Report - www.mediacdnc.com/go/145c2240-ceb9-450b-8365-30698b4e999c

Report Overview

Submitted URL
www.mediacdnc.com/go/145c2240-ceb9-450b-8365-30698b4e999c
IP
3.70.16.242
ASN
#16509 AMAZON-02
Submitted
2022-12-04 22:39:10
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.mediacdnc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	2.3 kB	3.70.16.242
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.38.240
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
deehalig.net	105256	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	303 B	139.45.197.251
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
televivo.online	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.0 kB	188 kB	194.135.87.58

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	www.mediacdnc.com/go/145c2240-ceb9-450b-8365-30698b4e999c	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	deehalig.net	Sinkholed

JavaScript (10)

	URL	Size	First Seen	Last Seen
	televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0	239 B	2023-03-07	2024-01-20
Pretty URL televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0 IP 194.135.87.58 ASN #212531 UAB Interneto vizija Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:16 Last Seen2024-01-20 16:12:20 Times Seen59 Hash d490d996b74974be4c388cf23a49e386 81fef201bc12e4a77fdffadf162d6387e58bf574 f5d34c9997e01fd2302612d68271d047c6ebc0bdeaec6d803f30d58204954bef Loading...

	televivo.online/my/fortune/maxis/js/jquery.min.js	96 kB	2023-03-07	2024-04-24
Pretty URL televivo.online/my/fortune/maxis/js/jquery.min.js IP 194.135.87.58 ASN #212531 UAB Interneto vizija Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-24 08:23:00 Times Seen18502 Hash 8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Loading...

	televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0	3.1 kB	2023-03-08	2023-03-08
Pretty URL televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0 IP 194.135.87.58 ASN #212531 UAB Interneto vizija Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:20:13 Last Seen2023-03-08 16:20:13 Times Seen1 Hash 1c7ddcad563f6ade179c6b41a2529e9f 75368b244f7658c436b4257586c5b40e664734a2 2f6a20b9c42ce05c4cd13c58073c457d4b64dbc6234fda6adb0cb88b72140bcd Loading...

	televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0	86 B	2023-03-08	2023-03-08
Pretty URL televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0 IP 194.135.87.58 ASN #212531 UAB Interneto vizija Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:55:47 Last Seen2023-03-08 21:30:27 Times Seen1 Hash dce45700a0ae72189e9dac448d9b04ef be31259b9c3996be04395f258a82483d6ec6c1fb bb8e2b50a7ed05e8188f22318027f08566fb0063b22e3fa9f8ff288b9289c3f3 Loading...

	deehalig.net/pfe/current/micro.tag.min.js?z=5225827&sw=/sw-check-permissions-f820d.js	40 kB	2023-03-08	2023-03-11
Pretty URL deehalig.net/pfe/current/micro.tag.min.js?z=5225827&sw=/sw-check-permissions-f820d.js IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:06 Last Seen2023-03-11 23:52:00 Times Seen1 Hash bbda4d4cb1cb04651668ac9894355eb7 beb26013c4507a5eaf4a6c233a269e064afc0e73 ec3ddcca3167f811aea26c32d2c02e740b4c24511832f44b7db960e993be37f4 Loading...

	televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0	102 B	2023-03-08	2023-03-08
Pretty URL televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0 IP 194.135.87.58 ASN #212531 UAB Interneto vizija Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:20:13 Last Seen2023-03-08 16:20:13 Times Seen1 Hash 1ea310e45e849cdabf84b0717485cc1d 3956d14dfaef6ab9b85c45351b6efa156e0d261b 7923453e7d4064f984c2ad103d52c4559d6dddcfb63442bbafa5ee4d41d8ef21 Loading...

	televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0	182 B	2023-03-08	2023-12-29
Pretty URL televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0 IP 194.135.87.58 ASN #212531 UAB Interneto vizija Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:33 Last Seen2023-12-29 16:46:32 Times Seen29 Hash 38bf3f88c5a658222caf45d6498cbe16 2d8fc2a6fa4186081288fbdadce7305769cadbed 32a23f101c3a2cc2c6a80cba0a1d28ab84fb2b3561687c02479997a8ac045a2d Loading...

	televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0	420 B	2023-03-07	2024-01-20
Pretty URL televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0 IP 194.135.87.58 ASN #212531 UAB Interneto vizija Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:16 Last Seen2024-01-20 16:12:20 Times Seen72 Hash d1ae170da67246acaeb413963428fc85 bfe386f1c798e6f6d2e97275f98a546d07f77c51 d732a8d5d3b902e7a75f0d20dd542491a2983eba8fe6dcff1cb312e319a53424 Loading...

	televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0	434 B	2023-03-08	2023-03-14
Pretty URL televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0 IP 194.135.87.58 ASN #212531 UAB Interneto vizija Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:33 Last Seen2023-03-14 12:32:28 Times Seen1 Hash 0ea697cd7023d71ff8961117960cf771 ecad5fdb93f13e41fd7508206fc7def4b07e299e ed93989fb029351cd12ee07986cc8068ec71a9c57aca367485038dfe1b3d5e26 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2babe4dfd1d177fad772d20b9b1e47d2	79 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 16:20:13 Last Seen2023-03-08 16:20:13 Times Seen1 Hash 2babe4dfd1d177fad772d20b9b1e47d2 b1ccd7adfba63ea7365104b857a39bc69d68e6ad 659451970aa7a87aa21b800eeaf285f37fcf54c18b763ce308cf3d8f2bdbed64 Loading...

HTTP Transactions (35)

URL IP Response Size

www.mediacdnc.com/go/145c2240-ceb9-450b-8365-30698b4e999c

3.70.16.242

302 Found

742 B

URL HTTP/1.1
www.mediacdnc.com/go/145c2240-ceb9-450b-8365-30698b4e999c
IP
3.70.16.242:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (742), with no line terminators
Size
742 B (742 bytes)
Hash
159ef4a6632813bd93c7d9be6f060440
a4a411f7c3282cd55baa1be18d24c7cdeba0ad6e
81d39796275e045c9370227eb4af1b5fd25c68a7af4ad248eacf1a086b84bc3b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/145c2240-ceb9-450b-8365-30698b4e999c HTTP/1.1
Host: www.mediacdnc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: openresty
Date: Sun, 04 Dec 2022 22:38:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 742
Connection: keep-alive
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
Location: https://televivo.online/my/fortune/maxis?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
Set-Cookie: bemob-uniq-visit:145c2240-ceb9-450b-8365-30698b4e999c=1; Domain=www.mediacdnc.com; Path=/; Expires=Mon, 05 Dec 2022 22:38:59 GMT; HttpOnly
bemob-rotation:145c2240-ceb9-450b-8365-30698b4e999c:random:f69c816ed750f1250260f898266baf1d=0-3-0; Domain=www.mediacdnc.com; Path=/; Expires=Mon, 05 Dec 2022 22:38:59 GMT; HttpOnly
bemob-track-url=https%3A%2F%2Ftelevivo.online%2Fmy%2Ffortune%2Fmaxis%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%253D%253D%26ccc%3DNO%26ppp%3DPropellerAds%253A%2520Push%2520Notifications%26tdom%3Dwww.mediacdnc.com%26bemobdata%3Dc%253D145c2240-ceb9-450b-8365-30698b4e999c..l%253D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%253D0..b%253D0; Domain=www.mediacdnc.com; Path=/; Expires=Mon, 05 Dec 2022 22:38:59 GMT; HttpOnly
Vary: Accept
X-Response-Time: 9.163ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3846
Expires: Sun, 04 Dec 2022 23:43:05 GMT
Date: Sun, 04 Dec 2022 22:38:59 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2218
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:38:59 GMT
Last-Modified: Sun, 04 Dec 2022 22:02:01 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4365
Expires: Sun, 04 Dec 2022 23:51:44 GMT
Date: Sun, 04 Dec 2022 22:38:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 22:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1235
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: nDGNjqzSP47A3vsOoa84vD2cBsu+bpzFevxx/VAciBfV8ziJcTDmdvQlbLojY56zn5G6eMC4G9w=
x-amz-request-id: KEV89HDX6VG07XD1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 21:47:43 GMT
age: 3076
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:38:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0dc48c4a327d11701ed7d42a6d584f31
c9ae9394f252f473bd876cb5f4088839dab74c27
8c30e8f7ac4689a3b77d1f9b8bc51faa9fe96a686205eb5065d0feac72b06c76

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C30E8F7AC4689A3B77D1F9B8BC51FAA9FE96A686205EB5065D0FEAC72B06C76"
Last-Modified: Sun, 04 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Mon, 05 Dec 2022 04:38:49 GMT
Date: Sun, 04 Dec 2022 22:38:59 GMT
Connection: keep-alive

televivo.online/my/fortune/maxis?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0

194.135.87.58

301 Moved Permanently

558 B

URL HTTP/2
televivo.online/my/fortune/maxis?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (400)
Size
558 B (558 bytes)
Hash
f1e6e956121ef762486e75b782e2fc96
fea81bf853565f2f2b5ea101b684388a53f2008f
05cf640d35a381c92c2520204a218492c01f7a54ffbd7bc898728662abcc6447

HTTP Headers

GET /my/fortune/maxis?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0 HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Sun, 04 Dec 2022 22:38:59 GMT
server: Apache
location: https://televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
content-length: 558
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

televivo.online/my/fortune/maxis/images/refresh.png

194.135.87.58

200 OK

1.6 kB

URL HTTP/2
televivo.online/my/fortune/maxis/images/refresh.png
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type
PNG image data, 60 x 54, 8-bit/color RGB, non-interlaced\012- data
Size
1.6 kB (1636 bytes)
Hash
d99fc136124666d07dcd92ee9b57ab11
2da33147905803cba909fb0f6118a19934127339
b0947ebbd1659de62310b214d9752e9625147e43ac1c271d2a9bb68e881221ff

HTTP Headers

GET /my/fortune/maxis/images/refresh.png HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:00 GMT
server: Apache
last-modified: Sat, 03 Dec 2022 13:26:08 GMT
etag: "664-5eeec65a2a21e"
accept-ranges: bytes
content-length: 1636
cache-control: max-age=604800
expires: Sun, 11 Dec 2022 22:39:00 GMT
content-type: image/png
X-Firefox-Spdy: h2

televivo.online/my/fortune/maxis/images/logo.png

194.135.87.58

200 OK

3.5 kB

URL HTTP/2
televivo.online/my/fortune/maxis/images/logo.png
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type
PNG image data, 312 x 90, 8-bit colormap, non-interlaced\012- data
Size
3.5 kB (3545 bytes)
Hash
abc25f4a6a721d72f1557f3697a791c6
e34e2caac8f4562dce3f1ad48afe42265e2680a8
0868c8bf3380484eeb2e17651022a5ae460c06cd1816345e4723e4fb685dc840

HTTP Headers

GET /my/fortune/maxis/images/logo.png HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:00 GMT
server: Apache
last-modified: Sat, 03 Dec 2022 13:26:08 GMT
etag: "dd9-5eeec65a2d8ce"
accept-ranges: bytes
content-length: 3545
cache-control: max-age=604800
expires: Sun, 11 Dec 2022 22:39:00 GMT
content-type: image/png
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2211
Cache-Control: max-age=126282
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:39:00 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:43:42 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 22:11:19 GMT
cache-control: public,max-age=3600
age: 1661
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

televivo.online/my/fortune/maxis/css/amazon.css

194.135.87.58

200 OK

1.4 kB

URL HTTP/2
televivo.online/my/fortune/maxis/css/amazon.css
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type
CSV text\012- , ASCII text
Size
1.4 kB (1417 bytes)
Hash
2b377b677749958f83d942a13e3a790b
02a72c111604dbdaa66f94c370a856e4467346da
453c7de363ea54fb142b464507e659f818b4b72f760a87e3e39b3322b630fce1

HTTP Headers

GET /my/fortune/maxis/css/amazon.css HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:00 GMT
server: Apache
last-modified: Sat, 03 Dec 2022 13:26:08 GMT
etag: "13d0-5eeec659feeb4-gzip"
accept-ranges: bytes
cache-control: max-age=604800
expires: Sun, 11 Dec 2022 22:39:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1417
content-type: text/css
X-Firefox-Spdy: h2

televivo.online/my/fortune/maxis/images/gift.gif

194.135.87.58

200 OK

16 kB

URL HTTP/2
televivo.online/my/fortune/maxis/images/gift.gif
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type
GIF image data, version 89a, 100 x 100\012- data
Size
16 kB (15606 bytes)
Hash
573c467d7a0b1c4c009ba98927dfa335
78d9c7efaeed568b74f1e4d1b4eb67e51dbbb9f1
c4f1d8867d03d437694f1cac0c9df3a7f5006fb8df474023bfa1d78f88843ce8

HTTP Headers

GET /my/fortune/maxis/images/gift.gif HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:00 GMT
server: Apache
last-modified: Sat, 03 Dec 2022 13:26:08 GMT
etag: "3cf6-5eeec65a1ac05"
accept-ranges: bytes
content-length: 15606
cache-control: max-age=604800
expires: Sun, 11 Dec 2022 22:39:00 GMT
content-type: image/gif
X-Firefox-Spdy: h2

televivo.online/my/fortune/maxis/images/ip7.png

194.135.87.58

200 OK

58 kB

URL HTTP/2
televivo.online/my/fortune/maxis/images/ip7.png
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type
PNG image data, 200 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
58 kB (57621 bytes)
Hash
d0f24523749ae712be55bbd1156c8912
2fe99223257db03a4ef8ef1260f4bae3ceb60dda
859515bd032db0ca5e82784387c320814718a5f69132ba8b536ceabeaf0eecbf

HTTP Headers

GET /my/fortune/maxis/images/ip7.png HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:00 GMT
server: Apache
last-modified: Sat, 03 Dec 2022 13:26:08 GMT
etag: "e115-5eeec65a24075"
accept-ranges: bytes
content-length: 57621
cache-control: max-age=604800
expires: Sun, 11 Dec 2022 22:39:00 GMT
content-type: image/png
X-Firefox-Spdy: h2

televivo.online/my/fortune/maxis/images/spin3.png

194.135.87.58

200 OK

71 kB

URL HTTP/2
televivo.online/my/fortune/maxis/images/spin3.png
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type
PNG image data, 330 x 330, 8-bit/color RGBA, non-interlaced\012- data
Size
71 kB (71036 bytes)
Hash
df6d51073d4a1c69d74aec2b6a791705
304b3714fc6c548ba0edc2a0a6e0633d0887920b
35add796ed85dab9e86653571671e37b955061952c3f12335df5c7529af0f29e

HTTP Headers

GET /my/fortune/maxis/images/spin3.png HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:00 GMT
server: Apache
last-modified: Sat, 03 Dec 2022 13:26:08 GMT
etag: "1157c-5eeec65a332a6"
accept-ranges: bytes
content-length: 71036
cache-control: max-age=604800
expires: Sun, 11 Dec 2022 22:39:00 GMT
content-type: image/png
X-Firefox-Spdy: h2

televivo.online/my/fortune/maxis/js/jquery.min.js

194.135.87.58

200 OK

33 kB

URL HTTP/2
televivo.online/my/fortune/maxis/js/jquery.min.js
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type
ASCII text, with very long lines (32341)
Size
33 kB (33369 bytes)
Hash
a455443006938869e740a38df8640ada
869bd24af8e61e2c6b23cf158853505d5fe7afc2
685bd4372d5eca42e9dae6db1678618e08d2ca201bc4e7525adabc20021338b5

HTTP Headers

GET /my/fortune/maxis/js/jquery.min.js HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:00 GMT
server: Apache
last-modified: Sat, 03 Dec 2022 13:26:08 GMT
etag: "1787d-5eeec65a4f7c7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 33369
content-type: application/javascript
X-Firefox-Spdy: h2

televivo.online/my/fortune/maxis/spin_prize2.png

194.135.87.58

404 Not Found

196 B

URL HTTP/2
televivo.online/my/fortune/maxis/spin_prize2.png
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

HTTP Headers

GET /my/fortune/maxis/spin_prize2.png HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 04 Dec 2022 22:39:00 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

televivo.online/favicon.ico

194.135.87.58

404 Not Found

196 B

URL HTTP/2
televivo.online/favicon.ico
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 04 Dec 2022 22:39:00 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.163.38.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.38.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UYOfzYi4j/5Qhzv63w1Uxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XKIMWwnx11+YmPJ0eGGLcNwlJf4=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9078
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:39:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9078
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:39:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9078
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:39:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9078
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:39:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9078
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:39:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5209 bytes)
Hash
8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pFKMx6_a5Ml_dBK1dafOt4KFMeC5SwUqNlNpc8sO4DVj0Ocb2Yksrw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:45:46 GMT
age: 67995
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9825 bytes)
Hash
37b58bb09c00b591c2819c89e371d927
aa487f4a7767cb4591fe620592da65bde90c0aa2
9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJYTPoArDEx6lR34nZ3DPCAtuWr2lW5qybqaGAu1gSQVdfRq8zlhOg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 2518
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6173 bytes)
Hash
3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZjAfnCIfBIkjjk0E62TZ7bHsCTUhJk9Wm_wIyhnUNvhgXja5ELfC4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 3046
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12830 bytes)
Hash
5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2jx-M9MgKrJXU4yYsJzWqNXwruIGhFNWkD7GcPdqddnEzcNgFw2luw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:27:17 GMT
age: 69104
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6826 bytes)
Hash
a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 3130
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Og6pnDOmEW5oc9EtvKD8BtBojepI-ZSde8xxYGThfF6QNl-ZTQWqQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 3195
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d034cbf43941949ec7c95f01a6049da2
6abe0e3fa586d36e5203ca2319cff6f5330cf57b
70a649bcc572267c70eac7e248550acfeaff16df3aa8aa9ba747a12b086fcd0b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70A649BCC572267C70EAC7E248550ACFEAFF16DF3AA8AA9BA747A12B086FCD0B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5587
Expires: Mon, 05 Dec 2022 00:12:09 GMT
Date: Sun, 04 Dec 2022 22:39:02 GMT
Connection: keep-alive

televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0

194.135.87.58

200 OK

0 B

URL HTTP/2
televivo.online/my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0
IP
194.135.87.58:0
ASN
#212531 UAB Interneto vizija

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /my/fortune/maxis/?key=eyJ0aW1lc3RhbXAiOiIxNjcwMTkzNTM5IiwiaGFzaCI6IjU0MWVlODc5OTQ2ZTIzMjg3Y2Y1OTNjYTg4M2EzMWRkNjcxOTM1ODIifQ%3D%3D&ccc=NO&ppp=PropellerAds%3A%20Push%20Notifications&tdom=www.mediacdnc.com&bemobdata=c%3D145c2240-ceb9-450b-8365-30698b4e999c..l%3D3b8f9685-c26e-4492-9335-6b70cb5c3964..a%3D0..b%3D0 HTTP/1.1
Host: televivo.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:38:59 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
X-Firefox-Spdy: h2

deehalig.net/pfe/current/micro.tag.min.js?z=5225827&sw=/sw-check-permissions-f820d.js

139.45.197.251

200 OK

0 B

URL HTTP/2
deehalig.net/pfe/current/micro.tag.min.js?z=5225827&sw=/sw-check-permissions-f820d.js
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=5225827&sw=/sw-check-permissions-f820d.js HTTP/1.1
Host: deehalig.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://televivo.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:39:02 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-9a87"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations