Report - festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html

Report Overview

Submitted URL
festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html
IP
34.159.75.132
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2023-01-11 10:33:50
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
majorilink.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	608 B	214 B	185.177.94.194
0.majorilink.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	30 kB	185.177.94.194
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	172.64.155.188
festucilqua1986.netlify.app	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	2.0 kB	35.246.229.114
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.0 kB	93.184.220.29
www.mdaemon.es	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	56 kB	178.33.117.204
festucilqua1986.netlify.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	328 B	34.159.137.246
basati.info	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	555 B	31 kB	172.67.212.90
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.131
adspredictiv.com	160243	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	20 kB	35.190.38.40
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.218.164.174
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.9 kB	23.36.77.32
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	35 kB	216.58.207.234
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	502 B	46 kB	216.58.207.227
yourjsdelivery.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	541 B	172.67.73.213
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	143.204.42.156
holidaycat.icu	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	829 B	2.4 kB	172.67.179.73
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
majorworkertop.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	826 B	2.6 kB	51.15.17.111
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426 B	746 B	142.250.74.106
secureconv-dl.com	737808	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	502 B	8.6 kB	34.250.128.193

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-11 10:33:29	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain
2023-01-11 10:33:29	medium	Client IP	172.67.179.73	ET INFO Suspicious Domain (*.icu) in TLS SNI

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-11	medium	basati.info/?MFrPqukzI=EAcEHlVSSV1YWV8FUQ1VElkEV14cQ1tYQ09RWANBHFcNDRIWUhJdC1QbXVBRDBMNXhoDX1dYWkpfSAQGVR4HGAUCCwZfCFYCBQEcGQVMClQCAEoDHAYFFVIKGGI1HhsYFgYeEEBECwQQA1Fm	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-11	medium	basati.info	Sinkholed
2023-01-11	medium	secureconv-dl.com	Sinkholed

JavaScript (11)

	URL	Size	First Seen	Last Seen
	holidaycat.icu/2294e00b66	289 B	2023-03-07	2024-01-11
Pretty URL holidaycat.icu/2294e00b66 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:51 Last Seen2024-01-11 04:12:30 Times Seen57 Hash 83c0c7d2cf28177b6e93dd3ab9883936 7440e4af9267c573e0177bfb27bc853bfadd0c52 151c87ba95682a1cc7c16f8522235cfa9643652947ed775ee9a1f8e299eaee1f Loading...

	holidaycat.icu/2294e00b66	625 B	2023-03-12	2023-03-12
Pretty URL holidaycat.icu/2294e00b66 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:23:18 Last Seen2023-03-12 20:23:18 Times Seen1 Hash 8d9f8ae958bdb6f6cd06a91364751dca 62aad8ee74c065dfa53fbc59acbc40630b7a4073 9313ef78e17c14667c7eec801ecbfbef084881e2b08fd3f243b23bbc236b55ad Loading...

	festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html	17 kB	2023-03-12	2023-03-12
Pretty URL festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html IP 35.246.229.114 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:23:18 Last Seen2023-03-12 20:23:18 Times Seen1 Hash b206c49aaaacfddc3093991c98a7e135 47d8fa5afc12576e5fd38e3bf7cfd8d6dc70dbe5 e1d9f4183058fc8be177fa79742a7783f76869c35e40806343435e800d31125e Loading...

	majorilink.com/?p=mm3tqzbvme5gi3bpgq2tini&sub1=what+does+contrasena+mean+in+english&sub2=casino&sub3=Firefox+Generic+%2F+Win10&sub4=https%3A%2F%2Ffestucilqua1986.netlify.app%2F	8.3 kB	2023-03-12	2023-03-12
Pretty URL majorilink.com/?p=mm3tqzbvme5gi3bpgq2tini&sub1=what+does+contrasena+mean+in+english&sub2=casino&sub3=Firefox+Generic+%2F+Win10&sub4=https%3A%2F%2Ffestucilqua1986.netlify.app%2F IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:23:18 Last Seen2023-03-12 20:23:18 Times Seen1 Hash feeeee7f005044561984aa669be7254d e5670c18d1c404739d2bc1fffa8b6688d8ed360e cde91c17051ff485b3e9ed84f87014c194a74bb415c62f8dc4b1859c8b6c6d51 Loading...

	0.majorilink.com/?p=mm3tqzbvme5gi3bpgq2tini&sub1=what+does+contrasena+mean+in+english&sub2=casino&sub3=Firefox+Generic+%2F+Win10&sub4=https%3A%2F%2Ffestucilqua1986.netlify.app%2F	8.0 kB	2023-03-12	2023-03-12
Pretty URL 0.majorilink.com/?p=mm3tqzbvme5gi3bpgq2tini&sub1=what+does+contrasena+mean+in+english&sub2=casino&sub3=Firefox+Generic+%2F+Win10&sub4=https%3A%2F%2Ffestucilqua1986.netlify.app%2F IP 185.177.94.194 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:23:18 Last Seen2023-03-12 20:23:18 Times Seen1 Hash e3a31afce3037d427259b302049dc484 1423e08b64ebf60ed9ee482168c965c3034b55da 5df79497bf8e66a337b82a5fd2064b1c9be368f3d9ad57c797b3429815ce4e58 Loading...

	adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8fd66b8e96104bc2bac4a44176e68beb2099a&sub1=163389&sub2=	6.8 kB	2023-03-12	2023-03-12
Pretty URL adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8fd66b8e96104bc2bac4a44176e68beb2099a&sub1=163389&sub2= IP 35.190.38.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:23:18 Last Seen2023-03-12 20:23:18 Times Seen1 Hash fedbf045fb13938016225fe851c88a91 f2d90ed1052660944e8974622e58dcf21ac80dab ab8018d8a676dae2de633bceb89a3af1b1eced22997cb74b5d5de30eedd09475 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js	97 kB	2023-03-07	2024-05-04
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:02 Last Seen2024-05-04 15:37:47 Times Seen4979 Hash cbb11b58473b2d672f4ed53abbb67336 66f47b885d587aa9a6c453ae3f2c9a382e5c7ec7 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf Loading...

	yourjsdelivery.com/dl.min.js	18 kB	2023-03-10	2024-04-26
Pretty URL yourjsdelivery.com/dl.min.js IP 172.67.73.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:26:58 Last Seen2024-04-26 02:07:10 Times Seen359 Hash 08d190d8b4dca39922dc4b613a2283b8 3ccaa66c506d0b79159836f7fcd6044fda78049f f878295a13ab9f922ba046207c3cb9da598d0e00cca7d488ef0cd15fc866c574 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1eb015742421504b463ec2274bf1d57d	572 B	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 20:23:18 Last Seen2023-03-12 20:23:18 Times Seen1 Hash 1eb015742421504b463ec2274bf1d57d afc08e2a6025b08290fc1ff9e0085439954df865 2ea0948eae52a84cb9b241ac9ec875c340fc2eccec966ffed2f82177881071f8 Loading...

	#2 Eval - 10452f4a53e5a5cb20d285f9e3bff04c	7.9 kB	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 20:23:18 Last Seen2023-03-12 20:23:18 Times Seen1 Hash 10452f4a53e5a5cb20d285f9e3bff04c 77b4341bad826a8ea8f2bebfa9f2e2bfedee3fd4 350df7bd3088255bf513d8e7ae59fb4e9844125e8cb69224dc965002fe88eb40 Loading...

	#3 Eval - 856043dfb4ff1985c79a04385ef07aa2	7.7 kB	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 20:23:19 Last Seen2023-03-12 20:23:19 Times Seen1 Hash 856043dfb4ff1985c79a04385ef07aa2 750736057a67e1fcb05c7ce0d61383f60d78b9c5 53d6b30faa546862b40bbc6e0be0a437d4931c27d1ab5d5d464948d3f40df82c Loading...

HTTP Transactions (60)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11755
Expires: Wed, 11 Jan 2023 13:49:34 GMT
Date: Wed, 11 Jan 2023 10:33:39 GMT
Connection: keep-alive

festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html

35.246.229.114

301 Moved Permanently

92 B

URL HTTP/1.1
festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html
IP
35.246.229.114:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with no line terminators
Size
92 B (92 bytes)
Hash
3458fefdcaad68446b1d76ad8d35dc93
3691fab0af62f8e7be97c4c912f48ed959915630
6857fa8cf6734a3db834b49056e6233361c617c72548c8db86d42c3fe9ab41d3

HTTP Headers

GET /what-does-contrasena-mean-in-english.html HTTP/1.1
Host: festucilqua1986.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html
Server: Netlify
X-Nf-Request-Id: 01GPG690JXFCF50AA6YM95DBWR
Date: Wed, 11 Jan 2023 10:33:39 GMT
Content-Length: 92
Content-Type: text/plain; charset=utf-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12415
Expires: Wed, 11 Jan 2023 14:00:34 GMT
Date: Wed, 11 Jan 2023 10:33:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 09:48:36 GMT
content-type: application/json
age: 2703
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d8ccb7b2b89aec333fabc04d37337892
c2a13a42c1bd0cf7ce68d9c13b3d6ba1044b5283
75fcc3ea090454e3489a131b70ab50798fec6a08664745027d7a1cf62c6aba28

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75FCC3EA090454E3489A131B70AB50798FEC6A08664745027D7A1CF62C6ABA28"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12980
Expires: Wed, 11 Jan 2023 14:09:59 GMT
Date: Wed, 11 Jan 2023 10:33:39 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mIaeJPfqoOBkwfnhDkFaXkk19VHkvMNsSFvuZAkjzg9///yZchuFZZ6Hpk9j3JOipNyq/a7eA/4=
x-amz-request-id: 5E8AJCC8PPPNEVFR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 10:17:00 GMT
age: 999
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
219f808cfee95d8cc0d20212d48d396e
953b0a7a50227bc8381ea9946fbcdc837270afa0
db2ba180cccde46b1447e481c995d17dc030f0fc24335d610472ebc0ebda1bc1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6285
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 10:33:39 GMT
Last-Modified: Wed, 11 Jan 2023 08:48:55 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 10:33:39 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 09:33:45 GMT
age: 3595
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ce604e6f88a42844a4ec7d404879bdcf
d462a2a194a67d39d091ff49c4435fdfc39b3e5b
9e0222bcc67f019bb5c61657fc921fc42aa0cd7a75f6b1358d05231c53cc26e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1164
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 10:33:40 GMT
Last-Modified: Wed, 11 Jan 2023 10:14:16 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7ec6af4419d9a97c0067405014d7b3f6
731df9de4a07d775f979a8188e045bc089831e05
660148c3480000439b01cb1b1973153f293676293cc6e3661f94c73c9558f8d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "660148C3480000439B01CB1B1973153F293676293CC6E3661F94C73C9558F8D4"
Last-Modified: Mon, 09 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6646
Expires: Wed, 11 Jan 2023 12:24:26 GMT
Date: Wed, 11 Jan 2023 10:33:40 GMT
Connection: keep-alive

push.services.mozilla.com/

34.218.164.174

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.164.174:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r1cb/jLTyMB5PtZJiGuXsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yKIegEvO3XLbtz9PAy2AGnefQKE=

www.mdaemon.es/wp-content/uploads/2016/10/have-I-been-pwned.png

178.33.117.204

200 OK

56 kB

URL HTTP/2
www.mdaemon.es/wp-content/uploads/2016/10/have-I-been-pwned.png
IP
178.33.117.204:0
ASN
#16276 OVH SAS

File type
PNG image data, 999 x 866, 8-bit colormap, non-interlaced\012- data
Size
56 kB (55900 bytes)
Hash
a88ab3acbdb16cfc29eb342a79045267
1c7e334542318dfb6f0eb51813e147f6346c703f
f060ea4dfa902ece3a675286a81e59f29302eb66817faae72dac566f71fe3f88

HTTP Headers

GET /wp-content/uploads/2016/10/have-I-been-pwned.png HTTP/1.1
Host: www.mdaemon.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://festucilqua1986.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 10:33:40 GMT
content-type: image/png
content-length: 55900
last-modified: Thu, 27 Oct 2016 10:35:46 GMT
etag: "5811d882-da5c"
expires: Thu, 11 Jan 2024 10:33:40 GMT
cache-control: max-age=31536000
x-microcache: True
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
1539050180fdefec3e768269f276e041
01e10a23322ad893554c7709e289b645e18d6084
3121814b7e4f808f42add19a99b9a2f6deb2f5cf0b5d43ae69640a63df0c1682

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4232
Cache-Control: max-age=97320
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 10:33:40 GMT
Etag: "63bd5924-13a"
Expires: Thu, 12 Jan 2023 13:35:40 GMT
Last-Modified: Tue, 10 Jan 2023 12:25:08 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314

festucilqua1986.netlify.com/

34.159.137.246

301 Moved Permanently

71 B

URL HTTP/2
festucilqua1986.netlify.com/
IP
34.159.137.246:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document, ASCII text
Size
71 B (71 bytes)
Hash
075f84426dd9c8dc0be7da2f6be883c5
58de6f07b99e12ce08c9274af898f224c171aaba
a795c8a264a2455dea91e6147c62c37bb16846ee637f5b557a90108455759b5d

HTTP Headers

GET / HTTP/1.1
Host: festucilqua1986.netlify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://festucilqua1986.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
location: https://festucilqua1986.netlify.app/
server: Netlify
x-nf-request-id: 01GPG691VGDSPXEZE6D53Q3DXS
content-length: 71
date: Wed, 11 Jan 2023 10:33:40 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d63d14f02564d510689bb7b211a0fff
5bdf0bd61f0ea3d97d807429d8faabdb46349afa
96aebe383b224ba27d44c3b7a0e84d99da2165490da5d155cbc1c1fce8bc4e27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96AEBE383B224BA27D44C3B7A0E84D99DA2165490DA5D155CBC1C1FCE8BC4E27"
Last-Modified: Tue, 10 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7752
Expires: Wed, 11 Jan 2023 12:42:53 GMT
Date: Wed, 11 Jan 2023 10:33:41 GMT
Connection: keep-alive

basati.info/?MFrPqukzI=EAcEHlVSSV1YWV8FUQ1VElkEV14cQ1tYQ09RWANBHFcNDRIWUhJdC1QbXVBRDBMNXhoDX1dYWkpfSAQGVR4HGAUCCwZfCFYCBQEcGQVMClQCAEoDHAYFFVIKGGI1HhsYFgYeEEBECwQQA1Fm

172.67.212.90

200 OK

30 kB

URL HTTP/2
basati.info/?MFrPqukzI=EAcEHlVSSV1YWV8FUQ1VElkEV14cQ1tYQ09RWANBHFcNDRIWUhJdC1QbXVBRDBMNXhoDX1dYWkpfSAQGVR4HGAUCCwZfCFYCBQEcGQVMClQCAEoDHAYFFVIKGGI1HhsYFgYeEEBECwQQA1Fm
IP
172.67.212.90:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (572), with no line terminators
Size
30 kB (29468 bytes)
Hash
ff3101a59a3e8b2d5441e72c45400e93
d4519ab6b0de0cb9ba3eb96dfbcad92e79c16568
f3d5c6ff2244fa3927070e4c91040d9b7948d3a22cfd8b82cfd3d5fe4d27cc61

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /?MFrPqukzI=EAcEHlVSSV1YWV8FUQ1VElkEV14cQ1tYQ09RWANBHFcNDRIWUhJdC1QbXVBRDBMNXhoDX1dYWkpfSAQGVR4HGAUCCwZfCFYCBQEcGQVMClQCAEoDHAYFFVIKGGI1HhsYFgYeEEBECwQQA1Fm HTTP/1.1
Host: basati.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://festucilqua1986.netlify.app
Connection: keep-alive
Referer: https://festucilqua1986.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 11 Jan 2023 10:33:41 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: https://festucilqua1986.netlify.app
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With
access-control-allow-credentials: true
referrer-policy: no-referrer
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
set-cookie: c2f3215eb59d83a7de1aef71c767cff4=1; expires=Thu, 12-Jan-2023 10:33:41 GMT; Max-Age=86400; path=/; domain=basati.info
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F2HMAu83jQ%2FTRDJaOZbT4wGVqJNAZND6WeMTI5cQgUgvTkvO%2FPzifkI0%2FkDOX9hO35a2Uxb8bYmj147GIglF7hQ6yOH2XHde20TBSGK%2FKDrmHMHYJhxxCd8C0XQvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787cfedd6e83b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

majorilink.com/favicon.ico

185.177.94.194

204 No Content

0 B

URL HTTP/2
majorilink.com/favicon.ico
IP
185.177.94.194:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: majorilink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://majorilink.com/?p=mm3tqzbvme5gi3bpgq2tini&sub1=what+does+contrasena+mean+in+english&sub2=casino&sub3=Firefox+Generic+%2F+Win10&sub4=https%3A%2F%2Ffestucilqua1986.netlify.app%2F
Cookie: uuid=e7460da1-1539-49d1-9198-e4f364787a15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 10:33:41 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bab1e0a4d34a2e5ded3832b104c194a9
c75397cde405b753d9799501b4c98325fad52228
bb8e476576e9bf9fec81d06bf5c288dc9f27a34b458352cd21ddc95083a3ae63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB8E476576E9BF9FEC81D06BF5C288DC9F27A34B458352CD21DDC95083A3AE63"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8366
Expires: Wed, 11 Jan 2023 12:53:08 GMT
Date: Wed, 11 Jan 2023 10:33:42 GMT
Connection: keep-alive

majorworkertop.com/sw/w_1.js

51.15.17.111

200 OK

1.9 kB

URL HTTP/2
majorworkertop.com/sw/w_1.js
IP
51.15.17.111:0
ASN
#12876 Online S.a.s.

File type
data
Size
1.9 kB (1892 bytes)
Hash
10054e335d972e6665a404e9d94d5a93
07d747b03555398f129fef5905a23c29aae4fb6e
5ca385e4de232f629d516adc1e229e444c005173b7b5f924516c0e2d9cd913b2

HTTP Headers

GET /sw/w_1.js HTTP/1.1
Host: majorworkertop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://majorilink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 10:33:42 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Thu, 11 Jan 2024 10:33:42 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18779
Expires: Wed, 11 Jan 2023 15:46:41 GMT
Date: Wed, 11 Jan 2023 10:33:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18779
Expires: Wed, 11 Jan 2023 15:46:41 GMT
Date: Wed, 11 Jan 2023 10:33:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18779
Expires: Wed, 11 Jan 2023 15:46:41 GMT
Date: Wed, 11 Jan 2023 10:33:42 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8024 bytes)
Hash
35ee3a36f2d56adfa27324f734f8f7fc
6ec36e85e464004c5e6255739e962e6dcc4c24c6
6cedd3770eb8879c837799d36ebca9d631789d972d3631d730829fc5d64abb25

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8024
x-amzn-requestid: b331ee66-c166-4fa6-b950-287134d07fa2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ6EM0oAMFQFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-39ff669b44e3dd9339daa56b;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Fk214iXw9pGVhIOu0uwvDOrqHR-pOjicJOttxjMb0JDhxXbfpyRncg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 07:54:43 GMT
age: 9539
etag: "6ec36e85e464004c5e6255739e962e6dcc4c24c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1180e9be-6c31-4bd3-86f4-ac36cdd4e746.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9301 bytes)
Hash
74eafe3bfabac6843100686971153898
e9df2e14485c412107d742d4baab53aa36cd8ca4
46fcfba703552a587888b3c6e6a1deb01930e347192d05d95a5a5f46e9d0fea1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1180e9be-6c31-4bd3-86f4-ac36cdd4e746.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9301
x-amzn-requestid: 7f43eb13-8bca-4b2b-a6a4-325c6161608e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei73_GVVIAMFn5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-3f5d8e784f0d806b6416138f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rT4PDtLOo9eKH4xOnr2nkKVl4KqzRUZykXl_UYwIt_MIF_WUpuGq7w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:44:21 GMT
age: 46161
etag: "e9df2e14485c412107d742d4baab53aa36cd8ca4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71d3cb7a-f543-4a82-a60f-e724319f6ba6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.6 kB (4629 bytes)
Hash
88aadac9a21ad756c938e2987befa597
4d416106b786cfb09839d9d2de6b8ef76647d1b9
3571cf127c05e07f1bd8541845c3b4ee61055e6205ef954ca5499fbf87c8ae26

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71d3cb7a-f543-4a82-a60f-e724319f6ba6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4629
x-amzn-requestid: 93880e85-ab9f-44b8-9187-7467ba336bca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efpx3HqFoAMFkgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc89a5-03668a5161d02a6f67f49d25;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:39:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T_C5iEFrBlJT94eNKTq5ST3Wck7YGCiFHsJ0u3srpY1C6CIolB3uNQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:55:05 GMT
age: 45517
etag: "4d416106b786cfb09839d9d2de6b8ef76647d1b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9539 bytes)
Hash
a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KagwDWv4x4hYmkcjYZeGCVtIk4CEiK_QOPd02qkm7qdRLc0TDrUKeA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 05:42:12 GMT
age: 17490
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6400 bytes)
Hash
56de8a53fb494855ff7717eeb39c1fed
438999ac8d0853e235a2c0e0f404291961c891ab
357db338b2f6fcf434bdd9c2561f91d3fc7e5d42a92e5068402ce3eeb6fba412

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6400
x-amzn-requestid: f76c3961-a118-4639-a943-2ffbd3d28537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaD7hEEdoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba4d16-3881379864dcae085aa4fd4d;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:56:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmS2bnkBSYTi7rEZuQ_frZ6GwU-PHrD3GfDXv7rDkp_ytjR7c9FhWw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 09:00:56 GMT
age: 5566
etag: "438999ac8d0853e235a2c0e0f404291961c891ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c6517dc-ccae-435f-be23-e98711eb6062.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9120 bytes)
Hash
45f8fac831914525dcaa19617e3e212c
494878e02f916ef7bf57703062b33328778e1adc
8d51e3567a0cfdb3bbddfd365c7073c9b7a396552c7455787f1c4d386d01646e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c6517dc-ccae-435f-be23-e98711eb6062.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9120
x-amzn-requestid: 2a627ed6-6dcb-43db-b3f1-9466d191c644
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: edG9MHNaoAMF2Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb8521-7ade615a424161503546feaa;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 03:08:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qlhIrLaS-Ws8BAKtj4DMPoQ5cmu8q38Iq88V8lXe2L29QpS2fmhtfQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 03:13:53 GMT
age: 26389
etag: "494878e02f916ef7bf57703062b33328778e1adc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

0.majorilink.com/w5ee123fc.js

185.177.94.194

200 OK

59 B

URL HTTP/2
0.majorilink.com/w5ee123fc.js
IP
185.177.94.194:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
59 B (59 bytes)
Hash
3a34e3bebe8f85b117d97b0a733464b8
1715e7bdfca1e1791a90a06a2408d204b6198ec5
7e3e416f1bca4916a945b3fd4eacd029c4084dbebbec7ee9fe2832222d127c84

HTTP Headers

GET /w5ee123fc.js HTTP/1.1
Host: 0.majorilink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=e7460da1-1539-49d1-9198-e4f364787a15; uuid=e7460da1-1539-49d1-9198-e4f364787a15
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 10:33:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 59
last-modified: Mon, 23 May 2022 10:35:42 GMT
etag: "628b637e-3b"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

0.majorilink.com/favicon.ico

185.177.94.194

204 No Content

0 B

URL HTTP/2
0.majorilink.com/favicon.ico
IP
185.177.94.194:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 0.majorilink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.majorilink.com/?p=mm3tqzbvme5gi3bpgq2tini&sub1=what+does+contrasena+mean+in+english&sub2=casino&sub3=Firefox+Generic+%2F+Win10&sub4=https%3A%2F%2Ffestucilqua1986.netlify.app%2F
Cookie: uuid=e7460da1-1539-49d1-9198-e4f364787a15; uuid=e7460da1-1539-49d1-9198-e4f364787a15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 10:33:41 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
77550309350791f0a1ec8229abaa86a4
52385220c23426f92fd03a13157e78e3ca4b82c9
1b9fc0d55a74f56305ada0a77cc0c383fa2f2a55ff9920c484cc1142feaa50d5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 11 Jan 2023 10:33:42 GMT
Etag: "63bb3796-1d7"
Last-Modified: Wed, 11 Jan 2023 10:13:20 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hXFlBQlcFAcQ7yF0jykLCRqifhdz5-Vs2l7ylQFf_x_wrzVwWO14Ew==
Age: 1222

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
0ea2361f016c6d4447f3466ece664bde
8e25826e3e7e36ad75afcef2d76a9edad1432a6b
40b505a57f0f288099dcfc394f05c7513d99b22544a32d7be3a5d2a9d39c7f07

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 10:33:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 10:25:07 GMT
Expires: Wed, 18 Jan 2023 10:25:06 GMT
Etag: "8e25826e3e7e36ad75afcef2d76a9edad1432a6b"
Cache-Control: max-age=603682,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 787cfeec0bf4fabc-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
0ea2361f016c6d4447f3466ece664bde
8e25826e3e7e36ad75afcef2d76a9edad1432a6b
40b505a57f0f288099dcfc394f05c7513d99b22544a32d7be3a5d2a9d39c7f07

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 10:33:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 10:25:07 GMT
Expires: Wed, 18 Jan 2023 10:25:06 GMT
Etag: "8e25826e3e7e36ad75afcef2d76a9edad1432a6b"
Cache-Control: max-age=603682,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 787cfeed6d03fabc-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
20c5c172ad116c200d2a156580486a74
99294b215408aa0d0298702e7aa698486d21b65b
3767ff94326364b7bbfbe6d070f779da3ff5ffdcdf2c082180d79f130aedd741

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3767FF94326364B7BBFBE6D070F779DA3FF5FFDCDF2C082180D79F130AEDD741"
Last-Modified: Mon, 09 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13346
Expires: Wed, 11 Jan 2023 14:16:09 GMT
Date: Wed, 11 Jan 2023 10:33:43 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
20c5c172ad116c200d2a156580486a74
99294b215408aa0d0298702e7aa698486d21b65b
3767ff94326364b7bbfbe6d070f779da3ff5ffdcdf2c082180d79f130aedd741

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3767FF94326364B7BBFBE6D070F779DA3FF5FFDCDF2C082180D79F130AEDD741"
Last-Modified: Mon, 09 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13346
Expires: Wed, 11 Jan 2023 14:16:09 GMT
Date: Wed, 11 Jan 2023 10:33:43 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
3751e780b9f240760356799712f85854
e744e74611420b670810a5f44aa4ef89aad6dcaa
997f71d63c8dd33576341c2559d7bfc2ec9350d383ee11084fa4707056fa6c95

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "997F71D63C8DD33576341C2559D7BFC2EC9350D383EE11084FA4707056FA6C95"
Last-Modified: Tue, 10 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3710
Expires: Wed, 11 Jan 2023 11:35:34 GMT
Date: Wed, 11 Jan 2023 10:33:44 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
3751e780b9f240760356799712f85854
e744e74611420b670810a5f44aa4ef89aad6dcaa
997f71d63c8dd33576341c2559d7bfc2ec9350d383ee11084fa4707056fa6c95

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "997F71D63C8DD33576341C2559D7BFC2EC9350D383EE11084FA4707056FA6C95"
Last-Modified: Tue, 10 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3710
Expires: Wed, 11 Jan 2023 11:35:34 GMT
Date: Wed, 11 Jan 2023 10:33:44 GMT
Connection: keep-alive

holidaycat.icu/images/firefox/bundlehelp.css

172.67.179.73

200 OK

931 B

URL HTTP/2
holidaycat.icu/images/firefox/bundlehelp.css
IP
172.67.179.73:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
931 B (931 bytes)
Hash
3e2ba3111038b0046452fbffd0b6ece4
71dfba92773c01ee9ab64d91d72fce81b80b107b
c695094434dad1322008ea7596cc6ae59fac68112ecda0857b12925d770cdc6c

HTTP Headers

GET /images/firefox/bundlehelp.css HTTP/1.1
Host: holidaycat.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holidaycat.icu/2294e00b66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 11 Jan 2023 10:33:44 GMT
content-type: text/css
last-modified: Wed, 07 Oct 2020 11:38:48 GMT
etag: W/"5f7da8c8-876"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3804
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2F5TAoi%2Be3GC%2B%2BvJO2dky4NZ2KVZCXDDolqJnVROmhprvlGuBWvtlLzdcHiTr4BfvgqOMV58O45RNgqkTP4gq7CKhuPEr3jeJgtufxJq82pZWNMy84Fn5%2B3vBNIWuP5Mhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787cfef5fce1b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

0.majorilink.com/?p=mm3tqzbvme5gi3bpgq2tini&sub1=what+does+contrasena+mean+in+english&sub2=casino&sub3=Firefox+Generic+%2F+Win10&sub4=https%3A%2F%2Ffestucilqua1986.netlify.app%2F

185.177.94.194

200 OK

29 kB

URL HTTP/2
0.majorilink.com/?p=mm3tqzbvme5gi3bpgq2tini&sub1=what+does+contrasena+mean+in+english&sub2=casino&sub3=Firefox+Generic+%2F+Win10&sub4=https%3A%2F%2Ffestucilqua1986.netlify.app%2F
IP
185.177.94.194:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
29 kB (29235 bytes)
Hash
bfc6334b275d63b54f62d46f497230aa
c0a4bb02cc41d2f8a2abf40beddb17c442bea604
f8e0f081cc9491f2ab95e9026d7c72bf9cd42202a91d0e6f432f2cc86accb49e

HTTP Headers

GET /?p=mm3tqzbvme5gi3bpgq2tini&sub1=what+does+contrasena+mean+in+english&sub2=casino&sub3=Firefox+Generic+%2F+Win10&sub4=https%3A%2F%2Ffestucilqua1986.netlify.app%2F HTTP/1.1
Host: 0.majorilink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://majorilink.com/
Cookie: uuid=e7460da1-1539-49d1-9198-e4f364787a15
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 10:33:41 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=e7460da1-1539-49d1-9198-e4f364787a15; expires=Fri, 10-Feb-2023 10:33:42 GMT; Max-Age=2592000; path=/; domain=0.majorilink.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 10:33:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js

216.58.207.234

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32060)
Size
34 kB (34044 bytes)
Hash
68eae8ae528b3cf4965c780505e8274b
23eea22c5ced491f0933dbdc428503548ae48636
5c677af2d6e78de58c66b09577213d4b1c23cf0409822378053f1c457ff465aa

HTTP Headers

GET /ajax/libs/jquery/1.12.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holidaycat.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 34044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:11 GMT
expires: Sat, 06 Jan 2024 13:33:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 421233
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 10:33:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
248af7798e0a65362fec1b137bda72d6
051beb2cce98b26c33d67d3ddfce242a380597ba
bc9df61142f6aa9c8bd032384a4b76d102faa4a3e892106c885d6cc63c90f352

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110895
Date: Wed, 11 Jan 2023 10:33:44 GMT
Etag: "63bd92ad-1d7"
Expires: Thu, 12 Jan 2023 17:21:59 GMT
Last-Modified: Tue, 10 Jan 2023 16:30:37 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D_HexHieHazRoYoshOv03k06BgaMcrL0DTbpRKmuYCk9Dm6fX91wNg==
Age: 3082

secureconv-dl.com/?a=163389&c=187839&co=212705&mt=5

34.250.128.193

302 Found

4.3 kB

URL HTTP/2
secureconv-dl.com/?a=163389&c=187839&co=212705&mt=5
IP
34.250.128.193:0
ASN
#16509 AMAZON-02

File type
data
Size
4.3 kB (4309 bytes)
Hash
fa625eae16c83c6de477ee05f64d3ab2
14b7886a02210618911abd3c916df21ede7c35ae
8f11442909c8bbfd564597daf279eb3e495fe97564a2e971e3b9553b3cd183ee

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?a=163389&c=187839&co=212705&mt=5 HTTP/1.1
Host: secureconv-dl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.majorilink.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 11 Jan 2023 10:33:42 GMT
content-type: text/html;charset=ISO-8859-1
location: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8fd66b8e96104bc2bac4a44176e68beb2099a&sub1=163389&sub2=
server: nginx
set-cookie: gdm_click_freq_v2_1_001=H9VE5TFJkUlW96mXbyUSR4oObudwagpvADpGq5Zn1CyjWQsx0m2lJ7sJsE7pPtaw; Domain=.secureconv-dl.com; Expires=Tue, 11-Apr-2023 10:33:42 GMT; Path=/; Secure; SameSite=None
gdm_uid_v1_1_001=7X5RKMNf1ky1nFQwsTEUXmeaxBka7nZkyigBasVuVbnCHwv+wKN3GPaDakukKAuK; Domain=.secureconv-dl.com; Expires=Tue, 11-Apr-2023 10:33:42 GMT; Path=/
gdm_sid_v1_3_001=l7W7E1deJLBWB23iwRty8d+BYkplxEdQ8e2kYC0ILkNZittz3uGdTlQzL8gEeorhkJOQfd/JZi+qCgEqBbustRrk2wfF1RkxN4P/czSGOyxL+99SNfH1d8GtuE8+wDQUkBMVbTdAO2GEhIn6Ke27CKFcz09DsfU3FP1arhUbit/JMMEuxk05LO0I8zyUB9jf7p+iX4LYoTnSQDApjid6AvBkUuuZSELKGUI6M3Nf0wCkI43pEnoFB1xOpybxwEWrooiTX4DRBBjLUhDOw5ChPyy7pU4QivE/UXvWIfS+FG8zDtvmKNyhoxbRzTzhXzeU0+595NfhMLjfHuKtD3FCE0Mj/U9C49ijLd4rA6VPIzHbfPh3IwB07OAgXQiwTH/9O87nNw+rMDeAhYbPluxH4fD5ZKnaBe7W0+8Fx11ddXXbGv8Lj0ra+nswBSREvOBwZuWC982v3h0LEhB9niYrsPHX1by2F9cVtNPseQtt/VFAIGCb6aDK/gZJGtNrtpQHysoapB9/oltQE4u/bngYFWUjtOTfYq2BR4wgGIypgp6P7I5FbTu2S55Ne1fbKMg8tYj0sxZ+7OhLJNrEntCDphJrD1i+eytoaOZOysuE5auSszQXF0Y6zgTcMgwc5mG9dpNeek2mnUaVioZe3MDpNdPzGUeKRRdyOZDrd4oG2q/Wlj+hNtKxMVvCQMIM2aQ++kO8jNduRpLi66VeT+fUnlxZm+vfugU/XNce7DYlBwKXVQagAtUPvgnvlHEPaoVylNM5/G5XDLKjK6YdR8zaxccZx+heoPEjqObhUOnGxOu+9RedEOiC2oBQMZKVpc0b3ykE/80MQUcM1SOAvjEn1gP/l8PmxIqg1tIAYVhkegUZL2wjPo5cy2RfviUztBbEQvKKN1GjpdOjkBWIEONwztLBx6EiKpxwOrGG0cpF4CDmkpBGnHR5Eznxcx/Au4KY8rS2V5JKh7BSsRfWpVI/+7hgQnW0XdnzQdrHSh3fefxQfS3Xs0FyYA78zEqUEL6uGPPWG8tNUpA00Calyo+RMoV53fNU5rt90AetnToKbw4=; Domain=.secureconv-dl.com; Expires=Tue, 11-Apr-2023 10:33:42 GMT; Path=/
gdm_click_freq_v1_1_001=H9VE5TFJkUlW96mXbyUSR4oObudwagpvADpGq5Zn1CyjWQsx0m2lJ7sJsE7pPtaw; Domain=.secureconv-dl.com; Expires=Tue, 11-Apr-2023 10:33:42 GMT; Path=/
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.secureconv-dl.com; Expires=Tue, 11-Apr-2023 10:33:42 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=7X5RKMNf1ky1nFQwsTEUXmeaxBka7nZkyigBasVuVbnCHwv+wKN3GPaDakukKAuK; Domain=.secureconv-dl.com; Expires=Tue, 11-Apr-2023 10:33:42 GMT; Path=/; Secure; SameSite=None
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.secureconv-dl.com; Expires=Tue, 11-Apr-2023 10:33:42 GMT; Path=/
gdm_sid_v2_3_001=l7W7E1deJLBWB23iwRty8d+BYkplxEdQ8e2kYC0ILkNZittz3uGdTlQzL8gEeorhkJOQfd/JZi+qCgEqBbustRrk2wfF1RkxN4P/czSGOyxL+99SNfH1d8GtuE8+wDQUkBMVbTdAO2GEhIn6Ke27CKFcz09DsfU3FP1arhUbit/JMMEuxk05LO0I8zyUB9jf7p+iX4LYoTnSQDApjid6AvBkUuuZSELKGUI6M3Nf0wCkI43pEnoFB1xOpybxwEWrooiTX4DRBBjLUhDOw5ChPyy7pU4QivE/UXvWIfS+FG8zDtvmKNyhoxbRzTzhXzeU0+595NfhMLjfHuKtD3FCE0Mj/U9C49ijLd4rA6VPIzHbfPh3IwB07OAgXQiwTH/9O87nNw+rMDeAhYbPluxH4fD5ZKnaBe7W0+8Fx11ddXXbGv8Lj0ra+nswBSREvOBwZuWC982v3h0LEhB9niYrsPHX1by2F9cVtNPseQtt/VFAIGCb6aDK/gZJGtNrtpQHysoapB9/oltQE4u/bngYFWUjtOTfYq2BR4wgGIypgp6P7I5FbTu2S55Ne1fbKMg8tYj0sxZ+7OhLJNrEntCDphJrD1i+eytoaOZOysuE5auSszQXF0Y6zgTcMgwc5mG9dpNeek2mnUaVioZe3MDpNdPzGUeKRRdyOZDrd4oG2q/Wlj+hNtKxMVvCQMIM2aQ++kO8jNduRpLi66VeT+fUnlxZm+vfugU/XNce7DYlBwKXVQagAtUPvgnvlHEPaoVylNM5/G5XDLKjK6YdR8zaxccZx+heoPEjqObhUOnGxOu+9RedEOiC2oBQMZKVpc0b3ykE/80MQUcM1SOAvjEn1gP/l8PmxIqg1tIAYVhkegUZL2wjPo5cy2RfviUztBbEQvKKN1GjpdOjkBWIEONwztLBx6EiKpxwOrGG0cpF4CDmkpBGnHR5Eznxcx/Au4KY8rS2V5JKh7BSsRfWpVI/+7hgQnW0XdnzQdrHSh3fefxQfS3Xs0FyYA78zEqUEL6uGPPWG8tNUpA00Calyo+RMoV53fNU5rt90AetnToKbw4=; Domain=.secureconv-dl.com; Expires=Tue, 11-Apr-2023 10:33:42 GMT; Path=/; Secure; SameSite=None
gdm_click_adv_freq_v1_1_001=WGP2hL1mCj4amHrx09xyl3wi0YlO/fIJn03nLAHI3nyLmy/H3sofR4xm/+LI70dE; Domain=.secureconv-dl.com; Expires=Tue, 11-Apr-2023 10:33:42 GMT; Path=/
gdm_click_adv_freq_v2_1_001=WGP2hL1mCj4amHrx09xyl3wi0YlO/fIJn03nLAHI3nyLmy/H3sofR4xm/+LI70dE; Domain=.secureconv-dl.com; Expires=Tue, 11-Apr-2023 10:33:42 GMT; Path=/; Secure; SameSite=None
content-language: en-US
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 10:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 10:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://holidaycat.icu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 18:52:41 GMT
expires: Tue, 09 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 142864
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8fd66b8e96104bc2bac4a44176e68beb2099a&sub1=163389&sub2=

35.190.38.40

200 OK

18 kB

URL HTTP/2
adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8fd66b8e96104bc2bac4a44176e68beb2099a&sub1=163389&sub2=
IP
35.190.38.40:0
ASN
#15169 GOOGLE

File type
data
Size
18 kB (18478 bytes)
Hash
9ced57ab1da6604b5efd45cd352c83b4
ef64ec97bda8b4069f49a7e7928b1e84d0e7d578
319d0656c043584edddc4c71efee09eff2220dd2131f2fd9efa1a7216c127777

HTTP Headers

GET /jump/next.php?r=6536622&pub_clickid=8fd66b8e96104bc2bac4a44176e68beb2099a&sub1=163389&sub2= HTTP/1.1
Host: adspredictiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0.majorilink.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Wed, 11 Jan 2023 10:33:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 10:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

festucilqua1986.netlify.app/

35.246.229.114

200 OK

0 B

URL HTTP/2
festucilqua1986.netlify.app/
IP
35.246.229.114:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: festucilqua1986.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Referer: https://festucilqua1986.netlify.app/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 11 Jan 2023 10:33:41 GMT
etag: "1759c4248c4e171f2e49bfb43919ed92-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPG691WSW9HZSJRT61T9CQ7V
X-Firefox-Spdy: h2

festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html

35.246.229.114

200 OK

0 B

URL HTTP/2
festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html
IP
35.246.229.114:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /what-does-contrasena-mean-in-english.html HTTP/1.1
Host: festucilqua1986.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 11 Jan 2023 10:33:40 GMT
etag: "04b351425f06b571d1701877fc89b49b-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPG690WXNWYZVTDAKTXY0C4C
X-Firefox-Spdy: h2

festucilqua1986.netlify.app/styles.css

35.246.229.114

200 OK

0 B

URL HTTP/2
festucilqua1986.netlify.app/styles.css
IP
35.246.229.114:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /styles.css HTTP/1.1
Host: festucilqua1986.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Wed, 11 Jan 2023 10:33:40 GMT
etag: "9de8aa96e66891e540bf6b7b66843734-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPG6915H07Q9N5ND7CYXMQE6
X-Firefox-Spdy: h2

festucilqua1986.netlify.app/favicon.ico

35.246.229.114

404 Not Found

0 B

URL HTTP/2
festucilqua1986.netlify.app/favicon.ico
IP
35.246.229.114:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: festucilqua1986.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://festucilqua1986.netlify.app/what-does-contrasena-mean-in-english.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 11 Jan 2023 10:33:41 GMT
etag: 1621241414-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPG69230DKCVCPQTNYH808JQ
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,300,700|Roboto+Condensed:300,400

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,300,700|Roboto+Condensed:300,400
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,300,700|Roboto+Condensed:300,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holidaycat.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 10:33:44 GMT
date: Wed, 11 Jan 2023 10:33:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

majorworkertop.com/sw/w_1.js

51.15.17.111

200 OK

0 B

URL HTTP/2
majorworkertop.com/sw/w_1.js
IP
51.15.17.111:0
ASN
#12876 Online S.a.s.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/w_1.js HTTP/1.1
Host: majorworkertop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.majorilink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 10:33:42 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Thu, 11 Jan 2024 10:33:42 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

adspredictiv.com/jump/next.php?stamat=m%257CESIiZnYjaQdHkAH0dEdHP3xP.ee4%252C7H0PozvLiGV-YkDx825CHmhacHsGM3t65scGSs1vGqCDAuT5KuIpXpcjMwJ1cdS3GbtwsxA8tl97F84Y7R49uOD8f27R_eKNYSZRAAW_WNV0WK6kD3vuGMD7rpa7GqxLpaAX80Qq0XJVVxmWpgj0zA%252C%252C&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8fd66b8e96104bc2bac4a44176e68beb2099a&sub1=163389&sub2=&cbur=0.13355691705332806&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=https%3A%2F%2F0.majorilink.com%2F

35.190.38.40

302 Found

0 B

URL HTTP/2
adspredictiv.com/jump/next.php?stamat=m%257CESIiZnYjaQdHkAH0dEdHP3xP.ee4%252C7H0PozvLiGV-YkDx825CHmhacHsGM3t65scGSs1vGqCDAuT5KuIpXpcjMwJ1cdS3GbtwsxA8tl97F84Y7R49uOD8f27R_eKNYSZRAAW_WNV0WK6kD3vuGMD7rpa7GqxLpaAX80Qq0XJVVxmWpgj0zA%252C%252C&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8fd66b8e96104bc2bac4a44176e68beb2099a&sub1=163389&sub2=&cbur=0.13355691705332806&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=https%3A%2F%2F0.majorilink.com%2F
IP
35.190.38.40:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jump/next.php?stamat=m%257CESIiZnYjaQdHkAH0dEdHP3xP.ee4%252C7H0PozvLiGV-YkDx825CHmhacHsGM3t65scGSs1vGqCDAuT5KuIpXpcjMwJ1cdS3GbtwsxA8tl97F84Y7R49uOD8f27R_eKNYSZRAAW_WNV0WK6kD3vuGMD7rpa7GqxLpaAX80Qq0XJVVxmWpgj0zA%252C%252C&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8fd66b8e96104bc2bac4a44176e68beb2099a&sub1=163389&sub2=&cbur=0.13355691705332806&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=https%3A%2F%2F0.majorilink.com%2F HTTP/1.1
Host: adspredictiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 11 Jan 2023 10:33:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://adspredictiv.com/script/i.php?stamat=m%257C%252C%252CAjfvYiIuoGU3BJ-GH0dEdHP3xP.009%252CPzjfEOiPyUqHeGzBaV_DR2hLichkw52IB8MWzzO6BreZTXfPdAKlnmUKnvHm7mz5EjZOhB4_DLIT7KocxtXpJX-BT26iu0K63J2HxyoiTYY1lHsQYJp04Ows82IL6La7AMFS808rEj0RZZ6ZCJpwxu-LZ6BGJwId2_l4jlpSuGxBYbjocNlYXcMXFO5zgmF9o7MDtOrEJ2fc6Wl4JFnq6a4JTDatjfDcRMMFWdso_0ws6JGDc4-VL698cjPyKbkuJFJOqXw06hNX1JSneUMvaE3aatM77pyRdliTfZs_7FDB5RFS80vvPIs5FGSMmY54M3bGAtkydyAQ07mhtsqWF-kNwbcos4CVnObkVcOt-akJIy73Whfv1i6syuh8HcTbLGqAkIwCPIn3K7kQAGSIu6QOHMdD92EYy0lwV8gciXI99bmFhmgDln_UsQ6Cp0LgatHWwtf1WVs3ny160zTO1Xj-GErie8qTY-7Q7gvaMWvFfdsKcdFwva053l_rWBlNcn6c6EKBSTBEPKhXvXK9Er2fv1EB1n2JwwG6lmPGQEbNoiZgOT9rSYNTGfdbN4DcC13321bhe14JDPVCQCjvK1pMVx0rTHLmqMcjjtrjP4j9lJMVM_YeKDct2xyVa4DtJQPfg0mhQZh-t82Mxn9FxQ%252C%252C
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

adspredictiv.com/script/i.php?stamat=m%257C%252C%252CAjfvYiIuoGU3BJ-GH0dEdHP3xP.009%252CPzjfEOiPyUqHeGzBaV_DR2hLichkw52IB8MWzzO6BreZTXfPdAKlnmUKnvHm7mz5EjZOhB4_DLIT7KocxtXpJX-BT26iu0K63J2HxyoiTYY1lHsQYJp04Ows82IL6La7AMFS808rEj0RZZ6ZCJpwxu-LZ6BGJwId2_l4jlpSuGxBYbjocNlYXcMXFO5zgmF9o7MDtOrEJ2fc6Wl4JFnq6a4JTDatjfDcRMMFWdso_0ws6JGDc4-VL698cjPyKbkuJFJOqXw06hNX1JSneUMvaE3aatM77pyRdliTfZs_7FDB5RFS80vvPIs5FGSMmY54M3bGAtkydyAQ07mhtsqWF-kNwbcos4CVnObkVcOt-akJIy73Whfv1i6syuh8HcTbLGqAkIwCPIn3K7kQAGSIu6QOHMdD92EYy0lwV8gciXI99bmFhmgDln_UsQ6Cp0LgatHWwtf1WVs3ny160zTO1Xj-GErie8qTY-7Q7gvaMWvFfdsKcdFwva053l_rWBlNcn6c6EKBSTBEPKhXvXK9Er2fv1EB1n2JwwG6lmPGQEbNoiZgOT9rSYNTGfdbN4DcC13321bhe14JDPVCQCjvK1pMVx0rTHLmqMcjjtrjP4j9lJMVM_YeKDct2xyVa4DtJQPfg0mhQZh-t82Mxn9FxQ%252C%252C

35.190.38.40

302 Found

0 B

URL HTTP/2
adspredictiv.com/script/i.php?stamat=m%257C%252C%252CAjfvYiIuoGU3BJ-GH0dEdHP3xP.009%252CPzjfEOiPyUqHeGzBaV_DR2hLichkw52IB8MWzzO6BreZTXfPdAKlnmUKnvHm7mz5EjZOhB4_DLIT7KocxtXpJX-BT26iu0K63J2HxyoiTYY1lHsQYJp04Ows82IL6La7AMFS808rEj0RZZ6ZCJpwxu-LZ6BGJwId2_l4jlpSuGxBYbjocNlYXcMXFO5zgmF9o7MDtOrEJ2fc6Wl4JFnq6a4JTDatjfDcRMMFWdso_0ws6JGDc4-VL698cjPyKbkuJFJOqXw06hNX1JSneUMvaE3aatM77pyRdliTfZs_7FDB5RFS80vvPIs5FGSMmY54M3bGAtkydyAQ07mhtsqWF-kNwbcos4CVnObkVcOt-akJIy73Whfv1i6syuh8HcTbLGqAkIwCPIn3K7kQAGSIu6QOHMdD92EYy0lwV8gciXI99bmFhmgDln_UsQ6Cp0LgatHWwtf1WVs3ny160zTO1Xj-GErie8qTY-7Q7gvaMWvFfdsKcdFwva053l_rWBlNcn6c6EKBSTBEPKhXvXK9Er2fv1EB1n2JwwG6lmPGQEbNoiZgOT9rSYNTGfdbN4DcC13321bhe14JDPVCQCjvK1pMVx0rTHLmqMcjjtrjP4j9lJMVM_YeKDct2xyVa4DtJQPfg0mhQZh-t82Mxn9FxQ%252C%252C
IP
35.190.38.40:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /script/i.php?stamat=m%257C%252C%252CAjfvYiIuoGU3BJ-GH0dEdHP3xP.009%252CPzjfEOiPyUqHeGzBaV_DR2hLichkw52IB8MWzzO6BreZTXfPdAKlnmUKnvHm7mz5EjZOhB4_DLIT7KocxtXpJX-BT26iu0K63J2HxyoiTYY1lHsQYJp04Ows82IL6La7AMFS808rEj0RZZ6ZCJpwxu-LZ6BGJwId2_l4jlpSuGxBYbjocNlYXcMXFO5zgmF9o7MDtOrEJ2fc6Wl4JFnq6a4JTDatjfDcRMMFWdso_0ws6JGDc4-VL698cjPyKbkuJFJOqXw06hNX1JSneUMvaE3aatM77pyRdliTfZs_7FDB5RFS80vvPIs5FGSMmY54M3bGAtkydyAQ07mhtsqWF-kNwbcos4CVnObkVcOt-akJIy73Whfv1i6syuh8HcTbLGqAkIwCPIn3K7kQAGSIu6QOHMdD92EYy0lwV8gciXI99bmFhmgDln_UsQ6Cp0LgatHWwtf1WVs3ny160zTO1Xj-GErie8qTY-7Q7gvaMWvFfdsKcdFwva053l_rWBlNcn6c6EKBSTBEPKhXvXK9Er2fv1EB1n2JwwG6lmPGQEbNoiZgOT9rSYNTGfdbN4DcC13321bhe14JDPVCQCjvK1pMVx0rTHLmqMcjjtrjP4j9lJMVM_YeKDct2xyVa4DtJQPfg0mhQZh-t82Mxn9FxQ%252C%252C HTTP/1.1
Host: adspredictiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 11 Jan 2023 10:33:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://trk.glasssmash.site/j79xu4?title=SETUP%20FILE&t=download_o1&source=6536622-3702259960-0&click_id=167343322310000TNOTV415326358024Vb4
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

holidaycat.icu/images/generalbundle.css

172.67.179.73

200 OK

0 B

URL HTTP/2
holidaycat.icu/images/generalbundle.css
IP
172.67.179.73:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/generalbundle.css HTTP/1.1
Host: holidaycat.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holidaycat.icu/2294e00b66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 11 Jan 2023 10:33:44 GMT
content-type: text/css
last-modified: Mon, 10 Jan 2022 19:22:59 GMT
etag: W/"61dc8793-66b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3804
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMgUXwaLWjaA3ReY%2FdKXfvguDN%2F72YfYRgqfgCXmxqd6QHpBxScnNPmXdlNKjkOZx6MJe9CKvz%2FHhDLViZ1s%2B%2FY8%2BXB9CBpDw%2F5dCsYbtVcz1J1vtqF%2FMvPLRRrk5YhJtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787cfef5fce0b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

yourjsdelivery.com/dl.min.js

172.67.73.213

200 OK

0 B

URL HTTP/2
yourjsdelivery.com/dl.min.js
IP
172.67.73.213:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dl.min.js HTTP/1.1
Host: yourjsdelivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holidaycat.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 11 Jan 2023 10:33:44 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXOPfaSuPkNyLsHrEsns1N56Pw2M9Fub7A5O8J8eiujW3ntboED0CvAdbW0IARo4HwSt%2FJeBYyhnnGCzrdKRgfPhgIK3Z3DwzHbNXJuShXwZaW%2FxLaoasnHmZ0yzYX%2FP2DhTjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787cfef65849b523-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations