Report - yzvy.com/

Report Overview

Submitted URL
yzvy.com/
IP
91.195.240.12
ASN
#47846 SEDO GmbH
Submitted
2022-10-04 12:17:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	736 B	93.184.220.29
yzvy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	3.8 kB	91.195.240.12
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
mybetterck.com	21362	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	1.2 kB	108.168.193.189
p274639.mybetterck.com	381189	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	484 B	108.168.193.189
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
xml.sedodna.com	278378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	183 B	173.239.53.32
q3.quotes.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	770 B	832 B	178.162.151.164
img.sedoparking.com	54200	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	299 B	4.8 kB	205.234.175.175
btpnative.com	108657	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	6.9 kB	209.15.13.136
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.210.107.213
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-04	medium	yzvy.com/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	yzvy.com/	1.1 kB	2023-03-08	2023-03-08
Pretty URL yzvy.com/ IP 91.195.240.12 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:48:16 Last Seen2023-03-08 05:48:16 Times Seen1 Hash 0c39602755b4a9ee4adddddb7afb451a f25debcf50d4466b40b2337919076854b7d8e50b fb431b6d6c682e02fac683fbf3bcd82e2f66ce294e6c87231662bd4a2e34ce8f Loading...

	btpnative.com/click?data=aTZxZVN2VjUxc3ZkY0x1M2hzVUZXZmlNZVdOakxEb2NQOGF2OW5xT0hJamlUaHFvR2VTUzFyaFhKaUZwZ3RzeVdieUJiS0JRM2ZHMDNpZTlhNkdKcmlZaTlVYklad3B1TlZRSGhwM2tiUzJ5UUpTUDlmR2FZTzR1VUJDM0t5dVNVVGc2OE9CLUFlN2F2VDJZNVdKclZRMg2&id=48a5631d-2ae0-401d-9148-973a57cd2d92	4.1 kB	2023-03-07	2023-04-05
Pretty URL btpnative.com/click?data=aTZxZVN2VjUxc3ZkY0x1M2hzVUZXZmlNZVdOakxEb2NQOGF2OW5xT0hJamlUaHFvR2VTUzFyaFhKaUZwZ3RzeVdieUJiS0JRM2ZHMDNpZTlhNkdKcmlZaTlVYklad3B1TlZRSGhwM2tiUzJ5UUpTUDlmR2FZTzR1VUJDM0t5dVNVVGc2OE9CLUFlN2F2VDJZNVdKclZRMg2&id=48a5631d-2ae0-401d-9148-973a57cd2d92 IP 209.15.13.136 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2023-04-05 01:56:36 Times Seen24 Hash a95ebc524317681eea9a586db022de39 4971459c3a5c26de04f1ca1edaa9c7ba225ee161 0bdbdaa3f492019a740ce5685efd434006c22801330be205bd590974e73c1b82 Loading...

HTTP Transactions (31)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 11:40:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sYJ7onc5GJ0WY9SFX3AoqP93inFAxvptL_0rWfnZoRX3GWkibLVMpg==
Age: 2184

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6971
Expires: Tue, 04 Oct 2022 14:13:22 GMT
Date: Tue, 04 Oct 2022 12:17:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BN3IVWthfHCWDlnHq7zybLQD5pqSeMq_PB1MWN9q5zW-vqtE10n4Zg==
age: 24524
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:17:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 11:29:33 GMT
Expires: Tue, 04 Oct 2022 12:17:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ojkD6-IJ5rEk2b1zu0w3LvNWZsantXu1fXSNWBZPbVZpbZmKpefAJg==
Age: 2858

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 350
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:17:11 GMT
Last-Modified: Tue, 04 Oct 2022 12:11:21 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.210.107.213

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.107.213:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4v4Uz2wizyBHh2+QaC+lig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g1MwblfHUfjn/57kGFv23N/e1Aw=

yzvy.com/

91.195.240.12

200 OK

1.3 kB

URL HTTP/1.1
yzvy.com/
IP
91.195.240.12:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (672)
Size
1.3 kB (1292 bytes)
Hash
7eab660a0086c800ad5794f25e3babce
98855300328af838bb65abf954c3515cba3bda0d
095189ae23a530c21862a075195fd8dff424f157376b74d4aa10958c143d9fef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: yzvy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Tue, 04 Oct 2022 12:17:12 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_IiRbeZyNxSpOHSLOLeviHJbNp2Ss5Hto0eHhoYiI0RCU06xM1DY6EWVBW3GoOAP1tTAZ0H6zTKUzv9qqLoszEg==
last-modified: Tue, 04 Oct 2022 12:17:10 GMT
x-cache-miss-from: parking-69b897b95b-jm4r7
server: NginX
content-encoding: gzip

img.sedoparking.com/images/js_preloader.gif

205.234.175.175

200 OK

4.3 kB

URL HTTP/1.1
img.sedoparking.com/images/js_preloader.gif
IP
205.234.175.175:0
ASN
#30081 CACHENETWORKS

File type
GIF image data, version 89a, 16 x 16\012- data
Size
4.3 kB (4254 bytes)
Hash
90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a

HTTP Headers

GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzvy.com/

HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:17:12 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Tue, 11 Oct 2022 12:17:12 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 8b888683b2e8eec66b365d5bdda6d96c
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes

yzvy.com/search/tsc.php?200=NDUwMTc4NTYz&21=OTEuOTAuNDIuMTU0&681=MTY2NDg4NTgzMmEwOTA2MTRkOWZiZDJjN2ZhNjQzOWNkMGNkYWNjYWFj&crc=f529883919f1ac1153ab4853bf50b6098ae05a09&cv=1

91.195.240.12

200 OK

0 B

URL HTTP/1.1
yzvy.com/search/tsc.php?200=NDUwMTc4NTYz&21=OTEuOTAuNDIuMTU0&681=MTY2NDg4NTgzMmEwOTA2MTRkOWZiZDJjN2ZhNjQzOWNkMGNkYWNjYWFj&crc=f529883919f1ac1153ab4853bf50b6098ae05a09&cv=1
IP
91.195.240.12:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/tsc.php?200=NDUwMTc4NTYz&21=OTEuOTAuNDIuMTU0&681=MTY2NDg4NTgzMmEwOTA2MTRkOWZiZDJjN2ZhNjQzOWNkMGNkYWNjYWFj&crc=f529883919f1ac1153ab4853bf50b6098ae05a09&cv=1 HTTP/1.1
Host: yzvy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzvy.com/

HTTP/1.1 200 OK
date: Tue, 04 Oct 2022 12:17:12 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-69b897b95b-m72r9
server: NginX

yzvy.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D00SSuMtMW5I_0&v=Mjg5Y2QyYzgxMjY0MzRiOWY1ZTExYzMwMjEwOTU1MTgJMQl5enZ5LmNvbTYzM2MyNDQ2YzFjMmU2LjExNDQ2NTg0CXl6dnkuY29tNjMzYzI0NDZjMWM1NTIuMTU1NDQwOTgJMTY2NDg4NTgzMglhZF82M18w&l=OAliZDhiODAwZjdlNGM2NmZkZGNkYjFhNGZmY2I1NDMzMwkwCTM1CTAJYTM5NTk3ODk4NWNmYmY4NzVkZjZiNTQ2MjhlZjgwZmIJNDUwMTc4NTYzCXl6dnkJMAk2Mwk2CTIJMTY2NDg4NTgzMgkwLjAwMDIwMQlOCTAJMAkwCTEyMDUJMjg2NjU0MjIJOTEuOTAuNDIuMTU0CTA%3D

91.195.240.12

302 Found

0 B

URL HTTP/1.1
yzvy.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D00SSuMtMW5I_0&v=Mjg5Y2QyYzgxMjY0MzRiOWY1ZTExYzMwMjEwOTU1MTgJMQl5enZ5LmNvbTYzM2MyNDQ2YzFjMmU2LjExNDQ2NTg0CXl6dnkuY29tNjMzYzI0NDZjMWM1NTIuMTU1NDQwOTgJMTY2NDg4NTgzMglhZF82M18w&l=OAliZDhiODAwZjdlNGM2NmZkZGNkYjFhNGZmY2I1NDMzMwkwCTM1CTAJYTM5NTk3ODk4NWNmYmY4NzVkZjZiNTQ2MjhlZjgwZmIJNDUwMTc4NTYzCXl6dnkJMAk2Mwk2CTIJMTY2NDg4NTgzMgkwLjAwMDIwMQlOCTAJMAkwCTEyMDUJMjg2NjU0MjIJOTEuOTAuNDIuMTU0CTA%3D
IP
91.195.240.12:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D00SSuMtMW5I_0&v=Mjg5Y2QyYzgxMjY0MzRiOWY1ZTExYzMwMjEwOTU1MTgJMQl5enZ5LmNvbTYzM2MyNDQ2YzFjMmU2LjExNDQ2NTg0CXl6dnkuY29tNjMzYzI0NDZjMWM1NTIuMTU1NDQwOTgJMTY2NDg4NTgzMglhZF82M18w&l=OAliZDhiODAwZjdlNGM2NmZkZGNkYjFhNGZmY2I1NDMzMwkwCTM1CTAJYTM5NTk3ODk4NWNmYmY4NzVkZjZiNTQ2MjhlZjgwZmIJNDUwMTc4NTYzCXl6dnkJMAk2Mwk2CTIJMTY2NDg4NTgzMgkwLjAwMDIwMQlOCTAJMAkwCTEyMDUJMjg2NjU0MjIJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: yzvy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzvy.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Tue, 04 Oct 2022 12:17:12 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 04 Oct 2022 12:17:12 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D00SSuMtMW5I_0&v=Mjg5Y2QyYzgxMjY0MzRiOWY1ZTExYzMwMjEwOTU1MTgJMQl5enZ5LmNvbTYzM2MyNDQ2YzFjMmU2LjExNDQ2NTg0CXl6dnkuY29tNjMzYzI0NDZjMWM1NTIuMTU1NDQwOTgJMTY2NDg4NTgzMglhZF82M18w&l=OAliZDhiODAwZjdlNGM2NmZkZGNkYjFhNGZmY2I1NDMzMwkwCTM1CTAJYTM5NTk3ODk4NWNmYmY4NzVkZjZiNTQ2MjhlZjgwZmIJNDUwMTc4NTYzCXl6dnkJMAk2Mwk2CTIJMTY2NDg4NTgzMgkwLjAwMDIwMQlOCTAJMAkwCTEyMDUJMjg2NjU0MjIJOTEuOTAuNDIuMTU0CTA%3D
x-cache-miss-from: parking-69b897b95b-xx927
server: NginX

yzvy.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D00SSuMtMW5I_0&v=Mjg5Y2QyYzgxMjY0MzRiOWY1ZTExYzMwMjEwOTU1MTgJMQl5enZ5LmNvbTYzM2MyNDQ2YzFjMmU2LjExNDQ2NTg0CXl6dnkuY29tNjMzYzI0NDZjMWM1NTIuMTU1NDQwOTgJMTY2NDg4NTgzMglhZF82M18w&l=OAliZDhiODAwZjdlNGM2NmZkZGNkYjFhNGZmY2I1NDMzMwkwCTM1CTAJYTM5NTk3ODk4NWNmYmY4NzVkZjZiNTQ2MjhlZjgwZmIJNDUwMTc4NTYzCXl6dnkJMAk2Mwk2CTIJMTY2NDg4NTgzMgkwLjAwMDIwMQlOCTAJMAkwCTEyMDUJMjg2NjU0MjIJOTEuOTAuNDIuMTU0CTA%3D

91.195.240.12

302 Found

311 B

URL HTTP/1.1
yzvy.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D00SSuMtMW5I_0&v=Mjg5Y2QyYzgxMjY0MzRiOWY1ZTExYzMwMjEwOTU1MTgJMQl5enZ5LmNvbTYzM2MyNDQ2YzFjMmU2LjExNDQ2NTg0CXl6dnkuY29tNjMzYzI0NDZjMWM1NTIuMTU1NDQwOTgJMTY2NDg4NTgzMglhZF82M18w&l=OAliZDhiODAwZjdlNGM2NmZkZGNkYjFhNGZmY2I1NDMzMwkwCTM1CTAJYTM5NTk3ODk4NWNmYmY4NzVkZjZiNTQ2MjhlZjgwZmIJNDUwMTc4NTYzCXl6dnkJMAk2Mwk2CTIJMTY2NDg4NTgzMgkwLjAwMDIwMQlOCTAJMAkwCTEyMDUJMjg2NjU0MjIJOTEuOTAuNDIuMTU0CTA%3D
IP
91.195.240.12:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
311 B (311 bytes)
Hash
8c73f822fd255e3714e925b38d3608f1
7f06d4e7e178f48682ab11a17f695fb37d1dce3e
0e844a55f5bd9f953214db9d718606b5db22529c8b169a14ef04b155e12ea248

HTTP Headers

GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D00SSuMtMW5I_0&v=Mjg5Y2QyYzgxMjY0MzRiOWY1ZTExYzMwMjEwOTU1MTgJMQl5enZ5LmNvbTYzM2MyNDQ2YzFjMmU2LjExNDQ2NTg0CXl6dnkuY29tNjMzYzI0NDZjMWM1NTIuMTU1NDQwOTgJMTY2NDg4NTgzMglhZF82M18w&l=OAliZDhiODAwZjdlNGM2NmZkZGNkYjFhNGZmY2I1NDMzMwkwCTM1CTAJYTM5NTk3ODk4NWNmYmY4NzVkZjZiNTQ2MjhlZjgwZmIJNDUwMTc4NTYzCXl6dnkJMAk2Mwk2CTIJMTY2NDg4NTgzMgkwLjAwMDIwMQlOCTAJMAkwCTEyMDUJMjg2NjU0MjIJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: yzvy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://yzvy.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Tue, 04 Oct 2022 12:17:12 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 04 Oct 2022 12:17:12 GMT
location: http://xml.sedodna.com/click?i=00SSuMtMW5I_0
x-cache-miss-from: parking-69b897b95b-g4w4f
server: NginX

xml.sedodna.com/click?i=00SSuMtMW5I_0

173.239.53.32

302 Found

0 B

URL HTTP/1.1
xml.sedodna.com/click?i=00SSuMtMW5I_0
IP
173.239.53.32:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=00SSuMtMW5I_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://yzvy.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://q3.quotes.com/78fcfdd0-43de-11ed-b641-2534284fcacb
Pragma: no-cache

q3.quotes.com/78fcfdd0-43de-11ed-b641-2534284fcacb

178.162.151.164

200 OK

170 B

URL HTTP/1.1
q3.quotes.com/78fcfdd0-43de-11ed-b641-2534284fcacb
IP
178.162.151.164:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
170 B (170 bytes)
Hash
8791c6ca844ce08b056b3ea6d5499b3e
0d628d38dad69290cf5a8308c2142e586f71e88f
f5e81e43cae696456d46e86575ef6b98ceb5017ef8fc9b82fe908fdc53048dd5

HTTP Headers

GET /78fcfdd0-43de-11ed-b641-2534284fcacb HTTP/1.1
Host: q3.quotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://yzvy.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 170
content-type: text/html; charset=utf-8
date: Tue, 04 Oct 2022 12:17:13 GMT
server: nginx

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:17:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:17:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:17:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:17:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:17:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8508 bytes)
Hash
515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 63afa079-f66e-428a-b491-c5859aed2e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJFU9EknoAMF1uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63338285-54f784262318d7ca0e560d44;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 23:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GWTKxBPZnk_dqf9onY05WB16ubdsa93FcrjpqVxBrqBbCZXLSk_HHg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 14:41:51 GMT
age: 77722
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5504 bytes)
Hash
6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 49674
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4858 bytes)
Hash
6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 51627
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11955 bytes)
Hash
54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
age: 50774
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9917 bytes)
Hash
d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 51679
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4151 bytes)
Hash
24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7H1QKlOtoBoVz93G5lddxHSGiTjtMnHJCZX5FhwqhNPkspslaDoFQA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 51612
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

q3.quotes.com/78fcfdd0-43de-11ed-b641-2534284fcacb?hr=1

178.162.151.164

302 Found

11 B

URL HTTP/1.1
q3.quotes.com/78fcfdd0-43de-11ed-b641-2534284fcacb?hr=1
IP
178.162.151.164:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /78fcfdd0-43de-11ed-b641-2534284fcacb?hr=1 HTTP/1.1
Host: q3.quotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 04 Oct 2022 12:17:13 GMT
location: http://btpnative.com/click?data=aTZxZVN2VjUxc3ZkY0x1M2hzVUZXZmlNZVdOakxEb2NQOGF2OW5xT0hJamlUaHFvR2VTUzFyaFhKaUZwZ3RzeVdieUJiS0JRM2ZHMDNpZTlhNkdKcmlZaTlVYklad3B1TlZRSGhwM2tiUzJ5UUpTUDlmR2FZTzR1VUJDM0t5dVNVVGc2OE9CLUFlN2F2VDJZNVdKclZRMg2&id=48a5631d-2ae0-401d-9148-973a57cd2d92
server: nginx

btpnative.com/click?data=aTZxZVN2VjUxc3ZkY0x1M2hzVUZXZmlNZVdOakxEb2NQOGF2OW5xT0hJamlUaHFvR2VTUzFyaFhKaUZwZ3RzeVdieUJiS0JRM2ZHMDNpZTlhNkdKcmlZaTlVYklad3B1TlZRSGhwM2tiUzJ5UUpTUDlmR2FZTzR1VUJDM0t5dVNVVGc2OE9CLUFlN2F2VDJZNVdKclZRMg2&id=48a5631d-2ae0-401d-9148-973a57cd2d92

209.15.13.136

200 OK

2.1 kB

URL HTTP/1.1
btpnative.com/click?data=aTZxZVN2VjUxc3ZkY0x1M2hzVUZXZmlNZVdOakxEb2NQOGF2OW5xT0hJamlUaHFvR2VTUzFyaFhKaUZwZ3RzeVdieUJiS0JRM2ZHMDNpZTlhNkdKcmlZaTlVYklad3B1TlZRSGhwM2tiUzJ5UUpTUDlmR2FZTzR1VUJDM0t5dVNVVGc2OE9CLUFlN2F2VDJZNVdKclZRMg2&id=48a5631d-2ae0-401d-9148-973a57cd2d92
IP
209.15.13.136:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (320), with CRLF line terminators
Size
2.1 kB (2127 bytes)
Hash
cf0e83536edbb42610b0ef3d109065fe
2ff06d83ea763d0c86b8692b8186b56bfd026646
da37949e865d05e2066d3bc52fa257a9430f92c529274c7d63091a0ca5608977

HTTP Headers

GET /click?data=aTZxZVN2VjUxc3ZkY0x1M2hzVUZXZmlNZVdOakxEb2NQOGF2OW5xT0hJamlUaHFvR2VTUzFyaFhKaUZwZ3RzeVdieUJiS0JRM2ZHMDNpZTlhNkdKcmlZaTlVYklad3B1TlZRSGhwM2tiUzJ5UUpTUDlmR2FZTzR1VUJDM0t5dVNVVGc2OE9CLUFlN2F2VDJZNVdKclZRMg2&id=48a5631d-2ae0-401d-9148-973a57cd2d92 HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: wWDJWBUXMAStows=wWDJWBUXMAStows; path=/
X-Server: web02
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Tue, 04 Oct 2022 12:17:12 GMT
Content-Length: 2127

btpnative.com/Redirect/

209.15.13.136

302 Found

2.1 kB

URL HTTP/1.1
btpnative.com/Redirect/
IP
209.15.13.136:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2003), with CRLF line terminators
Size
2.1 kB (2075 bytes)
Hash
867e8585a2f384190ee497168376a9d1
060da969da8496441b455faf1952fefd6aaae068
852a871135af53896e95c6b447a1a31a199dc58c8f5e3000519bc1edd09c02c9

HTTP Headers

POST /Redirect/ HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 329
Origin: http://btpnative.com
Connection: keep-alive
Referer: http://btpnative.com/click?data=aTZxZVN2VjUxc3ZkY0x1M2hzVUZXZmlNZVdOakxEb2NQOGF2OW5xT0hJamlUaHFvR2VTUzFyaFhKaUZwZ3RzeVdieUJiS0JRM2ZHMDNpZTlhNkdKcmlZaTlVYklad3B1TlZRSGhwM2tiUzJ5UUpTUDlmR2FZTzR1VUJDM0t5dVNVVGc2OE9CLUFlN2F2VDJZNVdKclZRMg2&id=48a5631d-2ae0-401d-9148-973a57cd2d92
Cookie: wWDJWBUXMAStows=wWDJWBUXMAStows
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://mybetterck.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzx8Me0kzRtReLyT4nqgY4lXusdLy4zkOjvKPQlCz-mkqJ-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZg570qmhSob8o_2szb4ydpgXg034XLZA3sLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwfOw5OY8cfNVWFNoxbCKertEYtpwEjfuVnCdL4tZEo46lrkwoR7mL8GEkoNYKVdn6Rf8uOXI3CXybbtBC036cDg56-Kiuuts5uLj1oP5dHcnp7_q195LUGeGWVrQeUy_Cf0Sa8TYaTgSoynlrW84w10uEoc4psd6qclmwYMVLIt3mqvjnruW6kAyMcBxrV6g-2ZcTUlFhnFQnOKwfLeJL0xFY1V8SkfUMdkGoOwimacfDRa-QLXDYNP4pHrNTc2d6Fdb_LbGfvUh0D27VxxW12WyFNULLy3RUoeA41AROWbpy9o8ViyrTBCHRNFkP4AMj01XVga0Ne7wXArglNBDQET0NdgGT-OdMEgobweb-Qsqtvlp_SRrdR27Jzid7K4n4aYSC8u-GXNxVHDV8r4Uxb2n-OLLGhRs9WRv0wiQSxxd2gATlqNpPHfhq1NPCwLhL0bA4KCo99-iK2jOPC_VPHkngNwUNnOgL2hXmCL90sB1WX2-WvU1XrwpJCKT9ICyBmpOPkUT8dPWDbTwPfZS-XR9iTamOoQ5TpfbOKbz2vTFIWNxQfEGK2NhZ34qHIgK8me9OzW2uuKtrNMxV0zBatNKiHuUBUm_GU8bdX2pg1VmqqwTCJZxIbKeLU8x-pPrbZnhCVYFvB6Cvv5d6Gc1mRXC40bBa2Jau1oK0LzRSUlX47IZzrxgtChUx1LZmQmYP1_v2mE5S-FvnuFVWry4roQSbQXLplekM8xLrAXSqwXcR8YZcC-FfOmH_JkHChnAfy__VetOptHkw8mZomxqxInrmJOeRnuw5QWsZeVDaehPAxvoCgo1X2DGOtzShi6LesNabZfRSVHXANpyfx7sXm5__Aae8bX7qOeqwk9ENwlt55tECxBiCsDSSEby90wvN5fRMpfOqtRO5o6Z0JEfM65kSHR8wMseU5ImlzngRh5JhWFujM_vfbEH6Pp28hcq-ZWVz4kJ7UZnU8BR0AlMNvABIO6nmfWEcySD-n5C41lRu3omWTxk-cw3Yt7QzA_fIpNJsFBOeASBFyl5CHiJ2oN0d2jjb5nzO9XoBlkjl5Cew-wKs3XYIKtl6zmwxYmZRLjddtNgvdsvFKwAFgloip-ZQ5AdIgfoOE8JF80g8EcMMLluUHoZDmMjPOHSGnqiAQPBUOL4USEFwlhZkpbugoBh8FM1DolkmeDBEanPsRxxcTQtRPdux7T0LMSdHXhlfCTnoKjeRsT1oVj_Y6M0ygx1B5OinXJ07jwWRqw0hRPuqdSD7wWOz07EqwSc6YFL5yA0uQ-uN-pInKtMxGLpBojQ2QA1_qEvmKWLhbo1iIvAKiXhgV_Pj3EiFQr1p4g7WnC6yAAoqoyF7iMsdW4c3ZnPXxuXRQZyvqzcUaUCiIq1cfx0th3Q4kblrBsXid41MFqmAC6xKscOBwN-m2qfy2dr7ZXGd5YAlU39kf2AHeVzz8tGbE4uYSG_zkp394gsKUyv3JqvplwEknfhJXt0RRk8laoN4yf5MoK1GYgiI77a5BFx9nw9OAopx_SibtqvF1E8STB8_WdHSkuvXg4NO5_AXzXJe5ZDcTZi0A1M4GwCOi7N6AKaY2cPV5SIV-p6zYa3qQvnObIuih26Ce_wl-kGMnp5jlJ17o_n_VMWxhu8tILVVxMLY1zAVM3CN0Q-wJTu6AXYz7K4TxDcY0Ua4iunq3YN_0ZLzNDZADX-oS-aO91UovxzeRfQaTYYMFQxDEwrLEAaOW_juD4rZNeXej0uuri72txmT
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Tue, 04 Oct 2022 12:17:13 GMT
Content-Length: 2075

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6f6d7ea87d2a7cc80afb3dd0b06df4f6
27bffe0e73ced0d7eaa01ff6893a6b41eab18f0f
54f3576e7ffc518f70802ba82c0ed3cec8a51c865b0b436d3d36d664c429a3de

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:17:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 19:20:08 GMT
Expires: Mon, 10 Oct 2022 19:20:07 GMT
Etag: "27bffe0e73ced0d7eaa01ff6893a6b41eab18f0f"
Cache-Control: max-age=543172,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754dda705d3ffac8-OSL

mybetterck.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzx8Me0kzRtReLyT4nqgY4lXusdLy4zkOjvKPQlCz-mkqJ-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZg570qmhSob8o_2szb4ydpgXg034XLZA3sLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwfOw5OY8cfNVWFNoxbCKertEYtpwEjfuVnCdL4tZEo46lrkwoR7mL8GEkoNYKVdn6Rf8uOXI3CXybbtBC036cDg56-Kiuuts5uLj1oP5dHcnp7_q195LUGeGWVrQeUy_Cf0Sa8TYaTgSoynlrW84w10uEoc4psd6qclmwYMVLIt3mqvjnruW6kAyMcBxrV6g-2ZcTUlFhnFQnOKwfLeJL0xFY1V8SkfUMdkGoOwimacfDRa-QLXDYNP4pHrNTc2d6Fdb_LbGfvUh0D27VxxW12WyFNULLy3RUoeA41AROWbpy9o8ViyrTBCHRNFkP4AMj01XVga0Ne7wXArglNBDQET0NdgGT-OdMEgobweb-Qsqtvlp_SRrdR27Jzid7K4n4aYSC8u-GXNxVHDV8r4Uxb2n-OLLGhRs9WRv0wiQSxxd2gATlqNpPHfhq1NPCwLhL0bA4KCo99-iK2jOPC_VPHkngNwUNnOgL2hXmCL90sB1WX2-WvU1XrwpJCKT9ICyBmpOPkUT8dPWDbTwPfZS-XR9iTamOoQ5TpfbOKbz2vTFIWNxQfEGK2NhZ34qHIgK8me9OzW2uuKtrNMxV0zBatNKiHuUBUm_GU8bdX2pg1VmqqwTCJZxIbKeLU8x-pPrbZnhCVYFvB6Cvv5d6Gc1mRXC40bBa2Jau1oK0LzRSUlX47IZzrxgtChUx1LZmQmYP1_v2mE5S-FvnuFVWry4roQSbQXLplekM8xLrAXSqwXcR8YZcC-FfOmH_JkHChnAfy__VetOptHkw8mZomxqxInrmJOeRnuw5QWsZeVDaehPAxvoCgo1X2DGOtzShi6LesNabZfRSVHXANpyfx7sXm5__Aae8bX7qOeqwk9ENwlt55tECxBiCsDSSEby90wvN5fRMpfOqtRO5o6Z0JEfM65kSHR8wMseU5ImlzngRh5JhWFujM_vfbEH6Pp28hcq-ZWVz4kJ7UZnU8BR0AlMNvABIO6nmfWEcySD-n5C41lRu3omWTxk-cw3Yt7QzA_fIpNJsFBOeASBFyl5CHiJ2oN0d2jjb5nzO9XoBlkjl5Cew-wKs3XYIKtl6zmwxYmZRLjddtNgvdsvFKwAFgloip-ZQ5AdIgfoOE8JF80g8EcMMLluUHoZDmMjPOHSGnqiAQPBUOL4USEFwlhZkpbugoBh8FM1DolkmeDBEanPsRxxcTQtRPdux7T0LMSdHXhlfCTnoKjeRsT1oVj_Y6M0ygx1B5OinXJ07jwWRqw0hRPuqdSD7wWOz07EqwSc6YFL5yA0uQ-uN-pInKtMxGLpBojQ2QA1_qEvmKWLhbo1iIvAKiXhgV_Pj3EiFQr1p4g7WnC6yAAoqoyF7iMsdW4c3ZnPXxuXRQZyvqzcUaUCiIq1cfx0th3Q4kblrBsXid41MFqmAC6xKscOBwN-m2qfy2dr7ZXGd5YAlU39kf2AHeVzz8tGbE4uYSG_zkp394gsKUyv3JqvplwEknfhJXt0RRk8laoN4yf5MoK1GYgiI77a5BFx9nw9OAopx_SibtqvF1E8STB8_WdHSkuvXg4NO5_AXzXJe5ZDcTZi0A1M4GwCOi7N6AKaY2cPV5SIV-p6zYa3qQvnObIuih26Ce_wl-kGMnp5jlJ17o_n_VMWxhu8tILVVxMLY1zAVM3CN0Q-wJTu6AXYz7K4TxDcY0Ua4iunq3YN_0ZLzNDZADX-oS-aO91UovxzeRfQaTYYMFQxDEwrLEAaOW_juD4rZNeXej0uuri72txmT

108.168.193.189

302 Found

0 B

URL HTTP/2
mybetterck.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzx8Me0kzRtReLyT4nqgY4lXusdLy4zkOjvKPQlCz-mkqJ-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZg570qmhSob8o_2szb4ydpgXg034XLZA3sLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwfOw5OY8cfNVWFNoxbCKertEYtpwEjfuVnCdL4tZEo46lrkwoR7mL8GEkoNYKVdn6Rf8uOXI3CXybbtBC036cDg56-Kiuuts5uLj1oP5dHcnp7_q195LUGeGWVrQeUy_Cf0Sa8TYaTgSoynlrW84w10uEoc4psd6qclmwYMVLIt3mqvjnruW6kAyMcBxrV6g-2ZcTUlFhnFQnOKwfLeJL0xFY1V8SkfUMdkGoOwimacfDRa-QLXDYNP4pHrNTc2d6Fdb_LbGfvUh0D27VxxW12WyFNULLy3RUoeA41AROWbpy9o8ViyrTBCHRNFkP4AMj01XVga0Ne7wXArglNBDQET0NdgGT-OdMEgobweb-Qsqtvlp_SRrdR27Jzid7K4n4aYSC8u-GXNxVHDV8r4Uxb2n-OLLGhRs9WRv0wiQSxxd2gATlqNpPHfhq1NPCwLhL0bA4KCo99-iK2jOPC_VPHkngNwUNnOgL2hXmCL90sB1WX2-WvU1XrwpJCKT9ICyBmpOPkUT8dPWDbTwPfZS-XR9iTamOoQ5TpfbOKbz2vTFIWNxQfEGK2NhZ34qHIgK8me9OzW2uuKtrNMxV0zBatNKiHuUBUm_GU8bdX2pg1VmqqwTCJZxIbKeLU8x-pPrbZnhCVYFvB6Cvv5d6Gc1mRXC40bBa2Jau1oK0LzRSUlX47IZzrxgtChUx1LZmQmYP1_v2mE5S-FvnuFVWry4roQSbQXLplekM8xLrAXSqwXcR8YZcC-FfOmH_JkHChnAfy__VetOptHkw8mZomxqxInrmJOeRnuw5QWsZeVDaehPAxvoCgo1X2DGOtzShi6LesNabZfRSVHXANpyfx7sXm5__Aae8bX7qOeqwk9ENwlt55tECxBiCsDSSEby90wvN5fRMpfOqtRO5o6Z0JEfM65kSHR8wMseU5ImlzngRh5JhWFujM_vfbEH6Pp28hcq-ZWVz4kJ7UZnU8BR0AlMNvABIO6nmfWEcySD-n5C41lRu3omWTxk-cw3Yt7QzA_fIpNJsFBOeASBFyl5CHiJ2oN0d2jjb5nzO9XoBlkjl5Cew-wKs3XYIKtl6zmwxYmZRLjddtNgvdsvFKwAFgloip-ZQ5AdIgfoOE8JF80g8EcMMLluUHoZDmMjPOHSGnqiAQPBUOL4USEFwlhZkpbugoBh8FM1DolkmeDBEanPsRxxcTQtRPdux7T0LMSdHXhlfCTnoKjeRsT1oVj_Y6M0ygx1B5OinXJ07jwWRqw0hRPuqdSD7wWOz07EqwSc6YFL5yA0uQ-uN-pInKtMxGLpBojQ2QA1_qEvmKWLhbo1iIvAKiXhgV_Pj3EiFQr1p4g7WnC6yAAoqoyF7iMsdW4c3ZnPXxuXRQZyvqzcUaUCiIq1cfx0th3Q4kblrBsXid41MFqmAC6xKscOBwN-m2qfy2dr7ZXGd5YAlU39kf2AHeVzz8tGbE4uYSG_zkp394gsKUyv3JqvplwEknfhJXt0RRk8laoN4yf5MoK1GYgiI77a5BFx9nw9OAopx_SibtqvF1E8STB8_WdHSkuvXg4NO5_AXzXJe5ZDcTZi0A1M4GwCOi7N6AKaY2cPV5SIV-p6zYa3qQvnObIuih26Ce_wl-kGMnp5jlJ17o_n_VMWxhu8tILVVxMLY1zAVM3CN0Q-wJTu6AXYz7K4TxDcY0Ua4iunq3YN_0ZLzNDZADX-oS-aO91UovxzeRfQaTYYMFQxDEwrLEAaOW_juD4rZNeXej0uuri72txmT
IP
108.168.193.189:0
ASN
#36351 SOFTLAYER

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /aS/feedclick?s=HFz5zNIIs95ROWPasgEEzx8Me0kzRtReLyT4nqgY4lXusdLy4zkOjvKPQlCz-mkqJ-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZg570qmhSob8o_2szb4ydpgXg034XLZA3sLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwfOw5OY8cfNVWFNoxbCKertEYtpwEjfuVnCdL4tZEo46lrkwoR7mL8GEkoNYKVdn6Rf8uOXI3CXybbtBC036cDg56-Kiuuts5uLj1oP5dHcnp7_q195LUGeGWVrQeUy_Cf0Sa8TYaTgSoynlrW84w10uEoc4psd6qclmwYMVLIt3mqvjnruW6kAyMcBxrV6g-2ZcTUlFhnFQnOKwfLeJL0xFY1V8SkfUMdkGoOwimacfDRa-QLXDYNP4pHrNTc2d6Fdb_LbGfvUh0D27VxxW12WyFNULLy3RUoeA41AROWbpy9o8ViyrTBCHRNFkP4AMj01XVga0Ne7wXArglNBDQET0NdgGT-OdMEgobweb-Qsqtvlp_SRrdR27Jzid7K4n4aYSC8u-GXNxVHDV8r4Uxb2n-OLLGhRs9WRv0wiQSxxd2gATlqNpPHfhq1NPCwLhL0bA4KCo99-iK2jOPC_VPHkngNwUNnOgL2hXmCL90sB1WX2-WvU1XrwpJCKT9ICyBmpOPkUT8dPWDbTwPfZS-XR9iTamOoQ5TpfbOKbz2vTFIWNxQfEGK2NhZ34qHIgK8me9OzW2uuKtrNMxV0zBatNKiHuUBUm_GU8bdX2pg1VmqqwTCJZxIbKeLU8x-pPrbZnhCVYFvB6Cvv5d6Gc1mRXC40bBa2Jau1oK0LzRSUlX47IZzrxgtChUx1LZmQmYP1_v2mE5S-FvnuFVWry4roQSbQXLplekM8xLrAXSqwXcR8YZcC-FfOmH_JkHChnAfy__VetOptHkw8mZomxqxInrmJOeRnuw5QWsZeVDaehPAxvoCgo1X2DGOtzShi6LesNabZfRSVHXANpyfx7sXm5__Aae8bX7qOeqwk9ENwlt55tECxBiCsDSSEby90wvN5fRMpfOqtRO5o6Z0JEfM65kSHR8wMseU5ImlzngRh5JhWFujM_vfbEH6Pp28hcq-ZWVz4kJ7UZnU8BR0AlMNvABIO6nmfWEcySD-n5C41lRu3omWTxk-cw3Yt7QzA_fIpNJsFBOeASBFyl5CHiJ2oN0d2jjb5nzO9XoBlkjl5Cew-wKs3XYIKtl6zmwxYmZRLjddtNgvdsvFKwAFgloip-ZQ5AdIgfoOE8JF80g8EcMMLluUHoZDmMjPOHSGnqiAQPBUOL4USEFwlhZkpbugoBh8FM1DolkmeDBEanPsRxxcTQtRPdux7T0LMSdHXhlfCTnoKjeRsT1oVj_Y6M0ygx1B5OinXJ07jwWRqw0hRPuqdSD7wWOz07EqwSc6YFL5yA0uQ-uN-pInKtMxGLpBojQ2QA1_qEvmKWLhbo1iIvAKiXhgV_Pj3EiFQr1p4g7WnC6yAAoqoyF7iMsdW4c3ZnPXxuXRQZyvqzcUaUCiIq1cfx0th3Q4kblrBsXid41MFqmAC6xKscOBwN-m2qfy2dr7ZXGd5YAlU39kf2AHeVzz8tGbE4uYSG_zkp394gsKUyv3JqvplwEknfhJXt0RRk8laoN4yf5MoK1GYgiI77a5BFx9nw9OAopx_SibtqvF1E8STB8_WdHSkuvXg4NO5_AXzXJe5ZDcTZi0A1M4GwCOi7N6AKaY2cPV5SIV-p6zYa3qQvnObIuih26Ce_wl-kGMnp5jlJ17o_n_VMWxhu8tILVVxMLY1zAVM3CN0Q-wJTu6AXYz7K4TxDcY0Ua4iunq3YN_0ZLzNDZADX-oS-aO91UovxzeRfQaTYYMFQxDEwrLEAaOW_juD4rZNeXej0uuri72txmT HTTP/1.1
Host: mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=81412752446
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Tue, 04 Oct 2022 12:17:14 GMT
content-length: 0
set-cookie: rhid=81412752446; Max-Age=15552000; Expires=Sun, 02-Apr-2023 12:17:14 GMT; Domain=mybetterck.com; Path=/; SameSite=None; secure;
location: https://p274639.mybetterck.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDM0HWt4K4OmObMY0X3aHtrWsZKRstg7hyzVwJ2AuHbWvAtqT-5TpEkg77ve5nAyGvIsibpq-y6mfJ3z3-TZCmvr1ruVjoVFQX8TXNY-lOSXJq4aeyyabvT8zX8r3edJnKjw3mjMCYb4IeC0ZCwsSLbA8vC-IEblqM5sD_vVA1n525i4cGzeHeYbjOJsHVX4a7bw7yHWY6BM0tkozj-3M-OwYAjiClRhL0zxdvUdClQDIfFwA5c5LytX-vXIKYYFgK7rA7nR_FvrTByS1elyvCGETXnLPvbyStX_9b8ky2I1bKC7gQCEt6FVlqf_64l0Z6hpyy_YN0YQtpLSZmparWHUTxDcY0Ua4ivr4nvPsKvQNOYwwqJPWDKzNB1reCuDpjuUIwhEPFAsT6dGGqN2xFmoIfgDk7o_HvrFzJDPotUiZ1QlvVKC08ytv0-cfxRgHaSCijZY_SNQadM5ECUeELJfkQmjZE96sjp8DPbGbSNtJN0JJKTQdChujiGYQ-VGfM1BKQ8__OyXIgafZ9sDvHt0Fy9LbfW_6duFoOnPfBtp4eZJutMQjpTcuDi9ZpyJrxP09V6ZFcdrqcc3-XZakKfOEJwiKuJdU-dj1KaTVPBqbwqS_mk8O4Wsi-JGCATPNNaiLaoUOknGn&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3i8HGzZExOExjS5S8I15QwkaVMRp6dWf4jJJVuDLqLwcFl20wdZRzi_sjII46KDRJ_6EgtK3wmDUA&si=1&oref=bb0937fcab459606984b9026e0d41c6a&optunit=E8Q3GNFGuIplkkLEB146pQ&rb=LW_v4KVZAgI&rr=4&abtg=0
X-Firefox-Spdy: h2

p274639.mybetterck.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDM0HWt4K4OmObMY0X3aHtrWsZKRstg7hyzVwJ2AuHbWvAtqT-5TpEkg77ve5nAyGvIsibpq-y6mfJ3z3-TZCmvr1ruVjoVFQX8TXNY-lOSXJq4aeyyabvT8zX8r3edJnKjw3mjMCYb4IeC0ZCwsSLbA8vC-IEblqM5sD_vVA1n525i4cGzeHeYbjOJsHVX4a7bw7yHWY6BM0tkozj-3M-OwYAjiClRhL0zxdvUdClQDIfFwA5c5LytX-vXIKYYFgK7rA7nR_FvrTByS1elyvCGETXnLPvbyStX_9b8ky2I1bKC7gQCEt6FVlqf_64l0Z6hpyy_YN0YQtpLSZmparWHUTxDcY0Ua4ivr4nvPsKvQNOYwwqJPWDKzNB1reCuDpjuUIwhEPFAsT6dGGqN2xFmoIfgDk7o_HvrFzJDPotUiZ1QlvVKC08ytv0-cfxRgHaSCijZY_SNQadM5ECUeELJfkQmjZE96sjp8DPbGbSNtJN0JJKTQdChujiGYQ-VGfM1BKQ8__OyXIgafZ9sDvHt0Fy9LbfW_6duFoOnPfBtp4eZJutMQjpTcuDi9ZpyJrxP09V6ZFcdrqcc3-XZakKfOEJwiKuJdU-dj1KaTVPBqbwqS_mk8O4Wsi-JGCATPNNaiLaoUOknGn&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3i8HGzZExOExjS5S8I15QwkaVMRp6dWf4jJJVuDLqLwcFl20wdZRzi_sjII46KDRJ_6EgtK3wmDUA&si=1&oref=bb0937fcab459606984b9026e0d41c6a&optunit=E8Q3GNFGuIplkkLEB146pQ&rb=LW_v4KVZAgI&rr=4&abtg=0

108.168.193.189

302 Found

0 B

URL HTTP/2
p274639.mybetterck.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDM0HWt4K4OmObMY0X3aHtrWsZKRstg7hyzVwJ2AuHbWvAtqT-5TpEkg77ve5nAyGvIsibpq-y6mfJ3z3-TZCmvr1ruVjoVFQX8TXNY-lOSXJq4aeyyabvT8zX8r3edJnKjw3mjMCYb4IeC0ZCwsSLbA8vC-IEblqM5sD_vVA1n525i4cGzeHeYbjOJsHVX4a7bw7yHWY6BM0tkozj-3M-OwYAjiClRhL0zxdvUdClQDIfFwA5c5LytX-vXIKYYFgK7rA7nR_FvrTByS1elyvCGETXnLPvbyStX_9b8ky2I1bKC7gQCEt6FVlqf_64l0Z6hpyy_YN0YQtpLSZmparWHUTxDcY0Ua4ivr4nvPsKvQNOYwwqJPWDKzNB1reCuDpjuUIwhEPFAsT6dGGqN2xFmoIfgDk7o_HvrFzJDPotUiZ1QlvVKC08ytv0-cfxRgHaSCijZY_SNQadM5ECUeELJfkQmjZE96sjp8DPbGbSNtJN0JJKTQdChujiGYQ-VGfM1BKQ8__OyXIgafZ9sDvHt0Fy9LbfW_6duFoOnPfBtp4eZJutMQjpTcuDi9ZpyJrxP09V6ZFcdrqcc3-XZakKfOEJwiKuJdU-dj1KaTVPBqbwqS_mk8O4Wsi-JGCATPNNaiLaoUOknGn&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3i8HGzZExOExjS5S8I15QwkaVMRp6dWf4jJJVuDLqLwcFl20wdZRzi_sjII46KDRJ_6EgtK3wmDUA&si=1&oref=bb0937fcab459606984b9026e0d41c6a&optunit=E8Q3GNFGuIplkkLEB146pQ&rb=LW_v4KVZAgI&rr=4&abtg=0
IP
108.168.193.189:0
ASN
#36351 SOFTLAYER

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDM0HWt4K4OmObMY0X3aHtrWsZKRstg7hyzVwJ2AuHbWvAtqT-5TpEkg77ve5nAyGvIsibpq-y6mfJ3z3-TZCmvr1ruVjoVFQX8TXNY-lOSXJq4aeyyabvT8zX8r3edJnKjw3mjMCYb4IeC0ZCwsSLbA8vC-IEblqM5sD_vVA1n525i4cGzeHeYbjOJsHVX4a7bw7yHWY6BM0tkozj-3M-OwYAjiClRhL0zxdvUdClQDIfFwA5c5LytX-vXIKYYFgK7rA7nR_FvrTByS1elyvCGETXnLPvbyStX_9b8ky2I1bKC7gQCEt6FVlqf_64l0Z6hpyy_YN0YQtpLSZmparWHUTxDcY0Ua4ivr4nvPsKvQNOYwwqJPWDKzNB1reCuDpjuUIwhEPFAsT6dGGqN2xFmoIfgDk7o_HvrFzJDPotUiZ1QlvVKC08ytv0-cfxRgHaSCijZY_SNQadM5ECUeELJfkQmjZE96sjp8DPbGbSNtJN0JJKTQdChujiGYQ-VGfM1BKQ8__OyXIgafZ9sDvHt0Fy9LbfW_6duFoOnPfBtp4eZJutMQjpTcuDi9ZpyJrxP09V6ZFcdrqcc3-XZakKfOEJwiKuJdU-dj1KaTVPBqbwqS_mk8O4Wsi-JGCATPNNaiLaoUOknGn&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3i8HGzZExOExjS5S8I15QwkaVMRp6dWf4jJJVuDLqLwcFl20wdZRzi_sjII46KDRJ_6EgtK3wmDUA&si=1&oref=bb0937fcab459606984b9026e0d41c6a&optunit=E8Q3GNFGuIplkkLEB146pQ&rb=LW_v4KVZAgI&rr=4&abtg=0 HTTP/1.1
Host: p274639.mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=81412752446
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Tue, 04 Oct 2022 12:17:14 GMT
content-length: 0
set-cookie: rhid=81412752446; Max-Age=15552000; Expires=Sun, 02-Apr-2023 12:17:14 GMT; Domain=mybetterck.com; Path=/; SameSite=None; secure;
loi=ad_490233_off_142374_aff_3322_cid_274639-582298973-YZVY.COM_ts_1664885834; Max-Age=3600; Expires=Tue, 04-Oct-2022 13:17:14 GMT; Domain=mybetterck.com; Path=/; SameSite=None; secure;
location: https://myfood.ltd/?v=20171031&s1=0
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (31)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size