Report - pardaisybrohnny.com/46206b30-ca0a-4131-8ddb-2e4a342a2c08

Report Overview

Submitted URL
pardaisybrohnny.com/46206b30-ca0a-4131-8ddb-2e4a342a2c08
IP
18.196.84.70
ASN
#16509 AMAZON-02
Submitted
2023-03-23 05:52:17
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-26T11:13:51Z	965 B	52 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	2.7 kB	53 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-26T05:09:13Z	2.4 kB	6.2 kB	23.33.119.27
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	35.83.202.51
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	1.4 kB	2.8 kB	142.250.74.131
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-26T12:48:47Z	885 B	2.2 kB	142.250.74.138
ads-fortun365.top	unknown	2023-03-18T07:18:10Z	2023-03-25T09:12:33Z	7.6 kB	1.6 MB	103.164.173.2
pardaisybrohnny.com	unknown	2023-03-09T09:24:16Z	2023-03-26T05:20:45Z	387 B	742 B	18.196.84.70
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-26T05:09:18Z	1.2 kB	25 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-23 05:52:14	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	ads-fortun365.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-27
Pretty URL ads-fortun365.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-27 01:43:20 Times Seen31839 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	ads-fortun365.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-27
Pretty URL ads-fortun365.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen68686 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	ads-fortun365.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3	118 kB	2023-03-14	2024-01-06
Pretty URL ads-fortun365.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 06:08:00 Last Seen2024-01-06 03:24:59 Times Seen212 Hash 81122fb44af0fdc9adbcd3eb69413e25 1c59a33a7aef5f146c619c085e5e50319def1c6b b9507c103034b9303d50640dcd434f64c96a65d68e683a8670476b2f582db0f4 Loading...

	ads-fortun365.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4	4.4 kB	2023-03-07	2024-04-03
Pretty URL ads-fortun365.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:06 Last Seen2024-04-03 12:36:06 Times Seen397 Hash 0ff2a510dfadd3947f3aabe1686e38fc a7f6cff6c7dcfac41b9d5885d2305165f700bb30 2018b22912cd7897fef48bb1e0fbea67125f5a5f15a2c23714ad18431ddb6513 Loading...

	ads-fortun365.top/	445 B	2023-03-26	2023-03-26
Pretty URL ads-fortun365.top/ IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:43:17 Last Seen2023-03-26 14:43:17 Times Seen1 Hash 48f1d7ebff556199e325314e440e8bc6 280659639934e9de3d9b4c755d454f1216f176d4 4a81dc8c939db471fb6497de5e7e7314ab77d6aa468bc92ab7d69eacdf55c449 Loading...

	ads-fortun365.top/	2.2 kB	2023-03-26	2023-03-29
Pretty URL ads-fortun365.top/ IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:45:32 Last Seen2023-03-29 23:54:07 Times Seen6 Hash 7f596962b23046edc9766b4f9d59a4f8 1dcb9058365e2a66d34c310adaadfbeff8b0b746 ef7fd8521dd6956be27ddc58bdbfc67bcd3ce90533ef377f5844bb7d32695ac9 Loading...

	ads-fortun365.top/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-26
Pretty URL ads-fortun365.top/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:19:42 Times Seen38071 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

HTTP Transactions (44)

	URL	IP	Response	Size
	pardaisybrohnny.com/46206b30-ca0a-4131-8ddb-2e4a342a2c08	18.196.84.70	302	0 B
URL HTTP/1.1 pardaisybrohnny.com/46206b30-ca0a-4131-8ddb-2e4a342a2c08 IP 18.196.84.70:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /46206b30-ca0a-4131-8ddb-2e4a342a2c08 HTTP/1.1 Host: pardaisybrohnny.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Server: nginx Date: Thu, 23 Mar 2023 05:52:06 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://ads-fortun365.top Pragma: no-cache Set-Cookie: 46206b30-ca0a-4131-8ddb-2e4a342a2c08-v4=VQRqmf8_WtkHpBI-HXvD_djNqX8DIf1Z3ZeaRSm81ck; Max-Age=86400; Expires=Fri, 24-Mar-2023 05:52:06 GMT; Domain=pardaisybrohnny.com; Path=/; HttpOnly cc-v4=U%2FDNiCh8t88vczfNbIWIWJYwkOznu5M97JXq9%2FZ7LUHIHW%2FtbMKAazCR%2BGizza3ytKc7K9t0nyFdSDxFDIClEos9pl7m%2Fy9pLLfIHf8x%2BAWE1mEpUfDj7ccQyaBLH8JeDSSOisf91fyKPfBIwhhZbg%3D%3D; Max-Age=31536000; Expires=Fri, 22-Mar-2024 05:52:06 GMT; Domain=pardaisybrohnny.com; Path=/; HttpOnly

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bea3185dd820a31c1981317f37c3456d 1a548a5d27270fc11df9011837a7149571cedd78 469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9" Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2159 Expires: Thu, 23 Mar 2023 06:28:05 GMT Date: Thu, 23 Mar 2023 05:52:06 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 65fc860bc043f3fb83bdc3debdcd322d 418010755deae099ef1284e402813c5837a10f42 d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2920 Expires: Thu, 23 Mar 2023 06:40:46 GMT Date: Thu, 23 Mar 2023 05:52:06 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 23 Mar 2023 05:15:05 GMT content-type: application/json age: 2222 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dc2752d83fbed82852248898a132467a b27a6b4af2e07663a58cafb641513f7224c7a7c3 ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5" Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14997 Expires: Thu, 23 Mar 2023 10:02:04 GMT Date: Thu, 23 Mar 2023 05:52:07 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: J9/8jWEhq3Vtm1wGqU1oemci6kxSi80+I1Y6S3Gq3qkeVcEey79Wwl1UXB7qBM/thCmnRPA/VTM= x-amz-request-id: Z7V9KEAFVTSYJ0WJ x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 23 Mar 2023 04:53:55 GMT age: 3492 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 23 Mar 2023 05:52:07 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 23 Mar 2023 05:14:33 GMT age: 2254 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 050ca4dc2182e0a27573b0d9f32b7834 bec14dc5af0d0b32210470673511acd8db404308 b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF" Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8676 Expires: Thu, 23 Mar 2023 08:16:43 GMT Date: Thu, 23 Mar 2023 05:52:07 GMT Connection: keep-alive`

	push.services.mozilla.com/	35.83.202.51	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.83.202.51:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: zulux/OlykG6oiClBKNbow== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: DBK0CHUVgbrfjkBOclhG6jTssW8=`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 342da587101df62e3e8f03dc4a87f93d 897c40f31b24adf281b804bbca7f0ffba5b86816 f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 05:52:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500	142.250.74.138	200 OK	962 B
URL HTTP/2 fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500 IP 142.250.74.138:0 ASN #15169 GOOGLE File type data Size 962 B (962 bytes) Hash 47aadbb958f9e75718d985a47df23441 d406fad3d7ec66a25ff248de085fda94c8318ae7 e7585d0d5afb6e6e82106d8163933721c319bb373cff4b20cf764bcda5adbf0f HTTP Headers `GET /css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://ads-fortun365.top Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 23 Mar 2023 05:52:08 GMT date: Thu, 23 Mar 2023 05:52:08 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221679540236145%22	35.241.9.150	200 OK	22 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221679540236145%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (22067), with no line terminators Size 22 kB (22067 bytes) Hash 66d7595e58f44557aea08540f6bb5745 d8a73a93999098372d3be8faedafd1a77a12d36d 78f254ffeff646dfc07ab3a7150f9f2d66b8ce6f0ef0c618627def6b9221adef HTTP Headers `GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221679540236145%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 22067 via: 1.1 google date: Thu, 23 Mar 2023 05:02:00 GMT age: 3008 last-modified: Thu, 23 Mar 2023 02:57:16 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ads-fortun365.top/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	103.164.173.2	200 OK	12 kB
URL HTTP/2 ads-fortun365.top/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (47826) Size 12 kB (11616 bytes) Hash c4d7cc056b49b00e05cc29cc59aa3d5a 48c426bec60099d2a8628df430ed682c72aab42a 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5 HTTP Headers `GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: text/css last-modified: Fri, 11 Nov 2022 13:26:46 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 11616 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-includes/css/classic-themes.min.css?ver=1	103.164.173.2	200 OK	144 B
URL HTTP/2 ads-fortun365.top/wp-includes/css/classic-themes.min.css?ver=1 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text Size 144 B (144 bytes) Hash fcbd239f30d9a6dd1f3637f291143d37 2871bf7d98af3f43e42f7fa32808048e7134fabf c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144 HTTP Headers `GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: text/css last-modified: Tue, 25 Oct 2022 12:15:16 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 144 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	103.164.173.2	200 OK	4.6 kB
URL HTTP/2 ads-fortun365.top/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (15660) Size 4.6 kB (4619 bytes) Hash 0232689bd203f330529b36a437f41a68 9046583f7469ad38297969f10a9513eb895d5316 feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886 HTTP Headers `GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: application/javascript last-modified: Tue, 12 Apr 2022 04:26:24 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 4619 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/popularfx-templates/conceptial/style.css?ver=1.2.4	103.164.173.2	200 OK	994 B
URL HTTP/2 ads-fortun365.top/wp-content/uploads/popularfx-templates/conceptial/style.css?ver=1.2.4 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (1739) Size 994 B (994 bytes) Hash b97b5513c9dc6e7e8b1edea9124462aa dd7615b94eee6187555a912d3251fbcd046c88f3 6e5e155425f345ad92ff1499085e1ab0a8728bc51d2b8f4c779429921190493a HTTP Headers `GET /wp-content/uploads/popularfx-templates/conceptial/style.css?ver=1.2.4 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: text/css last-modified: Fri, 29 Oct 2021 09:03:48 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 994 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/themes/popularfx/sidebar.css?ver=1.2.4	103.164.173.2	200 OK	2.1 kB
URL HTTP/2 ads-fortun365.top/wp-content/themes/popularfx/sidebar.css?ver=1.2.4 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text Size 2.1 kB (2079 bytes) Hash 62416500b0cbbba154e971a4b6b03785 0c32dd557ca71e320e122474706e674e2214a598 783f6f461f167189cca10f5683fb1045eacf6c0255d8ee80302db6d13ebaa46e HTTP Headers `GET /wp-content/themes/popularfx/sidebar.css?ver=1.2.4 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: text/css last-modified: Wed, 15 Dec 2021 05:31:38 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 2079 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	103.164.173.2	200 OK	30 kB
URL HTTP/2 ads-fortun365.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (65447) Size 30 kB (30324 bytes) Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4 488e07695da787fed18361c50292aef35abb5e81 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef HTTP Headers `GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: application/javascript last-modified: Mon, 19 Sep 2022 12:46:24 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 30324 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	103.164.173.2	200 OK	4.0 kB
URL HTTP/2 ads-fortun365.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (11126) Size 4.0 kB (3995 bytes) Hash 7e058b51f939eacfa31cdface14dded5 9d732e5afdeb42edef9e1b9631b7e95e054787cc 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1 HTTP Headers `GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: application/javascript last-modified: Wed, 18 Nov 2020 07:36:06 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 3995 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4	103.164.173.2	200 OK	1.5 kB
URL HTTP/2 ads-fortun365.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text Size 1.5 kB (1529 bytes) Hash b551d4719e5bae3fe592fed521640655 09e3ef26d9f743221b03d7ca06434c0b6efcaed7 0f11ffb9985542721627f695ed0261cb5ef8466c1fc95cc13fdc3783516e7eda HTTP Headers `GET /wp-content/themes/popularfx/js/navigation.js?ver=1.2.4 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: application/javascript last-modified: Wed, 15 Dec 2021 05:31:38 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 1529 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 097d447e049e3b41f92a4695b1b0c3c7 f39c9ef8d22bee41d940bf719c75b2cfae9291d5 459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 05:52:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 097d447e049e3b41f92a4695b1b0c3c7 f39c9ef8d22bee41d940bf719c75b2cfae9291d5 459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 05:52:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2	216.58.207.227	200 OK	31 kB
URL HTTP/2 fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data Size 31 kB (31196 bytes) Hash ea2343c7dccad57360fb611d67204445 b603d9e68bb1ed5e4b33d5e31121160cb4d23452 2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc HTTP Headers `GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ads-fortun365.top Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 31196 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 18:05:11 GMT expires: Thu, 21 Mar 2024 18:05:11 GMT cache-control: public, max-age=31536000 last-modified: Mon, 11 Jul 2022 20:43:05 GMT content-type: font/woff2 age: 42418 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2	216.58.207.227	200 OK	19 kB
URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data Size 19 kB (19292 bytes) Hash 19007b17e56daa60133bce9e9b352a95 bac1384caeae5762e7a1d8c18037f69c8cd21bc4 fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546 HTTP Headers `GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ads-fortun365.top Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 19292 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 18:05:11 GMT expires: Thu, 21 Mar 2024 18:05:11 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:12:54 GMT content-type: font/woff2 age: 42418 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 097d447e049e3b41f92a4695b1b0c3c7 f39c9ef8d22bee41d940bf719c75b2cfae9291d5 459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 05:52:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9827 Expires: Thu, 23 Mar 2023 08:35:56 GMT Date: Thu, 23 Mar 2023 05:52:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9827 Expires: Thu, 23 Mar 2023 08:35:56 GMT Date: Thu, 23 Mar 2023 05:52:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9827 Expires: Thu, 23 Mar 2023 08:35:56 GMT Date: Thu, 23 Mar 2023 05:52:09 GMT Connection: keep-alive`

	ads-fortun365.top/wp-content/uploads/2023/03/Cool-Text-LAYANAN-CUSTOMER-SERVICE-ONLINE-24-JAM-431887858204093.png	103.164.173.2	200 OK	111 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/Cool-Text-LAYANAN-CUSTOMER-SERVICE-ONLINE-24-JAM-431887858204093.png IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type PNG image data, 2867 x 84, 8-bit/color RGBA, non-interlaced\012- data Size 111 kB (111421 bytes) Hash ef98ad0c4df3f1ebc5e1783ec3695972 70844ffce6df57b9ce270a3c1e7b2706ff5c6bea e0396bae9338bad1cbf6608233ea708411f3e12d6d183c89f05d1a545fece39b HTTP Headers `GET /wp-content/uploads/2023/03/Cool-Text-LAYANAN-CUSTOMER-SERVICE-ONLINE-24-JAM-431887858204093.png HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: image/png last-modified: Sat, 18 Mar 2023 07:10:48 GMT accept-ranges: bytes content-length: 111421 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10284 bytes) Hash 4e89d0b1281259e7399294fb5fa19d2b 5035ed41f497c97faefae9cdaf42dc07ab468557 f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10284 x-amzn-requestid: 646b9c7c-8874-46c4-b46b-acead73e2320 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CBFcVGu7IAMFsQg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6416b5e8-59436f1f66e52618400b47ff;Sampled=0 x-amzn-remapped-date: Sun, 19 Mar 2023 07:12:40 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: qYJy52mX-LR-k_ReZsbSoJZP7ZZzTPykWjX4OKtzJcIzJNBmzLEClw== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 07:29:06 GMT age: 80583 etag: "5035ed41f497c97faefae9cdaf42dc07ab468557" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d837d4e-ce18-46d7-b240-75b9b4a896bd.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d837d4e-ce18-46d7-b240-75b9b4a896bd.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (12642 bytes) Hash ba2db8d73f3c451a15890457345a7f44 fc3a53367d844a13ec4b9742fd86954e8c187245 da47b2bde2a7bbca671b6d39f193ff4aaf4ef64d7e6586a62a8c026094ade6c7 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d837d4e-ce18-46d7-b240-75b9b4a896bd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12642 x-amzn-requestid: 4bd678ba-79b1-4dc1-a58a-a7fe6e2e933b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CBFV8EQfoAMFs5A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6416b5bf-3a673c87370eede03c329782;Sampled=0 x-amzn-remapped-date: Sun, 19 Mar 2023 07:11:59 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: 7DW11CRYwJcnBjhBMu9dn7asNdVaQyWZ0D_xWiEHXHiuzdmLgq97wg== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 12:41:07 GMT age: 61862 etag: "fc3a53367d844a13ec4b9742fd86954e8c187245" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ads-fortun365.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3	103.164.173.2	200 OK	36 kB
URL HTTP/2 ads-fortun365.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type data Size 36 kB (35539 bytes) Hash 2554e8139685bd0ab6f178df07e68103 03c5133db1caa5b8d9fc954d4c08df3f721a3bdc 8d7d9b7b116dd2c77cb89241077b52bc1ad68fce23e1868c3f2a3b54068b8930 HTTP Headers GET /wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK x-powered-by: PHP/7.4.33 content-type: text/javascript; charset: UTF-8;charset=UTF-8 cache-control: must-revalidate last-modified: Tue, 07 Feb 2023 06:13:44 GMT vary: Accept-Encoding content-encoding: gzip date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc53a798-a34a-42ab-8422-1c44bdb2eb10.jpeg	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc53a798-a34a-42ab-8422-1c44bdb2eb10.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8627 bytes) Hash 7698afd0a4ca88c4243fc3aa2dd9a73d 53196f685136a144065ec98e3e14d0a7f43ceb8f 5afee347cacdbf5eedee36e2724daa66593d683cd8fb229e1f0630bbe69654ed HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc53a798-a34a-42ab-8422-1c44bdb2eb10.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8627 x-amzn-requestid: 80010893-2a19-4aba-840e-1f0ddf1a7ab7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B9xYBHN7oAMFltQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64156299-627689412a2fd5ee55261a59;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 07:04:57 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: c5OCkDugFqDzfYgE3qzFFPCpU0WqAvTEhM1CnDv6rGwrxc1I5qVsgQ== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 00:14:16 GMT age: 20273 etag: "53196f685136a144065ec98e3e14d0a7f43ceb8f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91bd3d66-c15a-489f-a066-7fc0aaa2f508.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91bd3d66-c15a-489f-a066-7fc0aaa2f508.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10034 bytes) Hash d6e44089e37d1db52bccdaa78bf9dc30 b5ba66ebc4e07d83bb698736a81a2b7316a0e178 91e722a8374fafc556911cf9767eb67107de540d96b3eb0f0932e131d99f2893 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91bd3d66-c15a-489f-a066-7fc0aaa2f508.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10034 x-amzn-requestid: 7975aeb0-15ce-45a7-a088-9bed5af69fc4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM8v9FAmoAMFjHQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b74cc-401b308c459c247e76ab5643;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:36:12 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: _ufXEBRTRJfvl5HnJG7iQi0bDdFc1PdTqWdncKQ6W9aO6rbmuaEgLA== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 00:32:22 GMT age: 19187 etag: "b5ba66ebc4e07d83bb698736a81a2b7316a0e178" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41bbfbe3-1afb-4b2c-8d39-af9e99722a89.jpeg	34.120.237.76	200 OK	6.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41bbfbe3-1afb-4b2c-8d39-af9e99722a89.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.0 kB (6035 bytes) Hash 68fdb372d6d3ea3765a2ee6c97d2dfe8 7c7158f69d78dc845790ca0a2aa53e5e299e61ab 7b175d018b420532c3e330e303be1bc0152fe0c872c4dfc191368037bf79b325 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41bbfbe3-1afb-4b2c-8d39-af9e99722a89.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6035 x-amzn-requestid: 53c1bcd9-37b0-4b11-b517-da351fae6032 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM8I8HdzoAMFUkA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b73d2-241bad59233aa0a02a37584c;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:32:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: ycTilkvASkvZPMGdQw45lF6oGPoPxCP9wmu1yn3b56As15Le36lyUQ== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:43:37 GMT etag: "7c7158f69d78dc845790ca0a2aa53e5e299e61ab" content-type: image/jpeg age: 29312 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887475361242.gif	103.164.173.2	200 OK	170 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887475361242.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 773 x 89\012- data Size 170 kB (169545 bytes) Hash 5a6159c8947fc2c03abdf81925774c5a 584e638e1f006dc27335e758070769c6e92d1864 c85d3ed3cda95f41e9459867277b4412cc5cc8c183dcf49c3730b7880483bac1 HTTP Headers `GET /wp-content/uploads/2023/03/cooltext431887475361242.gif HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: image/gif last-modified: Sat, 18 Mar 2023 07:00:07 GMT accept-ranges: bytes content-length: 169545 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887311676000.gif	103.164.173.2	200 OK	162 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887311676000.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 686 x 89\012- data Size 162 kB (161597 bytes) Hash e0b59ef6829b891992bf3fa1fbf32242 5f4526ffdab14f06e8c265b0e854eafe1d141d0d 74aa9d5fc04376f428cfe7d83cae3c8772b6cdae955da4766384326dd5aac1a8 HTTP Headers `GET /wp-content/uploads/2023/03/cooltext431887311676000.gif HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: image/gif last-modified: Sat, 18 Mar 2023 07:00:08 GMT accept-ranges: bytes content-length: 161597 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/Cool-Text-DEPOSIT-BANK-EWALLET-PULSA-DAN-QRIS-431887821925880.png	103.164.173.2	200 OK	111 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/Cool-Text-DEPOSIT-BANK-EWALLET-PULSA-DAN-QRIS-431887821925880.png IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type PNG image data, 2667 x 110, 8-bit/color RGBA, non-interlaced\012- data Size 111 kB (111317 bytes) Hash 2d030ed2342ffa4ac1f2b26564067065 ba94d6402a9a892250a5d9486e730934f1bdbe67 686772f4a7f4d3d81c3a7413f2bd7e20d2c3836a0e2411a1a824e4b2ab0ee0c5 HTTP Headers `GET /wp-content/uploads/2023/03/Cool-Text-DEPOSIT-BANK-EWALLET-PULSA-DAN-QRIS-431887821925880.png HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: image/png last-modified: Sat, 18 Mar 2023 07:09:17 GMT accept-ranges: bytes content-length: 111317 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887538764618.gif	103.164.173.2	200 OK	151 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887538764618.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 609 x 89\012- data Size 151 kB (151248 bytes) Hash 7b89b9701b1c0f3d39e6477198a822f9 30c2dd12fca7d1d54c1b4981f2cf97a1ab01b898 601e50f96fae749f673d854efca244d4c568be7faba405f1b3e60c230952a1da HTTP Headers `GET /wp-content/uploads/2023/03/cooltext431887538764618.gif HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: image/gif last-modified: Sat, 18 Mar 2023 07:01:35 GMT accept-ranges: bytes content-length: 151248 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/cooltext431888053133020.gif	103.164.173.2	200 OK	273 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/cooltext431888053133020.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 821 x 108\012- data Size 273 kB (272911 bytes) Hash 7c8f59be988f08bb29dbd6ae12519d41 78c895ec51555c59a318b2c9858322077b25a499 a08c7fd961490584e629347daca8edff7e1411249d3dc23125b5562575e81ad9 HTTP Headers `GET /wp-content/uploads/2023/03/cooltext431888053133020.gif HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: image/gif last-modified: Sat, 18 Mar 2023 07:15:53 GMT accept-ranges: bytes content-length: 272911 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/fortungif2.gif	103.164.173.2	200 OK	554 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/fortungif2.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 480 x 720\012- data Size 554 kB (553973 bytes) Hash b61d58375f79523dd9313cdcc6c64737 130fb2cc591caef761c7e41ccf41eebcde513b82 532d2f1ad21f443cd7e05b58e26bdc1a96e49a065ca8b6fbd1063cc287fa6913 HTTP Headers `GET /wp-content/uploads/2023/03/fortungif2.gif HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 30 Mar 2023 05:52:08 GMT content-type: image/gif last-modified: Sat, 18 Mar 2023 07:04:10 GMT accept-ranges: bytes content-length: 553973 date: Thu, 23 Mar 2023 05:52:08 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500&ver=1.7.3	142.250.74.138	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500&ver=1.7.3 IP 142.250.74.138:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500&ver=1.7.3 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 23 Mar 2023 05:52:08 GMT date: Thu, 23 Mar 2023 05:52:08 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ads-fortun365.top/	103.164.173.2	200 OK	0 B
URL HTTP/2 ads-fortun365.top/ IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type Size 0 B (0 bytes) Hash HTTP Headers `GET / HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK x-powered-by: PHP/7.4.33 content-type: text/html; charset=UTF-8 link: <https://ads-fortun365.top/wp-json/>; rel="https://api.w.org/", <https://ads-fortun365.top/wp-json/wp/v2/pages/31>; rel="alternate"; type="application/json", <https://ads-fortun365.top/>; rel=shortlink content-encoding: br vary: Accept-Encoding date: Thu, 23 Mar 2023 05:52:07 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (44)

URL HTTP/1.1

IP

ASN

File type