Report - ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a

Report Overview

Submitted URL
ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a
IP
139.45.197.151
ASN
#9002 RETN Limited
Submitted
2022-12-01 09:16:25
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ibugreeza.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	2.8 kB	139.45.197.151
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
littlecdn.com	11785	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	875 B	344 kB	172.67.10.98
choupsee.com	93673	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	2.6 kB	139.45.197.251
cdntechone.com	64371	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	838 B	104.21.29.183
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
datatechone.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	487 B	464 B	139.45.195.253
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	742 B	139.45.195.8
stoomawy.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	891 B	777 B	139.45.197.250
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	70 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	11 kB	95.101.11.115
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.76.226
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.186.209.73
pulserviral.com	305654	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	452 B	812 B	139.45.197.151

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	choupsee.com/event	Malware
2022-12-01	medium	choupsee.com/event	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	ibugreeza.com	Sinkholed
2022-12-01	medium	datatechone.com	Sinkholed
2022-12-01	medium	ibugreeza.com	Sinkholed
2022-12-01	medium	stoomawy.net	Sinkholed
2022-12-01	medium	ibugreeza.com	Sinkholed
2022-12-01	medium	stoomawy.net	Sinkholed
2022-12-01	medium	ibugreeza.com	Sinkholed
2022-12-01	medium	ibugreeza.com	Sinkholed
2022-12-01	medium	ibugreeza.com	Sinkholed

JavaScript (18)

	URL	Size	First Seen	Last Seen
	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	1.6 kB	2023-03-07	2023-03-11
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:40:19 Last Seen2023-03-11 23:34:17 Times Seen1 Hash 0a6ff1ad717931c8bcb42efd6e241747 2be08d77a7b8793e8a65708abdc8aef8a99ad2cf e01cc6546739bdf717ad0af5a75936b50c91de1755928dc4ab4347b1000ee6da Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	5.2 kB	2023-03-11	2023-03-11
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:27:58 Last Seen2023-03-11 23:27:58 Times Seen1 Hash 18d338090f2733746984adc494dbb2aa f23bd8ac7e13e39294a22f9266633f93ef34a3ac 5a5d8aba624b90924a87f4f973ba08ee9117128d52a2e20b74cc380bba269175 Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	1.8 kB	2023-03-07	2023-03-17
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:45 Last Seen2023-03-17 12:45:37 Times Seen1 Hash 5462cb035ebb6f921e1edf0156287212 70ddce5405ee1fa261a1c8ecb3dfd5ef5c354947 d57ae80c334e9df8bab11e6e868619779aebe60edeec109ffab51c1cd6b1a443 Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	358 B	2023-03-07	2023-04-17
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2023-04-17 00:56:25 Times Seen11 Hash 0e3d0b0d1e6eec347084ed5006928f20 cb1622346a2c21a015e64c16cfc302bbce4623da 56442cbc3d77d95e93f2c2aab32111741aedd2e37b6ea3394f6aa8c4b3b0212f Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	2.4 kB	2023-03-11	2023-03-11
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:27:58 Last Seen2023-03-11 23:27:58 Times Seen1 Hash e2d562318a1fee431676115cdf0a058a 8e77771e31c47b9b7a99888cf3f9867c40f4d71a f4b1ba7c35edbd002e7cb45c0bf32afc4d059e1893003719175d9b62e5ebf3a9 Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	2.8 kB	2023-03-07	2023-04-17
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:21:30 Last Seen2023-04-17 00:56:25 Times Seen13 Hash 164f864d4a1fa829ef0eea1ff505d0be f2a9baf456a54d507984f8168ba44ec6f37865bd e4314b5aaf3ec786d754cb55ec91ea90b76231db61f24b8d81cdaf3dc7725ca6 Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	243 B	2023-03-07	2024-04-18
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:21:30 Last Seen2024-04-18 13:14:14 Times Seen1018 Hash 9c8b4c2757a2ba84e7374a4a2fb73e6d 824c4afa2e871938c12f7c5698fe98f3f19a95c5 415d44cc3ea93f4be94854a2677c8fef5a136343c45546c218d0fb25d5092bc1 Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	1.9 kB	2023-03-11	2023-03-11
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:27:58 Last Seen2023-03-11 23:27:58 Times Seen1 Hash d65be952f67cea2851cb5bd02ceb32a8 21544552d0d0693e492cf28d2e369761fd32cf7d 903cc2ba82d59a5267bdca9b11686f8229efaf30980aa324962c9df9547ba093 Loading...

	cdntechone.com/stattag.js	13 kB	2023-03-08	2023-03-12
Pretty URL cdntechone.com/stattag.js IP 104.21.29.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:01 Last Seen2023-03-12 10:47:00 Times Seen1 Hash 06f6499fd0fa0ed3ab7e4e5220824cf4 7d46143675b281760790105a32018a6ebd62884d 2b9e2b7f5c251c5b5490e5e8adbda9acdf687b74eb8d5a8d8f2ee1a0104bae3f Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	489 B	2023-03-07	2024-02-16
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-02-16 12:44:28 Times Seen5069 Hash b59d52e5c8c1c905dd20084f27bc5261 492b79822be8f2f1d46714e43274e2500de5c0c5 4795baeddefb045a60541029990e6da282eb7d0cb2f9d20da866382567029649 Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	103 B	2023-03-11	2023-03-11
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:27:58 Last Seen2023-03-11 23:27:58 Times Seen1 Hash 3e52071779d0f1b6ee87e0e9f0327e41 d835f2ec6bcdddf15ad490ad6c076fe35564c245 3367ca6be40cabbaab231e49cac8b62f243c0e42dbaeed98fdffc7a45d4911c9 Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	3.0 kB	2023-03-11	2023-03-11
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:27:58 Last Seen2023-03-11 23:27:58 Times Seen1 Hash 23308b79c22533b7aa64058372e9ac8b c433c23a04eef150388be5ca2e72d63f09d53408 cac757a9cb4a58d92880fa2cf052d9222ade9731cc5081f429b6b9795ecfbd85 Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	27 B	2023-03-07	2024-04-24
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:36 Last Seen2024-04-24 06:36:04 Times Seen3007 Hash dcdca1271ff14fa2a37aac2fdd562ad7 6f8d97801b33f24f2a736c00e1bc5805d9fd5eb7 66d82b0643143d1e9fa6ec2c7e07af701b2b274bc4db74b60ee4dcf5862d229c Loading...

	ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a	58 B	2023-03-07	2023-03-17
Pretty URL ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a IP 139.45.197.151 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:36 Last Seen2023-03-17 12:45:09 Times Seen1 Hash c7e59c41ecdc2cd6a644f383812c76d3 fc291f20d4dda8242f6c0b9bc9438a8472396f53 ded92e7210cb5a664074b870f89356d4c96a16315b10f224eba15c21b8f1ba1d Loading...

		Size	First Seen	Last Seen
	#1 Eval - f7fef8930207b23ec9c04386f9a02c76	24 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-24 19:29:01 Times Seen9422 Hash f7fef8930207b23ec9c04386f9a02c76 146273d1c716700bb25aaa15e8595624b611ffdf 74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3 Loading...

	#2 Eval - 5ce330e3857e0b5af9c9824bb5c620cc	80 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 23:27:58 Last Seen2023-03-11 23:27:58 Times Seen1 Hash 5ce330e3857e0b5af9c9824bb5c620cc b09edc787bac78d5a8653deb218e44b910324774 07849ee107a04f63d3603f7ef8c946289827615be05c71a3442e4cfcd857caef Loading...

	#3 Eval - 20943d96c2c6ac798ea696fd6893d7e4	2.9 kB	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 14:26:32 Last Seen2023-03-26 04:33:08 Times Seen13 Hash 20943d96c2c6ac798ea696fd6893d7e4 95051e85271bac532b7b8c94ba3577039db5afbb ce79318783ffabad8ea876d92239d3bc4466deda5883dafb82a57a883a4d7c96 Loading...

	#4 Eval - 65698bba0acea00dabc360dd2ad97fe9	2.6 kB	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 14:26:32 Last Seen2023-03-26 04:33:08 Times Seen13 Hash 65698bba0acea00dabc360dd2ad97fe9 8491061feace579a640707aefd6a9b36950d3afd 06816c1cda65dc0482c5c2325b944acb9cf08cb5812fd85634023b96d3a72520 Loading...

HTTP Transactions (48)

URL IP Response Size

ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a

139.45.197.151

301 Moved Permanently

162 B

URL HTTP/1.1
ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a
IP
139.45.197.151:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a HTTP/1.1
Host: ibugreeza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Dec 2022 09:16:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7713
Expires: Thu, 01 Dec 2022 11:24:46 GMT
Date: Thu, 01 Dec 2022 09:16:13 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5059
Cache-Control: max-age=95965
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:16:13 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:55:38 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3587
Expires: Thu, 01 Dec 2022 10:16:00 GMT
Date: Thu, 01 Dec 2022 09:16:13 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 08:18:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3486
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: V9IzFcBPANAvCjkGOxWAhdRQqJEE9t/5Z3UtrI/i9Xz4bJXtidYAS9zyLmQMdgBxAPYP050OfEE=
x-amz-request-id: X5MV5G5X488SG73S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 08:45:36 GMT
age: 1837
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
18e2407dae883322c92b9fee8b2e812a
2c25c55d35b00b509e06a269740da11cce937654
ab1931b488d0cd8eb4bfb8190c83a6656fd67dc05c1cb88978630131c5417f36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB1931B488D0CD8EB4BFB8190C83A6656FD67DC05C1CB88978630131C5417F36"
Last-Modified: Tue, 29 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Dec 2022 15:16:13 GMT
Date: Thu, 01 Dec 2022 09:16:13 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3fd84f17033bf7c1662fbcf98a96c520
9a4d98c64400a427962175e75bc94f93c2b371ac
2f1452e005d41c1d4c5fd7f497b59b2f22be2b40530d164fcad54babad5e74fe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6040
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:16:14 GMT
Last-Modified: Thu, 01 Dec 2022 07:35:35 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3fd84f17033bf7c1662fbcf98a96c520
9a4d98c64400a427962175e75bc94f93c2b371ac
2f1452e005d41c1d4c5fd7f497b59b2f22be2b40530d164fcad54babad5e74fe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6040
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:16:14 GMT
Last-Modified: Thu, 01 Dec 2022 07:35:35 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

littlecdn.com/apps/templates/questions/video-bg/video/1.mp4

172.67.10.98

206 Partial Content

342 kB

URL HTTP/2
littlecdn.com/apps/templates/questions/video-bg/video/1.mp4
IP
172.67.10.98:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
342 kB (342422 bytes)
Hash
5841092fcc1d651999a0e75f86306f87
0d9c9071cfb1861e05b9ec3c7d3af3048eb0aa29
f385d25ffcf716b080dadd46aab2de1c5c973b62a4f44031a87e835e4921c663

HTTP Headers

GET /apps/templates/questions/video-bg/video/1.mp4 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ibugreeza.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: video/mp4
content-length: 342422
last-modified: Tue, 29 Nov 2022 14:00:50 GMT
vary: Accept-Encoding
etag: "63861092-53996"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 1546
content-range: bytes 0-342421/342422
server: cloudflare
cf-ray: 772ab90c1e4db4f3-OSL
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
4db6adb68d974d4a5343eda081abb131
542d171f9aefecdd8b6b4eb8070f4a063ee90a62
5822f506962c5b9c376cd4da49a074f37740776b4871bb6745c4453c359e27f3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5822F506962C5B9C376CD4DA49A074F37740776B4871BB6745C4453C359E27F3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5117
Expires: Thu, 01 Dec 2022 10:41:31 GMT
Date: Thu, 01 Dec 2022 09:16:14 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
4db6adb68d974d4a5343eda081abb131
542d171f9aefecdd8b6b4eb8070f4a063ee90a62
5822f506962c5b9c376cd4da49a074f37740776b4871bb6745c4453c359e27f3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5822F506962C5B9C376CD4DA49A074F37740776B4871BB6745C4453C359E27F3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5117
Expires: Thu, 01 Dec 2022 10:41:31 GMT
Date: Thu, 01 Dec 2022 09:16:14 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 09:08:56 GMT
cache-control: public,max-age=3600
age: 438
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5058
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:16:14 GMT
Last-Modified: Thu, 01 Dec 2022 07:51:56 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e744adc50ebcd50fc1c0fc31188dfaef
6904d0b4d14ff7c65252585c0174a1c787e1d4a4
f3b3c7d96fde9ac2f382ffd031935ee72c24dc8156f7f3815ac0a27c5c7992b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3B3C7D96FDE9AC2F382FFD031935EE72C24DC8156F7F3815AC0A27C5C7992B1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1014
Expires: Thu, 01 Dec 2022 09:33:08 GMT
Date: Thu, 01 Dec 2022 09:16:14 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
1d7846e2a7294173c85271c0da130678
102a56df28bfb864653439cf703e0d8ca45f23cf
2774004fdfb065b1b02763317038c875bbadcf79fb05b6979c220c1a129ed04c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 09:16:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 04:52:36 GMT
Expires: Mon, 05 Dec 2022 04:52:35 GMT
Etag: "102a56df28bfb864653439cf703e0d8ca45f23cf"
Cache-Control: max-age=329180,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772ab90e882f0b41-OSL

datatechone.com/log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81

139.45.195.253

200 OK

2 B

URL HTTP/1.1
datatechone.com/log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81
IP
139.45.195.253:0
ASN
#9002 RETN Limited

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1072
Origin: https://ibugreeza.com
Connection: keep-alive
Referer: https://ibugreeza.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 01 Dec 2022 09:16:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://ibugreeza.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d96aeae3233e0784ee5d99b14622add6
45d447b74389e341f7fbb8321ea05105f85ca828
7899f63e8489695e81c39025aea746482eb86b72cb16605ceeee89cdbc20d196

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7899F63E8489695E81C39025AEA746482EB86B72CB16605CEEEE89CDBC20D196"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19366
Expires: Thu, 01 Dec 2022 14:39:00 GMT
Date: Thu, 01 Dec 2022 09:16:14 GMT
Connection: keep-alive

ibugreeza.com/favicon.ico

139.45.197.151

204 No Content

0 B

URL HTTP/2
ibugreeza.com/favicon.ico
IP
139.45.197.151:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ibugreeza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a
Cookie: reverse=QgpSIvkGAMgO-WgfUK_zNaTmc3xqOJQDGTzREYEtqMQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
strict-transport-security: max-age=60
x-content-type-options: nosniff
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.186.209.73

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.209.73:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P/CfJC50d4iu6zdMY0hQOw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CFnFcEWA9vlXXEv9hucaJO8bGNQ=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8e8c89c17e336cca7a61b55895462e74
e27f9646f415cb235ed8eef9de30639dd355fad1
3cf03691d11e79366511035adff2fabce3d362860e670f4de949794d3b6268ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CF03691D11E79366511035ADFF2FABCE3D362860E670F4DE949794D3B6268BA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7471
Expires: Thu, 01 Dec 2022 11:20:45 GMT
Date: Thu, 01 Dec 2022 09:16:14 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
edc18dad4eae4d9e23faa799f0a9f3a9
8de16fceed4980dbe0879e08d8284a047312df8a
646ce4360a1b58d2a26a2919c206194615e3ce7b0ce07b84b0876460a12c7665

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "646CE4360A1B58D2A26A2919C206194615E3CE7B0CE07B84B0876460A12C7665"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11092
Expires: Thu, 01 Dec 2022 12:21:06 GMT
Date: Thu, 01 Dec 2022 09:16:14 GMT
Connection: keep-alive

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5256482&checkDuplicate=true&ymid=&var=5353578

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5256482&checkDuplicate=true&ymid=&var=5353578
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
81fa999a5d0a69c70532beddbdcf48d7
0e04562c6176fc8011f4f317910a9230fb060e03
d5b7c153b3c3f4a573742779c778f29848f8309b6739d55aa03d1d238548d28d

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5256482&checkDuplicate=true&ymid=&var=5353578 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ibugreeza.com/
Origin: https://ibugreeza.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ibugreeza.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f7b4219916ac46fd9da57424aca86ad7; expires=Fri, 01 Dec 2023 09:16:14 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

choupsee.com/zone?&pub=0&zone_id=5256482&is_mobile=false&domain=ibugreeza.com&var=5353578&ymid=&var_3=&dsig=&nt=true&action=prerequest

139.45.197.251

200 OK

0 B

URL HTTP/2
choupsee.com/zone?&pub=0&zone_id=5256482&is_mobile=false&domain=ibugreeza.com&var=5353578&ymid=&var_3=&dsig=&nt=true&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zone?&pub=0&zone_id=5256482&is_mobile=false&domain=ibugreeza.com&var=5353578&ymid=&var_3=&dsig=&nt=true&action=prerequest HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ibugreeza.com/
Origin: https://ibugreeza.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
content-length: 0
x-trace-id: 5b422a9661b7032b89f5097eb10bcfcc
access-control-allow-origin: https://ibugreeza.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

choupsee.com/event

139.45.197.251

200 OK

0 B

URL HTTP/2
choupsee.com/event
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

OPTIONS /event HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ibugreeza.com/
Origin: https://ibugreeza.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ibugreeza.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

choupsee.com/zone?&pub=0&zone_id=5256482&is_mobile=false&domain=ibugreeza.com&var=5353578&ymid=&var_3=&dsig=&nt=true&action=settings

139.45.197.251

200 OK

728 B

URL HTTP/2
choupsee.com/zone?&pub=0&zone_id=5256482&is_mobile=false&domain=ibugreeza.com&var=5353578&ymid=&var_3=&dsig=&nt=true&action=settings
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (727)
Size
728 B (728 bytes)
Hash
707ff84438df8db68e08e32793d17a14
bd78ea333c91e0bffc52debcaaecf102967ea2cb
9900edaab43d10f9412e40c5856605997994857b117daf3405f342c090c07df0

HTTP Headers

GET /zone?&pub=0&zone_id=5256482&is_mobile=false&domain=ibugreeza.com&var=5353578&ymid=&var_3=&dsig=&nt=true&action=settings HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ibugreeza.com/
Origin: https://ibugreeza.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: application/json; charset=utf-8
content-length: 728
x-trace-id: 70f6b233da2f71c2ffd0c9ed8aac2275
access-control-allow-origin: https://ibugreeza.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

choupsee.com/event

139.45.197.251

200 OK

94 B

URL HTTP/2
choupsee.com/event
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
c5fc1be8228810278e98c5f262c81aea
44ffdbc9beb9465a231993023291894df37af29c
5e78bd085b1209d31dd608b24aa2843f6b26d7497b3a5798e8c8229c34bd7292

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /event HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ibugreeza.com/
Content-Type: application/json
Origin: https://ibugreeza.com
Content-Length: 465
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 69da7a3d774090cbad6a2a0468e2bac3
access-control-allow-origin: https://ibugreeza.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

stoomawy.net/event

139.45.197.250

200 OK

0 B

URL HTTP/2
stoomawy.net/event
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: stoomawy.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ibugreeza.com/
Origin: https://ibugreeza.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ibugreeza.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

pulserviral.com/leadgen/track-impression/?z=5353578&b=14676507&ymid=wv0kui2v489qal4k2q8d495a

139.45.197.151

200 OK

225 B

URL HTTP/2
pulserviral.com/leadgen/track-impression/?z=5353578&b=14676507&ymid=wv0kui2v489qal4k2q8d495a
IP
139.45.197.151:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
225 B (225 bytes)
Hash
2334c6e515708279ad12e7cf82d3f256
8a0bdf1caa94e4bc599603708bd415b00c67f151
e8c2226bae1fafc63a6cadb81bdb6e9f115e0e0c908b541eab67e917bb43625b

HTTP Headers

GET /leadgen/track-impression/?z=5353578&b=14676507&ymid=wv0kui2v489qal4k2q8d495a HTTP/1.1
Host: pulserviral.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ibugreeza.com/
Origin: https://ibugreeza.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2457
Expires: Thu, 01 Dec 2022 09:57:13 GMT
Date: Thu, 01 Dec 2022 09:16:16 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2457
Expires: Thu, 01 Dec 2022 09:57:13 GMT
Date: Thu, 01 Dec 2022 09:16:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2442
Expires: Thu, 01 Dec 2022 09:56:58 GMT
Date: Thu, 01 Dec 2022 09:16:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2442
Expires: Thu, 01 Dec 2022 09:56:58 GMT
Date: Thu, 01 Dec 2022 09:16:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2442
Expires: Thu, 01 Dec 2022 09:56:58 GMT
Date: Thu, 01 Dec 2022 09:16:16 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12898 bytes)
Hash
820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 41326
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:43:35 GMT
age: 37961
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12035 bytes)
Hash
acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: 2711a135-b390-43ef-9e95-92438058bc27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz81FIpIAMFs9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-742f7f293df074340ab6a217;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ygs-Qd7UU_k4t4_breZTyqkHqGjJzlH1UMa9ncww5_IGpJ1n781jfg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:51:55 GMT
age: 41061
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16038 bytes)
Hash
ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 41056
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9459 bytes)
Hash
e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 9e243a73-18ff-4abf-9b9c-442719960125
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpppFXjoAMFehg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bca3-47620f39181264772d2fb52d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:13:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _v5hatZyEWVRB4Tebygbb-QfE02oaFxE8CRfQsUY7I_ektxE3YeIpw==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:08:01 GMT
age: 58095
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8740 bytes)
Hash
26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 51490
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ibugreeza.com/sw-check-permissions/5256482?z=5256482&ymid=&var=5353578

139.45.197.151

200 OK

0 B

URL HTTP/2
ibugreeza.com/sw-check-permissions/5256482?z=5256482&ymid=&var=5353578
IP
139.45.197.151:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sw-check-permissions/5256482?z=5256482&ymid=&var=5353578 HTTP/1.1
Host: ibugreeza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: reverse=QgpSIvkGAMgO-WgfUK_zNaTmc3xqOJQDGTzREYEtqMQ
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

littlecdn.com/apps/templates/questions/video-bg/css/style.css?v=1

172.67.10.98

200 OK

0 B

URL HTTP/2
littlecdn.com/apps/templates/questions/video-bg/css/style.css?v=1
IP
172.67.10.98:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apps/templates/questions/video-bg/css/style.css?v=1 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ibugreeza.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: text/css
last-modified: Tue, 29 Nov 2022 14:00:50 GMT
vary: Accept-Encoding
etag: W/"63861092-16ab"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 6487
server: cloudflare
cf-ray: 772ab90c1e4cb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

104.21.29.183

200 OK

0 B

URL HTTP/2
cdntechone.com/stattag.js
IP
104.21.29.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ibugreeza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3416
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D60o8iEx8NfZpQSVgrP9MuOwbNj4SGbWjIeaqqH0UBKvRg%2BPHtprBmBT4DKCoSFFZgsQUNuK28pMeLC3IHJJkCV5L7RfZNm7rIgktJS59MKbivd6X4OyvB2jqAWVCPCo6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ab90ceedd0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stoomawy.net/pfe/current/sw.perm.check.min.js?r=sw

139.45.197.250

200 OK

0 B

URL HTTP/2
stoomawy.net/pfe/current/sw.perm.check.min.js?r=sw
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/sw.perm.check.min.js?r=sw HTTP/1.1
Host: stoomawy.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ibugreeza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 13:16:49 GMT
etag: W/"63860641-1c66f"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a

139.45.197.151

200 OK

0 B

URL HTTP/2
ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a
IP
139.45.197.151:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a HTTP/1.1
Host: ibugreeza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=QgpSIvkGAMgO-WgfUK_zNaTmc3xqOJQDGTzREYEtqMQ; expires=Thu, 01-Dec-2022 10:16:13 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a&mprtr=1

139.45.197.151

200 OK

0 B

URL HTTP/2
ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a&mprtr=1
IP
139.45.197.151:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a&mprtr=1 HTTP/1.1
Host: ibugreeza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ibugreeza.com
Connection: keep-alive
Referer: https://ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a
Cookie: reverse=QgpSIvkGAMgO-WgfUK_zNaTmc3xqOJQDGTzREYEtqMQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: br
X-Firefox-Spdy: h2

ibugreeza.com/?tt

139.45.197.151

200 OK

0 B

URL HTTP/2
ibugreeza.com/?tt
IP
139.45.197.151:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /?tt HTTP/1.1
Host: ibugreeza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 27
Origin: https://ibugreeza.com
Connection: keep-alive
Referer: https://ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z=5353578&s=wv0kui2v489qal4k2q8d495a&campid=54de7009-8647-4d89-b58b-94b09f856982&var=&ymid=wv0kui2v489qal4k2q8d495a
Cookie: reverse=QgpSIvkGAMgO-WgfUK_zNaTmc3xqOJQDGTzREYEtqMQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:16:14 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations