| 1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0= | 94.237.93.242 | 301 Moved Permanently | 162 B |
URL HTTP/1.11d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0= IP94.237.93.242:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0= HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Sep 2022 06:48:51 GMT
Content-Type: text/html
Content-Length: 162
Location: https://1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0=
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.36 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash91dd975a7b17b2922dd23c0e49314e40 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 06:06:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SVq50Pl2n7sv9sGW5TvsdE7PCFGiNvk9RZW7M_z6chXtaZmlMOwUqA==
Age: 2545
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf55e483f32b3fd50b1a2414aaada9b61 9d6b22edb98866e002e3b1ace44dfb0f8d00935f 4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4887
Expires: Sat, 10 Sep 2022 08:10:18 GMT
Date: Sat, 10 Sep 2022 06:48:51 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.49 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.49:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Fri, 09 Sep 2022 07:17:12 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: s-f97YotZ3clUEjYxXnC7xsXDPFHnf3N9eLNuqcwcglxowXauwNE4Q==
age: 84700
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash04c6d552c555c25ae124b019c57af690 c05e3ce6f485095c53fbe5b4219088824acf6a83 ea06d08e947f82117cc894a04d362c6d6a38eae9a19fde2368d124196c43543e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA06D08E947F82117CC894A04D362C6D6A38EAE9A19FDE2368D124196C43543E"
Last-Modified: Thu, 08 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17385
Expires: Sat, 10 Sep 2022 11:38:36 GMT
Date: Sat, 10 Sep 2022 06:48:51 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/img/landers/squid-game/logo.png | 94.237.93.242 | 200 OK | 2.3 kB |
URL HTTP/21d6ce0440a1.prizessites.net/img/landers/squid-game/logo.png IP94.237.93.242:0
File typePNG image data, 302 x 157, 4-bit colormap, non-interlaced\012- data Hash7910e3010f23bdc5bd6184b1b7014bda 9d806120743d66bbb4e4c8e32bb9f4583b86d8b0 9f7d4629cd5c5ce7e149cc2807e0ff99c12ce0a0e7ae9f36fe8ef2f743ba6a50
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /img/landers/squid-game/logo.png HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0=
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: image/png
content-length: 2282
last-modified: Tue, 06 Sep 2022 07:05:09 GMT
etag: "6316f125-8ea"
expires: Sun, 10 Sep 2023 06:48:51 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/img/prizes/iphone-13-pro-max/default@0.75x.png | 94.237.93.242 | 200 OK | 12 kB |
URL HTTP/21d6ce0440a1.prizessites.net/img/prizes/iphone-13-pro-max/default@0.75x.png IP94.237.93.242:0
File typePNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data Hash67668c05ba6bb6196a38c9abeb567a78 059bcaf8ffb9fd52741ec3fd0b0fc30891faa2a9 f314aa1a1cc18201e581f3f2976ea022da3c03714b15c0a06113ab3e59d34a46
GET /img/prizes/iphone-13-pro-max/default@0.75x.png HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0=
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: image/png
content-length: 12235
last-modified: Tue, 06 Sep 2022 07:03:15 GMT
etag: "6316f0b3-2fcb"
expires: Sun, 10 Sep 2023 06:48:51 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/img/landers/squid-game/doll.png | 94.237.93.242 | 200 OK | 6.9 kB |
URL HTTP/21d6ce0440a1.prizessites.net/img/landers/squid-game/doll.png IP94.237.93.242:0
File typePNG image data, 151 x 164, 8-bit colormap, non-interlaced\012- data Hashe03b18dd65166a1b11560ba89a49edde 4dc9b645d6b2a8b01d54a12419926c2bf1b5da94 878bbc0fcd4396f4720ca77b520482e0b2b09b85a6f9fa8593d78c5001b64789
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /img/landers/squid-game/doll.png HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0=
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: image/png
content-length: 6862
last-modified: Tue, 06 Sep 2022 07:05:09 GMT
etag: "6316f125-1ace"
expires: Sun, 10 Sep 2023 06:48:51 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/img/landers/squid-game/symbols.png | 94.237.93.242 | 200 OK | 2.1 kB |
URL HTTP/21d6ce0440a1.prizessites.net/img/landers/squid-game/symbols.png IP94.237.93.242:0
File typePNG image data, 464 x 144, 4-bit colormap, non-interlaced\012- data Hashb4095cc95c1c679a27291e45476a34ab d979867db19527805b26d4d1bef593cadcdd6d7d c8a718e061197c88f27d4eadb62d98f66e69d2aaf8a7981b73add37e63c08545
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /img/landers/squid-game/symbols.png HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0=
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: image/png
content-length: 2117
last-modified: Tue, 06 Sep 2022 07:05:09 GMT
etag: "6316f125-845"
expires: Sun, 10 Sep 2023 06:48:51 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0= | 94.237.93.242 | 200 OK | 26 kB |
URL HTTP/21d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0= IP94.237.93.242:0
Hasheb5e4a54350e97ab0f0614a14a92e089 5f7d9c18fa810feb4867393b67d161ee2a892d49 8aa95831e00023ebb0ce3ca6cc130299e798699d0877942a4018dcb5050dff87
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0= HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Sat, 10 Sep 2022 06:48:51 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; expires=Sat, 10-Sep-2022 08:48:51 GMT; Max-Age=7200; path=/
traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; expires=Sat, 10-Sep-2022 08:48:51 GMT; Max-Age=7200; path=/; httponly
Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D; expires=Sat, 10-Sep-2022 08:48:51 GMT; Max-Age=7200; path=/; httponly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/css/app.css?id=2fbe2d9a9a40ca9b2489 | 94.237.93.242 | 200 OK | 559 B |
URL HTTP/21d6ce0440a1.prizessites.net/css/app.css?id=2fbe2d9a9a40ca9b2489 IP94.237.93.242:0
Hash418771927527efb251c547a1427b7eb1 73dac3c3e8a1e1a467b7a10fae658b11798cc6ba 9e25f376f859a19a7857ccb94723465c60d654aafba2157582deaf707689e8f3
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /css/app.css?id=2fbe2d9a9a40ca9b2489 HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0=
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: text/css
last-modified: Tue, 06 Sep 2022 07:05:09 GMT
vary: Accept-Encoding
etag: W/"6316f125-45"
expires: Sun, 10 Sep 2023 06:48:51 GMT
pragma: public
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashf1fa8224847ea7d9b4dc8e598fae4142 cb703a2944e58d97dd48a7e56ee9f4510ced78b4 920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| 1d6ce0440a1.prizessites.net/img/landers/squid-game/background.jpg | 94.237.93.242 | 200 OK | 16 kB |
URL HTTP/21d6ce0440a1.prizessites.net/img/landers/squid-game/background.jpg IP94.237.93.242:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x816, components 3\012- data Hash7c2f092180d014b587fbbb64aec1a03e 1228677b10aeca9d15bf5b19c5bde6a074e324b6 1b69cd7be7e209492aa1153763788d4c282d06332acd60de1e0cfbfdd6d8c969
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /img/landers/squid-game/background.jpg HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/css/landers/squid-game/app.css?id=ffeb130bc020daad465f
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: image/jpeg
content-length: 16370
last-modified: Tue, 06 Sep 2022 07:05:09 GMT
etag: "6316f125-3ff2"
expires: Sun, 10 Sep 2023 06:48:51 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashebc205cf750164c31d1fce2318d1636b 9309949107d69193b1c5156d45fbcc91e20a0fe4 4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 8.0 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1d6ce0440a1.prizessites.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:59 GMT
expires: Thu, 07 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 213472
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.36 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 05:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 06:01:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OT3RQAyvSe1S_LronCvSzHzU2zU5KVi7Et4fXgGX0V4zXHjCAlu3vQ==
Age: 3164
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashec2991b9d037e9a24dbb5dc8631894ba 9f3be2bca2241e51c187aae4489fcd1c0339961c 83148e54c477cba6d18a6745af3d2609e7ffa74b540a78bb813a3726475631f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83148E54C477CBA6D18A6745AF3D2609E7FFA74B540A78BB813A3726475631F4"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21469
Expires: Sat, 10 Sep 2022 12:46:40 GMT
Date: Sat, 10 Sep 2022 06:48:51 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashebc205cf750164c31d1fce2318d1636b 9309949107d69193b1c5156d45fbcc91e20a0fe4 4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jeejujou.net/zone?pub=0&zone_id=3091770&is_mobile=false&domain=1d6ce0440a1.prizessites.net&var=&ymid=&var_3= | 139.45.197.250 | 200 OK | 720 B |
URL HTTP/2jeejujou.net/zone?pub=0&zone_id=3091770&is_mobile=false&domain=1d6ce0440a1.prizessites.net&var=&ymid=&var_3= IP139.45.197.250:0
File typeJSON data\012- , ASCII text, with very long lines (719) Hashe9ff5f3b85eb853ce2e164cd07989bef 642efbddd6ce64e8e5b4b70b3e7bb7690162f26b 33435c94f6a7d527bf29e0e2ca983e4e6213c43d974b1e6539a7dfb2095cf6e6
GET /zone?pub=0&zone_id=3091770&is_mobile=false&domain=1d6ce0440a1.prizessites.net&var=&ymid=&var_3= HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1d6ce0440a1.prizessites.net/
Origin: https://1d6ce0440a1.prizessites.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: application/json; charset=utf-8
content-length: 720
x-trace-id: 811ef543e33d81e5a7824a8cd4101261
access-control-allow-origin: https://1d6ce0440a1.prizessites.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd0c56e0b2955a5dd7f37ba4bbf5727b4 f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b 99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3144
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:48:52 GMT
Last-Modified: Sat, 10 Sep 2022 05:56:28 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
|
|
| jeejujou.net/custom | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1d6ce0440a1.prizessites.net/
Origin: https://1d6ce0440a1.prizessites.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://1d6ce0440a1.prizessites.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| jeejujou.net/custom | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1d6ce0440a1.prizessites.net/
Origin: https://1d6ce0440a1.prizessites.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://1d6ce0440a1.prizessites.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/img/landers/squid-game/cardboard.jpg | 94.237.93.242 | 200 OK | 1.9 kB |
URL HTTP/21d6ce0440a1.prizessites.net/img/landers/squid-game/cardboard.jpg IP94.237.93.242:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 284x217, components 3\012- data Hash7a7e336446b1597be7e00e91091b8bc6 24f1b787ac2552c29881fbe69669cbb377ab5f85 43cd137089a9dc62774c57dfc55e14ea6cff5453a5fba0f0c29df9fc18ab7642
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /img/landers/squid-game/cardboard.jpg HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/css/landers/squid-game/app.css?id=ffeb130bc020daad465f
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: image/jpeg
content-length: 1912
last-modified: Tue, 06 Sep 2022 07:05:09 GMT
etag: "6316f125-778"
expires: Sun, 10 Sep 2023 06:48:52 GMT
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| jeejujou.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1d6ce0440a1.prizessites.net/
Content-Type: application/json
Origin: https://1d6ce0440a1.prizessites.net
Content-Length: 1143
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6b03fd6e3841c9bf349a5262d9f8e16e
access-control-allow-origin: https://1d6ce0440a1.prizessites.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jeejujou.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1d6ce0440a1.prizessites.net/
Content-Type: application/json
Origin: https://1d6ce0440a1.prizessites.net
Content-Length: 1521
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7756a656bdeced878a041f2687f7b6ed
access-control-allow-origin: https://1d6ce0440a1.prizessites.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jeejujou.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1d6ce0440a1.prizessites.net/
Content-Type: application/json
Origin: https://1d6ce0440a1.prizessites.net
Content-Length: 1151
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 559b313a0bb27f310eb28cade307369f
access-control-allow-origin: https://1d6ce0440a1.prizessites.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.39.57.61 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.39.57.61:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z74eLHL9XBsjEnMtRoAUAg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: F6ueWZpQT9uN8duYr6jYxumcy0s=
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash5b36f6508bf779a395d4b559b41d267d a653f55ef7e337bd259cd76d14fe2adc91c11603 91e3696c53649e8d76b738dca29ed03b8b935f9fc230c735d2fd729428742605
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 06:48:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=473187,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7486386f7a3a0b02-OSL
|
|
| my.rtmark.net/gid.js?pub=0&userId=c8ba2fc8fdc34039a150d72281c80139&zoneId=3091770&checkDuplicate=true&ymid=&var= | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?pub=0&userId=c8ba2fc8fdc34039a150d72281c80139&zoneId=3091770&checkDuplicate=true&ymid=&var= IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash9d30844ace6eb486f60428bff752c510 70fba6095c0d4b4d208ec7e1fb40f28b8498a6b1 4311c383455abe2ea2e64a8142f630b5d1079c8a12b4234ca9f9894316643826
GET /gid.js?pub=0&userId=c8ba2fc8fdc34039a150d72281c80139&zoneId=3091770&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1d6ce0440a1.prizessites.net/
Origin: https://1d6ce0440a1.prizessites.net
Connection: keep-alive
Cookie: ID=b3465ccb103846258e8f7c29bbfb035f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://1d6ce0440a1.prizessites.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b3465ccb103846258e8f7c29bbfb035f; expires=Sun, 10 Sep 2023 06:48:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| jeejujou.net/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1d6ce0440a1.prizessites.net/
Origin: https://1d6ce0440a1.prizessites.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://1d6ce0440a1.prizessites.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| jeejujou.net/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:0
File typeJSON data\012- , ASCII text Hash77613ee6320a8ca24362e9e7b947da79 60463e32f45140d5851255bb9d10d696e2339c6b 6e52c715c9c7ecda0fe3481300a5d8b903146cf06a324b3e1b3f502d697d9e9f
POST /event HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1d6ce0440a1.prizessites.net/
Content-Type: application/json
Origin: https://1d6ce0440a1.prizessites.net
Content-Length: 433
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:53 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: c2e37efbba1c1a62fe8e772c6b647cd3
access-control-allow-origin: https://1d6ce0440a1.prizessites.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe0fbe5627b19e9ad7ad4d40c96514ae9 d9d361271987c5947d96ddacc67efb3f3a32bbd3 48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2662
Expires: Sat, 10 Sep 2022 07:33:15 GMT
Date: Sat, 10 Sep 2022 06:48:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe0fbe5627b19e9ad7ad4d40c96514ae9 d9d361271987c5947d96ddacc67efb3f3a32bbd3 48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2662
Expires: Sat, 10 Sep 2022 07:33:15 GMT
Date: Sat, 10 Sep 2022 06:48:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe0fbe5627b19e9ad7ad4d40c96514ae9 d9d361271987c5947d96ddacc67efb3f3a32bbd3 48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2662
Expires: Sat, 10 Sep 2022 07:33:15 GMT
Date: Sat, 10 Sep 2022 06:48:53 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1abac18a85802f38f08561ac64020b55 afbc7666fa0b2093ef0c5d9a955d54d139c09b30 eae7f28dd178293939ecd81082ab68ae6098bb3cb1f1fe9411c38314ddb0f944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9610
x-amzn-requestid: 34102145-abda-4987-a68d-9069496366ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj0oF7loAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb350-52aee64214c814812c03262e;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 91AsC8-zVFCOPHFb2qnlTev2aXzdCEDYtc68JtYYsQSKS7OFF4QzgQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:59:50 GMT
age: 31743
etag: "afbc7666fa0b2093ef0c5d9a955d54d139c09b30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp | 34.120.237.76 | 200 OK | 14 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash412441a2a064555c5d7f1400c2741360 7532d9543b93248891324e07e8edff10a36d174d 421b3e9db572f1077abd4ef2748696b38a4117e33db6ae0b5fa46841afa2693f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14312
x-amzn-requestid: 4d301754-9ed3-401f-9ad5-1862533d7559
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj5wGowIAMF4WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb371-7729383d0bc0f729231ad5b8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:43:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QWNGLaXe2lZ7niw6TU6KUOuMnWi-Ml3hkw6WLB8vD_jWsg5YMuFWbw==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:54:57 GMT
age: 32036
etag: "7532d9543b93248891324e07e8edff10a36d174d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe2ed199f1cb98d32690c0b5c1fa90643 96f3088f1361a8c7a62e36f99b4c58c49a750f95 b2e52fa2d41478c8a23892bed1051bcde3c4a937350b149e65a35ef37cf7c4bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8675
x-amzn-requestid: a28b0b64-d536-4bc2-b659-f8255e9f73b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XfXe8HEUIAMFiag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309392c-032fdc54025b8fbe21987a57;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 21:20:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wPBavm-n6W61qqQYyw1bFmh6eqPnVeCDfE3MS-yUB0phzf9wujSghA==
via: 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 06:32:41 GMT
age: 972
etag: "96f3088f1361a8c7a62e36f99b4c58c49a750f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe8f11aeba65478b039cfb4100aa23435 88db17a82ea0207ccb4826c2961875c5106b427a 6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 30910
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp | 34.120.237.76 | 200 OK | 4.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash71bafbee3867c04c3712ff98a123d52c ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf 58ff1700e0b125caefb73719e2b3d734b2fbcc5ed1aabe5a11bb73b43edab831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4477
x-amzn-requestid: bbdca46e-5628-4faf-a0fe-ea1b5b39ac2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzaHrIoAMF-iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb348-567e946e7cf77f2e11c17c97;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a0AyKhmYA7WPwciU2nTXwyChZV_riw1QsqI_giBIcdZhi3Nz4jM0Sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:59:11 GMT
age: 31782
etag: "ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash572d8ed935df86fde22138e8bfddfd9f 3b25ffe66a762ea032c05b149a29fe0d6faa3687 866c2b16919ab311f906c4e8a074fd93b46f74408c9e2c9a4c30310afa08f047
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9981
x-amzn-requestid: 1a34423c-b2d9-4ae3-a437-eb5717334372
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkiSGjloAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb474-00c79a927f7f7d5d70791b68;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:47:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jwkD86lz1SUQE__IGBv9RINc-LON017wkTpW7g0ePcMtssqd_POtpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:41 GMT
age: 30912
etag: "3b25ffe66a762ea032c05b149a29fe0d6faa3687"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| jeejujou.net/pfe/current/tag.min.js?z=3091770 | 139.45.197.250 | 200 OK | 0 B |
URL HTTP/2jeejujou.net/pfe/current/tag.min.js?z=3091770 IP139.45.197.250:0
GET /pfe/current/tag.min.js?z=3091770 HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-3a38"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jeejujou.net/pfe/current/universal.min.js?v=3.1.392 | 139.45.197.250 | 200 OK | 0 B |
URL HTTP/2jeejujou.net/pfe/current/universal.min.js?v=3.1.392 IP139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.392 HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1d6ce0440a1.prizessites.net/
Origin: https://1d6ce0440a1.prizessites.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-20481"
access-control-allow-origin: https://1d6ce0440a1.prizessites.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/js/private.js?id=3bbacd180255e91f507b | 94.237.93.242 | 200 OK | 0 B |
URL HTTP/21d6ce0440a1.prizessites.net/js/private.js?id=3bbacd180255e91f507b IP94.237.93.242:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /js/private.js?id=3bbacd180255e91f507b HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0=
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 06 Sep 2022 07:05:09 GMT
vary: Accept-Encoding
etag: W/"6316f125-30d39"
expires: Sun, 10 Sep 2023 06:48:51 GMT
pragma: public
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto+Mono:wght@500&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto+Mono:wght@500&display=swap IP142.250.74.10:0
GET /css2?family=Poppins:wght@600&family=Roboto+Mono:wght@500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Sep 2022 06:48:51 GMT
date: Sat, 10 Sep 2022 06:48:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/js/app.js?id=d75b4cfe9b4f0f2f3a56 | 94.237.93.242 | 200 OK | 0 B |
URL HTTP/21d6ce0440a1.prizessites.net/js/app.js?id=d75b4cfe9b4f0f2f3a56 IP94.237.93.242:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /js/app.js?id=d75b4cfe9b4f0f2f3a56 HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0=
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 06 Sep 2022 07:05:09 GMT
vary: Accept-Encoding
etag: W/"6316f125-4891"
expires: Sun, 10 Sep 2023 06:48:51 GMT
pragma: public
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/js/landers/squid-game/app.js?id=fa89b2f912da0891b7b4 | 94.237.93.242 | 200 OK | 0 B |
URL HTTP/21d6ce0440a1.prizessites.net/js/landers/squid-game/app.js?id=fa89b2f912da0891b7b4 IP94.237.93.242:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /js/landers/squid-game/app.js?id=fa89b2f912da0891b7b4 HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0=
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 06 Sep 2022 07:05:09 GMT
vary: Accept-Encoding
etag: W/"6316f125-185d1"
expires: Sun, 10 Sep 2023 06:48:51 GMT
pragma: public
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/css/landers/squid-game/app.css?id=ffeb130bc020daad465f | 94.237.93.242 | 200 OK | 0 B |
URL HTTP/21d6ce0440a1.prizessites.net/css/landers/squid-game/app.css?id=ffeb130bc020daad465f IP94.237.93.242:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /css/landers/squid-game/app.css?id=ffeb130bc020daad465f HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/squid-game?ctrack=1662792517.473428190&traffic=eyJpdiI6Iis4XC91R0U4c3NROU1NQjhOQ2ZWaytnPT0iLCJ2YWx1ZSI6Ik1KMWRLblN6d2EwcGxEWTRseEdxXC9hc0hoaksrbGtFSm1iTVQ2aHJINEhxaVVPaFhcL0pKUUFtYzRld0ZsXC9ZM0YiLCJtYWMiOiI1NzRmZWEwMWY0ZTJmN2Q3M2YyNDVhMjVmYzY5YzZjOGY4OGJmMGEyYWUwM2I0YmQ0MTY0ODhlODg5MGU4NzhkIn0=&out=eyJpdiI6ImJ2YWVQb1V2UlFtK084UE03WFVLcHc9PSIsInZhbHVlIjoiSE5OaWw3QndWZ1gzZ3djNHc2U1ZNS1VaNE1neEwxcW1wZElRaUx0bXJiQ1ZsNTA0XC9OMXFSZ2VaaytEckZUXC9HQ1wvUFlhQW1NQ0FMV0hTbStjclFUV0hGUzRXcmlhbCtcL2tLWmhhREFEMHJNKytTcVwvSElxYWpZRzlKQ3FndnlacER5d2RhTUhib2I4eUVRbEc4V0lUSDNMM0tNS0dJZTNFY0QreDNSR0RGKzE2NTFrNWlHNFUzZUNoMFVNS1FLNHJ3bTJpaEVhZXVRbGlCakc3eFByaFBBPT0iLCJtYWMiOiIxNmE4ZmVlZjY1NGQxYmUwZTRjNjkwNGFlMjdlOGVjYTIwYjgwZWZiYTk1N2U2NDZkN2Q1MDZhYjUyZWUxM2U3In0=
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:51 GMT
content-type: text/css
last-modified: Tue, 06 Sep 2022 07:05:09 GMT
vary: Accept-Encoding
etag: W/"6316f125-d64"
expires: Sun, 10 Sep 2023 06:48:51 GMT
pragma: public
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1d6ce0440a1.prizessites.net/sw-500cc.js?v=3.1.392&o=b3465ccb103846258e8f7c29bbfb035f&pub=0&p=3091770 | 94.237.93.242 | 200 OK | 0 B |
URL HTTP/21d6ce0440a1.prizessites.net/sw-500cc.js?v=3.1.392&o=b3465ccb103846258e8f7c29bbfb035f&pub=0&p=3091770 IP94.237.93.242:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /sw-500cc.js?v=3.1.392&o=b3465ccb103846258e8f7c29bbfb035f&pub=0&p=3091770 HTTP/1.1
Host: 1d6ce0440a1.prizessites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InY5WjQ3Si9uUDB5NFVXSVBUR2lseWc9PSIsInZhbHVlIjoiQnpxUEJ3MExGa1M1NGZyL1dpeUM0YWRtV04xOWZjNFlUQThLbTZ2SGloZHdibVNUdE1zOGg3OGgxNno4Y1o0c09JZndvOHQzaEZCdXU5QVQ0MjJ3c2orSHVhMiswdjFvaElteDBrcFMzQnNOTGdsbWJSa1p3a05sS3RpNUY5WFYiLCJtYWMiOiJjOWZkMjU5YjA2YWQ0YTNjZWUyMTM2Yzc5MDZjOTQwNWI2OWRiODlmNGYyMzUwY2IyOWMzOTcxZGI2NzJmNjQ1IiwidGFnIjoiIn0%3D; traffic_prelanders_session=eyJpdiI6IituWlZyWHZSMjZRTnBLekpYWTlzb2c9PSIsInZhbHVlIjoieWh6VFhIYWNYM2Njd1lwMTFNYjlQdXVCdzdaY3p1NUpzekdjeFNTM2wyV1krYWtvUjVDTmdoTmJYeW1relJoemUzU21VakJtbjJ1SkhSUk5qbVhmdGZRZmxTcVU4OExoZkN0cFJ4dUFnRWdNUEhPL0RlZ0dCNXVac2JmWk9YYksiLCJtYWMiOiI2NjUzN2I1NGNlNzk1ZTQ0YThhZjk2Y2Q4ODdiOWM4MjgzNTE0NDJhOWQwNDYxYjI1YjgzMGY5ZWNiOWFhN2I3IiwidGFnIjoiIn0%3D; Xp1dAWursFRAS835BIvTuEPmcOx41wko53LduEKO=eyJpdiI6ImsyK3pMYTZFMDNRRkhWek9QRXkzMkE9PSIsInZhbHVlIjoiZDJ1S3hPVDExaWJaY0dqa3ljWTZPaGhYVUNSOWVTRy9sS0NLeTIySTZkeEcyQ1psOXJjMmVKQlk4OEhaZS9oYlVZNE1RMWs3bWowY3FOYVpYalhBKzhvQll1cmFtRjhkelk5OG5sVXdTNGFSWDNLMDlkaDY3elhuVE4vUkJXTzVtdVVZSEhQcjhuclB6d2NBNDVHMWk4WnJxWi9DUkYrcllocWJyUC9RakVxS0pnTzlDejVCUm8zeEdHdk93SHFKc1JEN0h2OXJIb3FVZ0lQcG9NQWNMK3llVFQ1ODdZd1A0Smg5elVEZjB5YVRSZXJSQ3B2S0RYZW4vellOTlNYa3g1a0xNSjBWdUxMNW9vR29UWTZZVGJpQ0J3NHJRREdIVThCQlZnRnNhK1ZUdUs0OGlsUWcxUnA1QXBJV1BRcWJsNkQ3dUhiRGxzWjBPaitRdnRuRk81UnFEOWxVUmZGSGhIcU42azFmVDI4SU1HaXBLcDBPQXRaUkswMlVpalRReGc4UjlHSVBJbmJ3eXNlM1o0aldpWnlGcTNiUjA1WjRxaGk5ZkF1K1dydlBnVHU4cVZTM3E1cWoxSGUwL0Y3UGwyVGFNMWlxTGlVV0lBZFdXbG95eXE2QldKSGZWRXZPY1ZHM21OYnZLZFhkei9tM3J0MU56UDVFMGZWam15VzhHc0JXSFMrcXVUWXhOeXJpck4wM284KzBaU0EwMVlkZXE5WkdpSSs0cWlhaGRZNEliY1lSa0lNRkdObkNScFMrenRqczY4WGxKdUpIdTZ2V3Z3WmlqanVKV241OWhmMzMvcG9SLzdPb1Q5SHJNSXFLRVdKL0tzaEVRZlpDd25tVmFPMEgwbUE3Vnh4WDh0b2o2Z1lwV051RnAwbmF0Z1g3NXBEZDB1bHloMWVqWUJMNDVmVFBwMWNpTWhEa25aTU9PZFVPZWdoK2lmU1dqWlBFeFBtYnJSMkJFVFQ0TE1ZTWtjeDhwMEFxR2U5V2FoTCt2YTZLVkZhV2tndVd5QTE4MzMxWTY2M3JXczdwYzVEYm9MbGk4VG5pYjhYTVFlVGg3UVJmekJzQVhuRWl5dUpmUC8yMm12WUl4MTJUQUQreXhoOXlNYzVKUUoycTJUVU16aUE3R0lESTZXTXpMWjcrV0dLZzZWOWdrdVpGV1F6MFpOYVhyWkpkRHRUMDZNc3dYYkV3RDdXR0FSdXJnYWhSQWs5eWJ1b2d1MXFoUnkyQTFjcW5PdmlkZkVaRjhVV3RiU1pWYVd5RVFhbTVUUGNyVGc0RXhCdmVDZ1huekJWem5GZkxaajNYdDhHejN3V01nT3FjUzhBN2FITk1Db2o3NTlYTzUrMkFoUjVWd010OUZOZzU1dEdpTlNjWnE3c2FKSHQ3aTFXZEZLb1ZpSmJWVHoxRVFacEtBRC81L3VpSHZNVkk0OE8waktmS3Z2eWZYV09waUt6ak5oZkRQdFIzbHB0YUdYUGFGL2tJL1FGMGFBbTBSeWZRb091Z0o5Wkxrb20wWk4rd29BcGsvWWtNS1RHd0Q1VlF5V1plemUrcXFCRzBlNy9LK1QxUFhieTl3SnVrVU5BSitWYzlXd3RoeTRsMW4vOXA0V1VmTmZ5V3hHWWVIK1FmVmd2SkVMTnBQWjJhUW1zeDI4d3ZXRGpIdHFaVDRkTmlJanloWWo2NGFxTkswVDdweWs0WEFXRG1TMTl2N3hoMjRwTnorZUtKWWc4SHZGY2FOdnNEakNSRG14eGszM216SUQ2djYwR2hiUmk4SXM0MmVIODRjWk1BY1hjNmVBY211L2VsZ3pXS3ZmR1RPRml2dHU5dEpLU0J6VHRpL3MyNXhwSWpCNlNybXVqcFFhc2MyekpmNWZXYyIsIm1hYyI6IjRlOGI2MDFmMmE1MjA0Yjk5OGIyZGZlNTVhMjgxMWY5NzI0NzljMTJkZjBmZDdkNTMxNGQ5M2ZjY2RlMDVlZmUiLCJ0YWciOiIifQ%3D%3D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 06 Sep 2022 07:03:01 GMT
vary: Accept-Encoding
etag: W/"6316f0a5-ad"
expires: Sun, 10 Sep 2023 06:48:52 GMT
pragma: public
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jeejujou.net/pfe/current/service-worker.min.js?r=sw&v=3.1.209 | 139.45.197.250 | 200 OK | 0 B |
URL HTTP/2jeejujou.net/pfe/current/service-worker.min.js?r=sw&v=3.1.209 IP139.45.197.250:0
GET /pfe/current/service-worker.min.js?r=sw&v=3.1.209 HTTP/1.1
Host: jeejujou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1d6ce0440a1.prizessites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:48:52 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|