyf3d,-,dikgames]&refer=https://dikgames.com/earn-your-freedom-3d/&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75:3:1

192.243.59.12

307 Temporary Redirect

0 B

URL HTTP/1.1
literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=[earn,your,freedom,3d,v0,03,eyf3d,-,dikgames]&refer=https://dikgames.com/earn-your-freedom-3d/&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75:3:1
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=[earn,your,freedom,3d,v0,03,eyf3d,-,dikgames]&refer=https://dikgames.com/earn-your-freedom-3d/&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75:3:1 HTTP/1.1
Host: literalcorpulent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 18:32:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dikgames.com/earn-your-freedom-3d/
Access-Control-Allow-Origin: https://dikgames.com/earn-your-freedom-3d/
Access-Control-Allow-Credentials: true
Location: http://literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=%5Bearn%2Cyour%2Cfreedom%2C3d%2Cv0%2C03%2Ceyf3d%2C-%2Cdikgames%5D&refer=https%3A%2F%2Fdikgames.com%2Fearn-your-freedom-3d%2F&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75%3A3%3A1&shu=c5b65c99177d12df097d23f80df5a4aebdcd5f9bbe12e0cbcedd4f7cd3ffda44a9d731f821a5ede5d0e8b7aa06f5db1c74bdddf40cdafe95f772b5f83f85f7eba185d5e11c5306efb957fae69ab772d0c9fdedf7a2f0743341c9b3b0e50865b165&pst=1669919597&rmtc=t
Set-Cookie: u_pl=16211754; expires=Fri, 02 Dec 2022 18:32:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjIxMTc1NCwiayI6ImNmZjE0ZWQyOWYyNmM2NWNjYzk1ODA3ZmYwZDkwNDgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTIyMzUyLCJwaWQiOjI5ODU2NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ2d2NjcHR6OWp0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Rpa2dhbWVzLmNvbS9lYXJuLXlvdXItZnJlZWRvbS0zZC8ifX0.qCoTOPk-ZqIhr6eACJuuPBUz5yTz9Y8L61UeixEtdXs; expires=Thu, 01 Dec 2022 18:33:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 261386e45180482b0e1f479ac065af46
Strict-Transport-Security: max-age=0; includeSubdomains

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5423
Cache-Control: max-age=149358
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:17 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:01:35 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 18:19:47 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 750
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5509
Expires: Thu, 01 Dec 2022 20:04:06 GMT
Date: Thu, 01 Dec 2022 18:32:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: DACa23VMWdoG5wTS4gQ6niRTPRrwLUvl4azW2AOJB64xOpseSQZ1gPp2F4X6NFUa0unl+OCqh/o=
x-amz-request-id: 7YN1KTPBJQFMBP0D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 17:45:45 GMT
age: 2792
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:32:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=%5Bearn%2Cyour%2Cfreedom%2C3d%2Cv0%2C03%2Ceyf3d%2C-%2Cdikgames%5D&refer=https%3A%2F%2Fdikgames.com%2Fearn-your-freedom-3d%2F&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75%3A3%3A1&shu=c5b65c99177d12df097d23f80df5a4aebdcd5f9bbe12e0cbcedd4f7cd3ffda44a9d731f821a5ede5d0e8b7aa06f5db1c74bdddf40cdafe95f772b5f83f85f7eba185d5e11c5306efb957fae69ab772d0c9fdedf7a2f0743341c9b3b0e50865b165&pst=1669919597&rmtc=t

192.243.59.12

200 OK

641 B

URL HTTP/1.1
literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=%5Bearn%2Cyour%2Cfreedom%2C3d%2Cv0%2C03%2Ceyf3d%2C-%2Cdikgames%5D&refer=https%3A%2F%2Fdikgames.com%2Fearn-your-freedom-3d%2F&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75%3A3%3A1&shu=c5b65c99177d12df097d23f80df5a4aebdcd5f9bbe12e0cbcedd4f7cd3ffda44a9d731f821a5ede5d0e8b7aa06f5db1c74bdddf40cdafe95f772b5f83f85f7eba185d5e11c5306efb957fae69ab772d0c9fdedf7a2f0743341c9b3b0e50865b165&pst=1669919597&rmtc=t
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (602)
Size
641 B (641 bytes)
Hash
36895654630f611bd80e3f65d403eda7
5f577b4a369db1d0dfa0f959948ff91de2f90468
faf28635acd8533aa158908f7e0b9dea7a6551fd6a93f49bd8ed0aa75f6c5d5b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=%5Bearn%2Cyour%2Cfreedom%2C3d%2Cv0%2C03%2Ceyf3d%2C-%2Cdikgames%5D&refer=https%3A%2F%2Fdikgames.com%2Fearn-your-freedom-3d%2F&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75%3A3%3A1&shu=c5b65c99177d12df097d23f80df5a4aebdcd5f9bbe12e0cbcedd4f7cd3ffda44a9d731f821a5ede5d0e8b7aa06f5db1c74bdddf40cdafe95f772b5f83f85f7eba185d5e11c5306efb957fae69ab772d0c9fdedf7a2f0743341c9b3b0e50865b165&pst=1669919597&rmtc=t HTTP/1.1
Host: literalcorpulent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 18:32:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dikgames.com/earn-your-freedom-3d/
Access-Control-Allow-Origin: https://dikgames.com/earn-your-freedom-3d/
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16211754; expires=Fri, 02 Dec 2022 18:32:17 GMT; secure; SameSite=None
uid_id2=5caa10d7-f351-47da-aa7b-587e72d54e75:3:1; expires=Thu, 08 Dec 2022 18:32:17 GMT; secure; SameSite=None
iprcc5874ad6456da040c0b0fd5b159dc365=2004368; expires=Fri, 02 Dec 2022 20:32:18 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Dec 2022 18:32:18 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Dec 2022 18:32:18 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 02 Dec 2022 18:32:18 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 02 Dec 2022 18:32:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b3b4fe82ee6aebcd55a0dddfd2d65b8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 18:11:15 GMT
cache-control: public,max-age=3600
age: 1263
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

literalcorpulent.com/favicon.ico

192.243.59.12

200 OK

0 B

URL HTTP/1.1
literalcorpulent.com/favicon.ico
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: literalcorpulent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://literalcorpulent.com/watch.462452977142.js?key=cff14ed29f26c65ccc95807ff0d90482&kw=%5Bearn%2Cyour%2Cfreedom%2C3d%2Cv0%2C03%2Ceyf3d%2C-%2Cdikgames%5D&refer=https%3A%2F%2Fdikgames.com%2Fearn-your-freedom-3d%2F&tz=5.5&dev=r&res=12.31&uuid=5caa10d7-f351-47da-aa7b-587e72d54e75%3A3%3A1&shu=c5b65c99177d12df097d23f80df5a4aebdcd5f9bbe12e0cbcedd4f7cd3ffda44a9d731f821a5ede5d0e8b7aa06f5db1c74bdddf40cdafe95f772b5f83f85f7eba185d5e11c5306efb957fae69ab772d0c9fdedf7a2f0743341c9b3b0e50865b165&pst=1669919597&rmtc=t

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 18:32:18 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f236923eedefc1152970b2e461df9067
Strict-Transport-Security: max-age=0; includeSubdomains

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5419
Cache-Control: max-age=144290
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:18 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:37:08 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58e5213987cd50fb3b19eb1791db7661
ed59a2e87b960b505697eb55da5424333e7187f3
c7c2dfb26579b158c99ebfe28cb3011b8144a210df15723f377ea8b2445cbf0c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7C2DFB26579B158C99EBFE28CB3011B8144A210DF15723F377EA8B2445CBF0C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5991
Expires: Thu, 01 Dec 2022 20:12:09 GMT
Date: Thu, 01 Dec 2022 18:32:18 GMT
Connection: keep-alive

push.services.mozilla.com/

34.216.88.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.216.88.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: o5sAAlTI+JLUo/oPnsFKWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u0w/ZS+yiw1WvUOPO1R228Z8EqY=

www.spikereekvelocity.com/pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=16211754

173.233.137.52

200 OK

1.3 kB

URL HTTP/1.1
www.spikereekvelocity.com/pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=16211754
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.3 kB (1258 bytes)
Hash
d5da261f338782530d54ef6a957aef14
e4f4c77aa8ebf00b23f42884164016ccda396335
9159509f2067ac274071f4a905d950b73ea931e6af77527e359bbb13bb299176

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=16211754 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://literalcorpulent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Dec 2022 18:32:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15077602; expires=Fri, 02 Dec 2022 18:32:18 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTA3NzYwMiwiayI6IjdhN2MzNzc5ODg5ODA1ZTIwNThhZGRlY2I3ZTEzNDI0Iiwic2lkIjoiMTYyMTE3NTQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoicHBoMWFlZWoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9saXRlcmFsY29ycHVsZW50LmNvbS8ifX0.ODu-ipfa2DMskGb_hHGh0K4g0ei5XLm56v9W033DhaI; expires=Thu, 01 Dec 2022 18:33:18 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 855843e2a0cfa8b62ae13909a6c6ac30
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.spikereekvelocity.com/pph1aeej?shu=d29a35c45ea2eaedb045209cc41ba159712bbde1d476667b6a8b8ebbbe3f5b6cd4e8868acff72a2b169cc9ab34e7cdce8d2b6da5c77c70b59ab6d888dd405fb511aa649b1134d28cbdc1a75623df4e360f085997e5eea42bc74d68771707&pst=1669919598&rmtc=t&uuid=&pii=&in=false&key=7a7c3779889805e2058addecb7e13424&refer=http%3A%2F%2Fliteralcorpulent.com%2F&psid=16211754

173.233.137.52

302 Found

0 B

URL HTTP/1.1
www.spikereekvelocity.com/pph1aeej?shu=d29a35c45ea2eaedb045209cc41ba159712bbde1d476667b6a8b8ebbbe3f5b6cd4e8868acff72a2b169cc9ab34e7cdce8d2b6da5c77c70b59ab6d888dd405fb511aa649b1134d28cbdc1a75623df4e360f085997e5eea42bc74d68771707&pst=1669919598&rmtc=t&uuid=&pii=&in=false&key=7a7c3779889805e2058addecb7e13424&refer=http%3A%2F%2Fliteralcorpulent.com%2F&psid=16211754
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pph1aeej?shu=d29a35c45ea2eaedb045209cc41ba159712bbde1d476667b6a8b8ebbbe3f5b6cd4e8868acff72a2b169cc9ab34e7cdce8d2b6da5c77c70b59ab6d888dd405fb511aa649b1134d28cbdc1a75623df4e360f085997e5eea42bc74d68771707&pst=1669919598&rmtc=t&uuid=&pii=&in=false&key=7a7c3779889805e2058addecb7e13424&refer=http%3A%2F%2Fliteralcorpulent.com%2F&psid=16211754 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/pph1aeej?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=15077602
Cookie: u_pl=15077602; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTA3NzYwMiwiayI6IjdhN2MzNzc5ODg5ODA1ZTIwNThhZGRlY2I3ZTEzNDI0Iiwic2lkIjoiMTYyMTE3NTQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoicHBoMWFlZWoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9saXRlcmFsY29ycHVsZW50LmNvbS8ifX0.ODu-ipfa2DMskGb_hHGh0K4g0ei5XLm56v9W033DhaI; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 01 Dec 2022 18:32:19 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://0delay.site/Cbs9fSqT?cost=0.000750&external_id=19124b6c0ac2ea6303cb721ecbd4fb7e&creative_id=1894462&ad_campaign_id=632304&source=146415&placement_id=15077602&publisher_id=97299&landing_id=3600400
Set-Cookie: iprc57ea42cea4cb9e881209c3becb599572=3600400; expires=Sun, 25 Dec 2022 18:32:19 GMT
pdhtkv=true; expires=Fri, 02 Dec 2022 18:32:19 GMT
uncs=1; expires=Fri, 02 Dec 2022 18:32:19 GMT
pdhtkv28=true; expires=Fri, 02 Dec 2022 18:32:19 GMT
uncs28=1; expires=Fri, 02 Dec 2022 18:32:19 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a524141fa226f37cedd30cb73f4a0c1
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
922fa5246155b0d7c4eedf0a7a4b964b
fb9e79030a76e1b40f8a299ae592148c5d84c21b
7b438645748f3b497377122ba50f2b54d2b56117375b95911c91afad90f18cc5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B438645748F3B497377122BA50F2B54D2B56117375B95911C91AFAD90F18CC5"
Last-Modified: Thu, 01 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Fri, 02 Dec 2022 00:31:54 GMT
Date: Thu, 01 Dec 2022 18:32:19 GMT
Connection: keep-alive

0delay.site/Cbs9fSqT?cost=0.000750&external_id=19124b6c0ac2ea6303cb721ecbd4fb7e&creative_id=1894462&ad_campaign_id=632304&source=146415&placement_id=15077602&publisher_id=97299&landing_id=3600400

45.80.70.203

302 Found

0 B

URL HTTP/1.1
0delay.site/Cbs9fSqT?cost=0.000750&external_id=19124b6c0ac2ea6303cb721ecbd4fb7e&creative_id=1894462&ad_campaign_id=632304&source=146415&placement_id=15077602&publisher_id=97299&landing_id=3600400
IP
45.80.70.203:0
ASN
#198610 Beget LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /Cbs9fSqT?cost=0.000750&external_id=19124b6c0ac2ea6303cb721ecbd4fb7e&creative_id=1894462&ad_campaign_id=632304&source=146415&placement_id=15077602&publisher_id=97299&landing_id=3600400 HTTP/1.1
Host: 0delay.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Dec 2022 18:32:19 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://go.gkrtmc.com/aff_c?offer_id=3296&aff_id=43922&url_id=11375&aff_sub5=push&click_id=s8hnpa1a07so
Pragma: no-cache
Set-Cookie: _subid=s8hnpa1a07so;Expires=Sunday, 01-Jan-2023 18:32:19 GMT;Max-Age=2678400;Path=/
7b158=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0MzJcIjoxNjY5OTE5NTM5fSxcImNhbXBhaWduc1wiOntcIjc2MVwiOjE2Njk5MTk1Mzl9LFwidGltZVwiOjE2Njk5MTk1Mzl9In0.XGdz0WA9bGCiUIY6bPntkHPeKClrpai-Ot0kyTYIO0k;Expires=Saturday, 02-Nov-2075 13:04:38 GMT;Max-Age=1670005939;Path=/
_token=uuid_s8hnpa1a07so_s8hnpa1a07so6388f333c77f99.25956982;Expires=Sunday, 01-Jan-2023 18:32:19 GMT;Max-Age=2678400;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7266
Expires: Thu, 01 Dec 2022 20:33:26 GMT
Date: Thu, 01 Dec 2022 18:32:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7266
Expires: Thu, 01 Dec 2022 20:33:26 GMT
Date: Thu, 01 Dec 2022 18:32:20 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 74853
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16038 bytes)
Hash
ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 74807
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13411 bytes)
Hash
328ce221bcf3442f88d09373193ff594
63bfa2ea925aa2c188c664a7bf7af7b0e5417e60
21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13411
x-amzn-requestid: 17fcc4e1-76c1-4eca-9235-c1a513bca24a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80FCQoAMFs1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-26da4f265d74215f31425eb9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MttRByNp1C1ZeFFicFVa0w3XRyXJnUycPy2Izk8hzGEgXGdDqD3L3A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:48:17 GMT
age: 74643
etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4762 bytes)
Hash
d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: b7c0e28a-de0d-443d-8bf4-900a964bf110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uSFcMoAMF2CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc1-7abade3a670201cf1906b79f;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gZSkafSw8cXo9AChLOTVJW7r_hHLW8kaHlA-ED2_zFJwuUk1uS3VRw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:29:36 GMT
age: 18164
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

go.gkrtmc.com/aff_c?offer_id=3296&aff_id=43922&url_id=11375&aff_sub5=push&click_id=s8hnpa1a07so

172.255.248.105

302 Found

426 B

URL HTTP/1.1
go.gkrtmc.com/aff_c?offer_id=3296&aff_id=43922&url_id=11375&aff_sub5=push&click_id=s8hnpa1a07so
IP
172.255.248.105:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (426), with no line terminators
Size
426 B (426 bytes)
Hash
6be518921e23373d3696d3785372e657
ce78a4f6e3645368b42fec04fc82b5a4d7cf9a0a
d137d551c9363c98a31526b1be66b342419b46bf290ebea9fb55f63f952d373a

HTTP Headers

GET /aff_c?offer_id=3296&aff_id=43922&url_id=11375&aff_sub5=push&click_id=s8hnpa1a07so HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Dec 2022 18:32:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 426
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 31 Dec 2022 18:32:20 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
3296=37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 31 Dec 2022 18:32:20 GMT
op_3296=11375; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 31 Dec 2022 18:32:20 GMT
user_id=8682e2ad-9e3c-482a-a9d8-14f2acfb9e3a_968fecd5555d2b9834ef0b6da7e2f55a; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 30 Nov 2027 18:32:20 GMT; Secure; SameSite=None
Location: /rd.html?go=https%3A%2F%2Fbongacams7.com%2Ftrack%3Fc%3D336957%26subid%3D37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%26subid2%3D43922%26csurl%3Dhttps%3A%2F%2Fbongacams7.com%2Fmembers%2Fjoin
Vary: Accept
Cache-Control: no-store, no-cache

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8740 bytes)
Hash
26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 12:31:43 GMT
age: 21637
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12898 bytes)
Hash
820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 74580
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

go.gkrtmc.com/rd.html?go=https%3A%2F%2Fbongacams7.com%2Ftrack%3Fc%3D336957%26subid%3D37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%26subid2%3D43922%26csurl%3Dhttps%3A%2F%2Fbongacams7.com%2Fmembers%2Fjoin

172.255.248.105

200 OK

255 B

URL HTTP/1.1
go.gkrtmc.com/rd.html?go=https%3A%2F%2Fbongacams7.com%2Ftrack%3Fc%3D336957%26subid%3D37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%26subid2%3D43922%26csurl%3Dhttps%3A%2F%2Fbongacams7.com%2Fmembers%2Fjoin
IP
172.255.248.105:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
997bfcab4e7a51023ff8da026ed4374a
35d15ad133e52c1b9dea0b3696a8719521387a9e
070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rd.html?go=https%3A%2F%2Fbongacams7.com%2Ftrack%3Fc%3D336957%26subid%3D37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%26subid2%3D43922%26csurl%3Dhttps%3A%2F%2Fbongacams7.com%2Fmembers%2Fjoin HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: language=en; 3296=37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e; op_3296=11375; user_id=8682e2ad-9e3c-482a-a9d8-14f2acfb9e3a_968fecd5555d2b9834ef0b6da7e2f55a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 18:32:20 GMT
Content-Type: text/html
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
3a93132767fba8b27fbc3abc2efbdc13
412726245c10143791219d1ee0de8e6015d79a1b
5ec90e4470568ad000889301a527d115618b11e8b3f64fdb5b6016f6ec725ac7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4468
Cache-Control: max-age=101971
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:20 GMT
Etag: "6387cd13-116"
Expires: Fri, 02 Dec 2022 22:51:51 GMT
Last-Modified: Wed, 30 Nov 2022 21:37:23 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278

bongacams7.com/track?c=336957&subid=37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e&subid2=43922&csurl=https://bongacams7.com/members/join

195.85.23.221

302 Found

138 B

URL HTTP/2
bongacams7.com/track?c=336957&subid=37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e&subid2=43922&csurl=https://bongacams7.com/members/join
IP
195.85.23.221:0
ASN
#209242 Cloudflare London, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /track?c=336957&subid=37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e&subid2=43922&csurl=https://bongacams7.com/members/join HTTP/1.1
Host: bongacams7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.gkrtmc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: text/html
content-length: 138
location: https://bngtrk.com/hit.php?c=336957&subid=37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e&subid2=43922&csurl=https://bongacams7.com/members/join
x-bc: ded7850
x-zone: 5a-web51
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=U1N8WmbsiqcJwPMu4gg50oS3lIvdohfH2_SrGUMfyFY-1669919540-0-AfU0xwDHbxTXs7r8wpPiDGC5VuayRxQY1rRbxf8iVa73gnfBDMf8m8JTNU2TDRYPHcO8FaPgSGEG0O4E/Oyv2iE=; path=/; expires=Thu, 01-Dec-22 19:02:20 GMT; domain=.bongacams7.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 772de7a63e230afe-OSL
X-Firefox-Spdy: h2

go.gkrtmc.com/favicon.ico

172.255.248.105

404 Not Found

123 B

URL HTTP/1.1
go.gkrtmc.com/favicon.ico
IP
172.255.248.105:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
123 B (123 bytes)
Hash
c728bf241d9141b8d3100ae5140e09c5
07f0da1bdfadd0354b090781f1e3264ac22b6c39
34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.gkrtmc.com/rd.html?go=https%3A%2F%2Fbongacams7.com%2Ftrack%3Fc%3D336957%26subid%3D37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%26subid2%3D43922%26csurl%3Dhttps%3A%2F%2Fbongacams7.com%2Fmembers%2Fjoin
Cookie: language=en; 3296=37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e; op_3296=11375; user_id=8682e2ad-9e3c-482a-a9d8-14f2acfb9e3a_968fecd5555d2b9834ef0b6da7e2f55a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 18:32:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.usertrust.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
e1d510d055e91851ded7e20f402bf4da
55d02f507124ec3b80f9441b465d82ed6638e880
1f49de2d98890849ac1dafe557da8362976a4a98f8fc92a19b95d6739f7f26c3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 18:32:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 06:10:16 GMT
Expires: Mon, 05 Dec 2022 06:10:15 GMT
Etag: "55d02f507124ec3b80f9441b465d82ed6638e880"
Cache-Control: max-age=603184,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 164
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772de7a6f9a5b521-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1d3076d9bfdf9abac6084d50d39f17c3
45ee6fbd5cbb8ea862a646ae43c24443f690c567
b7a9c9c34ab08964a5988efe9463aba4e20e9c9957bc76fb1b9ea5e114771ccf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4620
Cache-Control: max-age=106398
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:20 GMT
Etag: "6387ddc6-118"
Expires: Sat, 03 Dec 2022 00:05:38 GMT
Last-Modified: Wed, 30 Nov 2022 22:48:38 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1d3076d9bfdf9abac6084d50d39f17c3
45ee6fbd5cbb8ea862a646ae43c24443f690c567
b7a9c9c34ab08964a5988efe9463aba4e20e9c9957bc76fb1b9ea5e114771ccf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4620
Cache-Control: max-age=106398
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:20 GMT
Etag: "6387ddc6-118"
Expires: Sat, 03 Dec 2022 00:05:38 GMT
Last-Modified: Wed, 30 Nov 2022 22:48:38 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1d3076d9bfdf9abac6084d50d39f17c3
45ee6fbd5cbb8ea862a646ae43c24443f690c567
b7a9c9c34ab08964a5988efe9463aba4e20e9c9957bc76fb1b9ea5e114771ccf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4620
Cache-Control: max-age=106398
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:20 GMT
Etag: "6387ddc6-118"
Expires: Sat, 03 Dec 2022 00:05:38 GMT
Last-Modified: Wed, 30 Nov 2022 22:48:38 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1d3076d9bfdf9abac6084d50d39f17c3
45ee6fbd5cbb8ea862a646ae43c24443f690c567
b7a9c9c34ab08964a5988efe9463aba4e20e9c9957bc76fb1b9ea5e114771ccf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4723
Cache-Control: max-age=106501
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:20 GMT
Etag: "6387ddc6-118"
Expires: Sat, 03 Dec 2022 00:07:21 GMT
Last-Modified: Wed, 30 Nov 2022 22:48:38 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1d3076d9bfdf9abac6084d50d39f17c3
45ee6fbd5cbb8ea862a646ae43c24443f690c567
b7a9c9c34ab08964a5988efe9463aba4e20e9c9957bc76fb1b9ea5e114771ccf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4575
Cache-Control: max-age=106352
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:20 GMT
Etag: "6387ddc6-118"
Expires: Sat, 03 Dec 2022 00:04:52 GMT
Last-Modified: Wed, 30 Nov 2022 22:48:38 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280

bngtrk.com/hit.php?c=336957&subid=37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e&subid2=43922&csurl=https://bongacams7.com/members/join

31.192.112.221

302 Found

73 kB

URL HTTP/2
bngtrk.com/hit.php?c=336957&subid=37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e&subid2=43922&csurl=https://bongacams7.com/members/join
IP
31.192.112.221:0
ASN
#48684 Viking Host B.V.

File type
data
Size
73 kB (73419 bytes)
Hash
d3b9d68bcc40671487b0a9f1bc849d33
d718929216ae5b7be8a16fd05c7e3311d0573f49
f7e8e65b30f115d40e29cb2b43f0ab5714a6c92b6439fcd97af172f02961ff48

HTTP Headers

GET /hit.php?c=336957&subid=37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e&subid2=43922&csurl=https://bongacams7.com/members/join HTTP/1.1
Host: bngtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.gkrtmc.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.promo-bc.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bongocams.biz
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bongacams.org
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bongacams10.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bcmspt.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bngwlt.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bngpt.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bngpst.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bngprl.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bngpop.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bngosv.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bngvs.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bngdyn.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.dynspt.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.ecdyn.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.trkbc.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.trkbng.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bngtrk.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bcprm.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bngprm.com
BCH_H=d00c5058fcd25d36df64584fdae4bee7%7C2022-12-01; expires=Fri, 18-Nov-2072 18:32:20 GMT; Max-Age=1576800000; path=/; domain=.bongacams7.com
location: https://bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~
expires: Thu, 01 Dec 2022 18:32:19 GMT
x-bcs: ded7384
strict-transport-security: max-age=0;
cache-control: no-cache, public
x-bc-bl: 102
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.bcicdn.com/images/frontend/signup/benefits.png

195.85.23.226

200 OK

20 kB

URL HTTP/2
i.bcicdn.com/images/frontend/signup/benefits.png
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type
PNG image data, 41 x 318, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20548 bytes)
Hash
5e3d62896946413f5ae9266c99d7fdd9
4a53b2e8b57bcbf7010485e6a406691c2677ae4f
702309c2c4be05cc133ebc286f8587c3991701a949d84b719dbe7de016f49966

HTTP Headers

GET /images/frontend/signup/benefits.png HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1X9kU/extra/join_page.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: image/png
content-length: 20548
last-modified: Mon, 08 Jan 2018 07:53:06 GMT
etag: "5a532362-5044"
expires: Sun, 18 Dec 2022 13:52:50 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1102520
accept-ranges: bytes
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aadd2b1c02-OSL
X-Firefox-Spdy: h2

no.bongacams7.com/images/sprite/bc/icon16.svg

195.85.23.221

200 OK

24 kB

URL HTTP/2
no.bongacams7.com/images/sprite/bc/icon16.svg
IP
195.85.23.221:0
ASN
#209242 Cloudflare London, LLC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (24027), with no line terminators
Size
24 kB (23876 bytes)
Hash
95dcf61e1f73f38819851b9569a7ad28
dea6dcbd9c70578d38b557e859aecfb4c754e857
566c809869d089431d66b5b4081ca5f3ccb21838e8ce97f5fb97692b75bcb965

HTTP Headers

GET /images/sprite/bc/icon16.svg HTTP/1.1
Host: no.bongacams7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~
Connection: keep-alive
Cookie: __cf_bm=U1N8WmbsiqcJwPMu4gg50oS3lIvdohfH2_SrGUMfyFY-1669919540-0-AfU0xwDHbxTXs7r8wpPiDGC5VuayRxQY1rRbxf8iVa73gnfBDMf8m8JTNU2TDRYPHcO8FaPgSGEG0O4E/Oyv2iE=; bonga20120608=ea5f08fdbe92d6a8847343b4c4f15fd3; ts_type2=1; fv=ZQD1BGR5BGL2ZD==; uh=K3qwF01noxRjD0MFFHpjrUAQqxkQFD==; ratr=190659%3A%3A336957%3A%3A2022-12-01%2020%3A32%3A20%3A%3Ahttps%3A%2F%2Fgo.gkrtmc.com%2F%3A%3A37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%3A%3A43922; BONGAH_HIT=d00c5058fcd25d36df64584fdae4bee7%3A%3A190659%3A%3Ahttps%3A%2F%2Fgo.gkrtmc.com%2F%3A%3A37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%3A%3A43922%3A%3A336957%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3A%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-12-01%2020%3A32%3A20; BONGA_REF=https%3A%2F%2Fgo.gkrtmc.com%2F; sg=609; reg_ver2=3; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: image/svg+xml
last-modified: Fri, 25 Nov 2022 04:20:05 GMT
etag: W/"63804275-5ddb"
expires: Sat, 31 Dec 2022 18:32:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 566572
vary: Accept-Encoding
server: cloudflare
cf-ray: 772de7aaba8a0afe-OSL
content-encoding: br
X-Firefox-Spdy: h2

no.bongacams7.com/images/sprite/bc/category.svg

195.85.23.221

200 OK

15 kB

URL HTTP/2
no.bongacams7.com/images/sprite/bc/category.svg
IP
195.85.23.221:0
ASN
#209242 Cloudflare London, LLC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (783), with no line terminators
Size
15 kB (14884 bytes)
Hash
604005bcb148e61a3037aa721bbe091a
3d8bdebb7daf8db3b2584d537d7e7ce80651aea5
94aa333735c26a2310a77dce81e481af3b67f71c8eedaa152ea0fd5aa8337a95

HTTP Headers

GET /images/sprite/bc/category.svg HTTP/1.1
Host: no.bongacams7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.bongacams7.com/members/join?bcs=ZXN0a2QwMGM1MDU4ZmNkMjVkMzZkZjY0NTg0ZmRhZTRiZWU3OjoxOTA2NTk6Omh0dHBzOi8vZ28uZ2tydG1jLmNvbS86OjM3XzQzOTIyXzMyOTZfYmM3YzljZjBkYWI0ZGJhOGNkZTVkZTNjMzZjNzdmNGU6OjQzOTIyOjozMzY5NTc6OjA6OjA6OjA6Ojo6MDo6ZGVmYXVsdDo6MA~~
Connection: keep-alive
Cookie: __cf_bm=U1N8WmbsiqcJwPMu4gg50oS3lIvdohfH2_SrGUMfyFY-1669919540-0-AfU0xwDHbxTXs7r8wpPiDGC5VuayRxQY1rRbxf8iVa73gnfBDMf8m8JTNU2TDRYPHcO8FaPgSGEG0O4E/Oyv2iE=; bonga20120608=ea5f08fdbe92d6a8847343b4c4f15fd3; ts_type2=1; fv=ZQD1BGR5BGL2ZD==; uh=K3qwF01noxRjD0MFFHpjrUAQqxkQFD==; ratr=190659%3A%3A336957%3A%3A2022-12-01%2020%3A32%3A20%3A%3Ahttps%3A%2F%2Fgo.gkrtmc.com%2F%3A%3A37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%3A%3A43922; BONGAH_HIT=d00c5058fcd25d36df64584fdae4bee7%3A%3A190659%3A%3Ahttps%3A%2F%2Fgo.gkrtmc.com%2F%3A%3A37_43922_3296_bc7c9cf0dab4dba8cde5de3c36c77f4e%3A%3A43922%3A%3A336957%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3A%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-12-01%2020%3A32%3A20; BONGA_REF=https%3A%2F%2Fgo.gkrtmc.com%2F; sg=609; reg_ver2=3; warning18=%5B%22no_NO%22%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: image/svg+xml
last-modified: Thu, 13 Jan 2022 04:16:34 GMT
etag: W/"61dfa7a2-30f"
expires: Sat, 31 Dec 2022 18:32:20 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2475564
vary: Accept-Encoding
server: cloudflare
cf-ray: 772de7aaba8b0afe-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/5b17v.js

195.85.23.226

200 OK

12 kB

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/5b17v.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type
ASCII text, with very long lines (2123), with no line terminators
Size
12 kB (12042 bytes)
Hash
73d36253d7ee5d07d3215bf86b0dede9
8e2179301f15a06d1c178dd26c7f0aad1caad81f
af6a1689e6b917aa6e6bd98de50e22511a2e599f056889b6ce8d55f36e8d09fb

HTTP Headers

GET /js-min/1Xb5t/5b17v.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-84b"
expires: Sat, 31 Dec 2022 06:20:52 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o3-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43869
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7abfedd1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

d31qbv1cthcecs.cloudfront.net/atrk.js

143.204.55.36

200 OK

4.3 kB

URL HTTP/1.1
d31qbv1cthcecs.cloudfront.net/atrk.js
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4255), with no line terminators
Size
4.3 kB (4255 bytes)
Hash
d89453438fbf10dcf4c13265c40d5160
02d5f4e46c94bf34e12b2d773f63f643ea2b3518
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

HTTP Headers

GET /atrk.js HTTP/1.1
Host: d31qbv1cthcecs.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4255
Connection: keep-alive
Date: Sat, 13 Aug 2022 04:02:04 GMT
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
ETag: "d89453438fbf10dcf4c13265c40d5160"
Cache-Control: max-age=26920000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 80Y6lSBiy0IDtowZLsBRgwe68gwH8ust8uqeetB7P2KFo30Rn3eYxQ==
Age: 9556218

i.bcicdn.com/images/sprite/bc/ft_atlas_2.svg

195.85.23.226

200 OK

36 kB

URL HTTP/2
i.bcicdn.com/images/sprite/bc/ft_atlas_2.svg
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (43987), with no line terminators
Size
36 kB (36278 bytes)
Hash
caa115773e6819015acefd50fd2540bd
84a522cc4ff2257cb75937ed366838c60398712f
88b7331b6be15ed575359d08eec4a0135f967bff5a74108d3f476a298a970453

HTTP Headers

GET /images/sprite/bc/ft_atlas_2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1X9kU/lt.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Apr 2021 10:07:22 GMT
etag: W/"607961da-abd3"
expires: Sun, 11 Dec 2022 21:03:33 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1140294
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aadd491c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10874655-24&cid=1535532243.1669919540&jid=369851755&gjid=837929364&_gid=1981198538.1669919540&_u=YEBAAUAAAAAAACAAI~&z=106963915

108.177.14.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10874655-24&cid=1535532243.1669919540&jid=369851755&gjid=837929364&_gid=1981198538.1669919540&_u=YEBAAUAAAAAAACAAI~&z=106963915
IP
108.177.14.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10874655-24&cid=1535532243.1669919540&jid=369851755&gjid=837929364&_gid=1981198538.1669919540&_u=YEBAAUAAAAAAACAAI~&z=106963915 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://no.bongacams7.com
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://no.bongacams7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Dec 2022 18:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e2399af135d7420a87a053b5300a9a81
775740dee5e6436a5dbf4be64cd0550973dacf7b
7f11ff2bf65d82e79075e74951f3deea7bbce2b67172e13a68d0452cc8fe981b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107603
Date: Thu, 01 Dec 2022 18:32:21 GMT
Etag: "6387df56-1d7"
Expires: Sat, 03 Dec 2022 00:25:44 GMT
Last-Modified: Wed, 30 Nov 2022 22:55:18 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9z05VNAuyWFX-zTxqlUMyZ4PmYITW_w7fGOysaWv_rfolKQf-xlTYQ==
Age: 5427

i.bcicdn.com/js-min/1Xb5t/38581.js

195.85.23.226

200 OK

4.9 kB

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/38581.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type
ASCII text, with very long lines (14487), with no line terminators
Size
4.9 kB (4910 bytes)
Hash
96a3115a333df8e63ae060af16d25d16
0f79d7b76c723865cd7f623db660b891bb60828b
4b0d45fa768ed5ec02fccc2ff1a8d580e53fe062be22d4f486c4dbe536300203

HTTP Headers

GET /js-min/1Xb5t/38581.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-3897"
expires: Sat, 31 Dec 2022 06:20:53 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o3-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43868
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aceff41c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10874655-24&cid=1535532243.1669919540&jid=369851755&_u=YEBAAUAAAAAAACAAI~&z=2052465757

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10874655-24&cid=1535532243.1669919540&jid=369851755&_u=YEBAAUAAAAAAACAAI~&z=2052465757
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10874655-24&cid=1535532243.1669919540&jid=369851755&_u=YEBAAUAAAAAAACAAI~&z=2052465757 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 18:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10874655-24&cid=1535532243.1669919540&jid=369851755&_u=YEBAAUAAAAAAACAAI~&z=2052465757

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10874655-24&cid=1535532243.1669919540&jid=369851755&_u=YEBAAUAAAAAAACAAI~&z=2052465757
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10874655-24&cid=1535532243.1669919540&jid=369851755&_u=YEBAAUAAAAAAACAAI~&z=2052465757 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 18:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.bcicdn.com/images/replace/10/arial/999/bnct_v2.svg

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/images/replace/10/arial/999/bnct_v2.svg
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/replace/10/arial/999/bnct_v2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Mar 2022 11:31:02 GMT
etag: W/"6231ca76-345d"
expires: Sun, 18 Dec 2022 13:47:21 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1140298
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7a9fc131c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/ff97n.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/ff97n.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/ff97n.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-1324"
expires: Sat, 31 Dec 2022 06:20:52 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o3-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43886
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7ac1ef71c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/68348.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/68348.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/68348.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-12ac"
expires: Sat, 31 Dec 2022 06:20:52 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43487
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7ac2efc1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/b899s.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/b899s.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/b899s.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-ea"
expires: Sat, 31 Dec 2022 06:20:53 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43886
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7ac2f0f1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/48a8p.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/48a8p.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/48a8p.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-934"
expires: Sat, 31 Dec 2022 06:20:52 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43869
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7ac3f1b1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/css-min/1X9kU/ft.css

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/css-min/1X9kU/ft.css
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css-min/1X9kU/ft.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: text/css
last-modified: Thu, 01 Dec 2022 04:26:36 GMT
etag: W/"63882cfc-3a14"
expires: Sat, 31 Dec 2022 04:26:59 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 50698
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7a9fc101c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/i18n-min/1669879664/messages/no.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/i18n-min/1669879664/messages/no.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i18n-min/1669879664/messages/no.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:28:02 GMT
etag: W/"63885782-2ce65"
expires: Sat, 31 Dec 2022 07:28:31 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 39770
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7a9fc111c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/css-min/1X9kU/extra/join_page.css

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/css-min/1X9kU/extra/join_page.css
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css-min/1X9kU/extra/join_page.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: text/css
last-modified: Thu, 01 Dec 2022 04:26:37 GMT
etag: W/"63882cfd-15ac"
expires: Sat, 31 Dec 2022 04:26:59 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43080
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aa0c2d1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/d.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/d.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/d.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-67c09"
expires: Sat, 31 Dec 2022 06:20:52 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43486
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7a9fc121c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/css-min/1X9kU/extra/pages.css

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/css-min/1X9kU/extra/pages.css
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css-min/1X9kU/extra/pages.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: text/css
last-modified: Thu, 01 Dec 2022 04:26:37 GMT
etag: W/"63882cfd-4dbf"
expires: Sat, 31 Dec 2022 04:26:59 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o3-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 49645
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aa3c691c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/28023.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/28023.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/28023.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-42d9"
expires: Sat, 31 Dec 2022 06:20:53 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43868
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7ad786f1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/images/sprite/bc/flag_pack-7fa3aa73.svg

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/images/sprite/bc/flag_pack-7fa3aa73.svg
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/sprite/bc/flag_pack-7fa3aa73.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1X9kU/cr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: image/svg+xml
last-modified: Thu, 30 May 2019 03:12:25 GMT
etag: W/"5cef4a19-5775"
expires: Sun, 11 Dec 2022 17:35:35 GMT
cache-control: max-age=2592000
x-bc-o: 2
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1140294
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aacd0b1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/images/replace/10/arial/999/bnct_add2.svg

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/images/replace/10/arial/999/bnct_add2.svg
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/replace/10/arial/999/bnct_add2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jun 2021 09:45:11 GMT
etag: W/"60c08da7-2a63"
expires: Sun, 18 Dec 2022 13:47:21 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1140280
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7a9fc161c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/b5c6.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/b5c6.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/b5c6.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-cc"
expires: Sat, 31 Dec 2022 06:20:53 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43886
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7abfed61c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/7717s.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/7717s.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/7717s.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-3965"
expires: Sat, 31 Dec 2022 06:20:53 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43869
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7abfee01c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/d38u.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/d38u.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/d38u.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-3b35"
expires: Sat, 31 Dec 2022 06:20:53 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o3-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43868
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aceff71c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/css-min/1X9kU/dg.css

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/css-min/1X9kU/dg.css
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css-min/1X9kU/dg.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: text/css
last-modified: Thu, 01 Dec 2022 04:26:36 GMT
etag: W/"63882cfc-16bdd"
expires: Sat, 31 Dec 2022 04:26:59 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o3-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 46805
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aa3c6b1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/images/replace/10/arial/999/bnct_add1_v2.svg

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/images/replace/10/arial/999/bnct_add1_v2.svg
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/replace/10/arial/999/bnct_add1_v2.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Mar 2022 11:31:02 GMT
etag: W/"6231ca76-35ac"
expires: Sun, 18 Dec 2022 13:47:21 GMT
cache-control: max-age=2592000
x-bc-o: 1
x-o1-p4: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1140280
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7a9fc151c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/css-min/1X9kU/cr.css

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/css-min/1X9kU/cr.css
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css-min/1X9kU/cr.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: text/css
last-modified: Thu, 01 Dec 2022 04:26:36 GMT
etag: W/"63882cfc-132d4"
expires: Sat, 31 Dec 2022 04:26:59 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o3-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 50698
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aa0c301c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/d225.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/d225.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/d225.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-483a"
expires: Sat, 31 Dec 2022 06:20:53 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o3-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43886
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7abfece1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/images/svg/bc/nft_cashback/ncsh_off.svg

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/images/svg/bc/nft_cashback/ncsh_off.svg
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/svg/bc/nft_cashback/ncsh_off.svg HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.bcicdn.com/css-min/1X9kU/cr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Nov 2022 09:13:16 GMT
etag: W/"636cc0ac-b60"
expires: Sat, 10 Dec 2022 09:19:48 GMT
cache-control: max-age=2592000
x-bc-o: 2, 1
x-o1-p4: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1847543
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aacd261c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/2677r.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/2677r.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/2677r.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-5bfb"
expires: Sat, 31 Dec 2022 06:20:53 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o3-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43869
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7abfede1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/js-min/1Xb5t/bfe7t.js

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/js-min/1Xb5t/bfe7t.js
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js-min/1Xb5t/bfe7t.js HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 06:20:41 GMT
etag: W/"638847b9-14f7"
expires: Sat, 31 Dec 2022 06:20:52 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 43869
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7abfee51c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

i.bcicdn.com/css-min/1X9kU/lt.css

195.85.23.226

200 OK

0 B

URL HTTP/2
i.bcicdn.com/css-min/1X9kU/lt.css
IP
195.85.23.226:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css-min/1X9kU/lt.css HTTP/1.1
Host: i.bcicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.bongacams7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:32:20 GMT
content-type: text/css
last-modified: Thu, 01 Dec 2022 04:26:36 GMT
etag: W/"63882cfc-1a795"
expires: Sat, 31 Dec 2022 04:26:59 GMT
cache-control: max-age=2592000
x-bc-o-lcf: 3
x-o1-css: MISS
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 50698
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772de7aa2c501c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (49)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations