Report - ausu.lol/

Report Overview

Submitted URL
ausu.lol/
IP
103.26.92.45
ASN
#138959 Telekomunikasi Indonesia International Hong Kong Limited
Submitted
2023-02-14 09:43:20
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	1.2 kB	144 kB	142.250.74.168
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	366 B	29 kB	31.13.72.12
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	765 B	1.8 kB	142.250.74.2
static.ads-twitter.com	614	2018-06-24T00:08:39Z	2023-03-13T05:25:18Z	357 B	16 kB	151.101.84.157
www.recaptcha.net	2060	2012-07-11T16:32:37Z	2023-03-13T06:24:11Z	378 B	1.1 kB	142.250.74.131
t.co	569	2012-07-25T21:09:44Z	2023-03-13T05:25:19Z	710 B	593 B	104.244.42.69
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
m.stripe.network	1204	2017-05-17T17:53:13Z	2023-03-13T05:20:40Z	487 B	1.6 kB	151.101.192.176
trc-events.taboola.com	1779	2020-06-09T15:52:57Z	2023-03-13T05:18:26Z	599 B	357 B	141.226.228.48
unphionetor.com	54035	2022-02-11T13:53:49Z	2023-03-13T05:31:17Z	829 B	1.4 kB	139.45.197.236
cdn.taboola.com	1040	2013-07-20T01:48:03Z	2023-03-13T05:18:23Z	370 B	19 kB	151.101.193.44
trc.taboola.com	602	2012-12-27T12:54:42Z	2023-03-13T05:18:24Z	1.2 kB	554 B	151.101.193.44
propeller-tracking.com	187053	2020-04-16T10:57:14Z	2023-03-13T05:11:40Z	364 B	728 B	139.45.197.240
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	963 B	172.64.155.188
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.0 kB	4.0 kB	93.184.220.29
js.stripe.com	1149	2012-09-30T14:39:23Z	2023-03-13T05:20:37Z	1.3 kB	123 kB	151.101.192.176
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	52 kB	34.120.237.76
script.hotjar.com	887	2020-11-05T17:23:46Z	2023-03-13T07:54:54Z	377 B	69 kB	54.230.111.73
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.162.52.254
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.4 kB	7.0 kB	142.250.74.131
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	753 B	439 B	216.239.32.36
static.hotjar.com	641	2014-11-01T06:14:27Z	2023-03-13T05:12:51Z	370 B	632 B	54.230.111.8
ausu.lol	unknown	2022-08-08T11:12:17Z	2023-03-05T03:04:13Z	778 B	3.4 kB	103.26.92.45
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-14	medium	unphionetor.com	Sinkholed
2023-02-14	medium	unphionetor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	ausu.lol/	642 B	2023-03-07	2023-11-04
Pretty URL ausu.lol/ IP 103.26.92.45 ASN #138959 Telekomunikasi Indonesia International Hong Kong Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:06 Last Seen2023-11-04 04:30:09 Times Seen13 Hash 3d253638afcdb86b9ed16352b69af92b 09149c55c01d79a7df9309b2cec7f8f688ce4f64 7e7d286d0356a2c3af55741e6f33e366a6608a258328ecde48671edc76d7ec72 Loading...

	ausu.lol/	422 B	2023-03-07	2024-04-13
Pretty URL ausu.lol/ IP 103.26.92.45 ASN #138959 Telekomunikasi Indonesia International Hong Kong Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:06 Last Seen2024-04-13 15:30:52 Times Seen37 Hash 7c2f67e844a4b3ea46e4532aabb53231 d3b212a6ec736bd9239a684ccef070e1eefb75e2 abd631e528da051ac3e0c1e69586a9524aebfa95cda1dbe3fd4deb41c45121cc Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-11-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:47:19 Last Seen2023-11-17 16:32:25 Times Seen5 Hash beca88e7d9125b63f58be285031b0930 08cda009ebdf601f0ffe06b0ee3065fff2fb105b c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-20
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-20 17:48:03 Times Seen4329 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	cdn.taboola.com/libtrc/unip/1466290/tfa.js	60 kB	2023-03-13	2023-03-14
Pretty URL cdn.taboola.com/libtrc/unip/1466290/tfa.js IP 151.101.193.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:56:08 Last Seen2023-03-14 01:45:35 Times Seen1 Hash 34de4b4c5ad588a94c503b90a190043f cea7d7317f720c5c3abcde16fbb1eaa6d86fe9f0 1010132d7e337f37b3eb1f94884e4136a76144eaaaba7436ad38ad813daf122b Loading...

	ausu.lol/	389 B	2023-03-07	2023-11-04
Pretty URL ausu.lol/ IP 103.26.92.45 ASN #138959 Telekomunikasi Indonesia International Hong Kong Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:06 Last Seen2023-11-04 04:30:09 Times Seen13 Hash 51b379bb0c2ffee83f015653b761d764 bf5e21fc1d6c28d3c9a8b2d54cb485b2b57de011 23d52386f08ddf67f9c8760d886ad76acf602867c2b25549cc7caeb009583114 Loading...

	ausu.lol/	167 B	2023-03-07	2023-11-04
Pretty URL ausu.lol/ IP 103.26.92.45 ASN #138959 Telekomunikasi Indonesia International Hong Kong Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:06 Last Seen2023-11-04 04:30:09 Times Seen13 Hash 86b9e06b1c28fcea498789dce3e599f0 83dba0b0ecb46a13a2313b451d73f5481aa4dbca 160fd21eb24c70fb270abcfe9448c12df9188e6172b7e4566ee98fc6bcd8f060 Loading...

	ausu.lol/	471 B	2023-03-07	2023-11-04
Pretty URL ausu.lol/ IP 103.26.92.45 ASN #138959 Telekomunikasi Indonesia International Hong Kong Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:06 Last Seen2023-11-04 04:30:09 Times Seen13 Hash 022f7bf207e91d6448254824dbd7603a 7082b7c0016c72836361a1396bd062966565f3fd adf4ef2a974bf91848772805e4d20c9948acfc8c185fc8943c1bf5bdc2ffa53e Loading...

	propeller-tracking.com/fv.js?t=91032	5.2 kB	2023-03-07	2024-04-24
Pretty URL propeller-tracking.com/fv.js?t=91032 IP 139.45.197.240 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-24 01:48:23 Times Seen2355 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 07:49:27 Times Seen37056531 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js	9.0 kB	2023-03-07	2024-04-23
Pretty URL cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:06 Last Seen2024-04-23 18:35:33 Times Seen839 Hash e5a5b331cf54c474203628eb9398470e 6d2e5b6a22edb7d95e0ac7523d74f5f7013cb344 7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a Loading...

	ausu.lol/	1.8 kB	2023-03-07	2023-03-14
Pretty URL ausu.lol/ IP 103.26.92.45 ASN #138959 Telekomunikasi Indonesia International Hong Kong Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:06 Last Seen2023-03-14 18:38:08 Times Seen1 Hash 637d2730ff47923ba3f514d57d009461 975c1b7348a98a97ebba57678f6e3a95b3570de7 f388b0cf371addb7c74523e36050c52205bd80fc586f4aebda9ec5c5c735e74d Loading...

	ausu.lol/	168 B	2023-03-07	2023-11-04
Pretty URL ausu.lol/ IP 103.26.92.45 ASN #138959 Telekomunikasi Indonesia International Hong Kong Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:06 Last Seen2023-11-04 04:30:09 Times Seen13 Hash 9b1dcb32766c542f3255397f12bcdc97 78a6a6bbc9fd9f834aa6175bdd29a3ccea797675 a0bbb1c3208288b0de5c9a3f1d9a0249f940d575666ac245ab00a644f6d8baa3 Loading...

	www.googletagmanager.com/gtag/js?id=AW-10917194488	132 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=AW-10917194488 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:56:08 Last Seen2023-03-13 22:56:08 Times Seen1 Hash 181a338c7c1ee4c87c9316979824d776 2ef26c0917f8140868a1a40907b94e1f41ff970d e473574aac505bb5e0efc91316f5d726654cedc3809c88e7afd7663165f33eac Loading...

	js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js	631 B	2023-03-08	2024-04-03
Pretty URL js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js IP 151.101.192.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:46 Last Seen2024-04-03 16:20:49 Times Seen6173 Hash f8f6a4584135f737b26927596ce6e0a7 609ea9e9c46563fb1dc78a7967c926394e73ffab 250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6 Loading...

	ausu.lol/	445 B	2023-03-07	2023-11-04
Pretty URL ausu.lol/ IP 103.26.92.45 ASN #138959 Telekomunikasi Indonesia International Hong Kong Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:06 Last Seen2023-11-04 04:30:09 Times Seen13 Hash 68c10fb976573af029c813f6b4d738a7 66b848862ec1b43c6aa43ec4d44c54cc43662dea fc1efe533381c2da7e1fbb9d36692af80b1fed6bef35522180c4db50fdd147df Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NCGSZWQ	213 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NCGSZWQ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:56:08 Last Seen2023-03-13 22:56:08 Times Seen1 Hash 0c4037ee959e469c648b7b8dee8d3a6c b80cac58233b1034c36411fc7849e2f390e4eae6 b1c092f6cdb75a6fc5ab613f1698673aa853d37b0e8de6c441f1889389b727be Loading...

	www.googletagmanager.com/gtag/js?id=G-RR9LNKL2SC	242 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-RR9LNKL2SC IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:56:08 Last Seen2023-03-13 22:56:08 Times Seen1 Hash 129e2d667f30f3380e98b52e8585dc6c 93a08d1c97b6b18287989f3df5d5694e227181c0 3c63b8634b4fadf9cb85f5f7d6d710cb6b877e1e3d52abba3fe7a3dc73f01fa0 Loading...

	ausu.lol/	357 B	2023-03-07	2024-04-13
Pretty URL ausu.lol/ IP 103.26.92.45 ASN #138959 Telekomunikasi Indonesia International Hong Kong Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:06 Last Seen2024-04-13 15:30:51 Times Seen124 Hash 1a8aead91ac87bd63def338b35f001ce 768c938165dd5cf9093259c551c53222204b8dbd 33b5a424fb6d8890b88d621f05b8f5172e585acbd006fa9325f00be7314f13eb Loading...

	static.hotjar.com/c/hotjar-3019324.js?sv=7	8.4 kB	2023-03-13	2023-03-13
Pretty URL static.hotjar.com/c/hotjar-3019324.js?sv=7 IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:56:08 Last Seen2023-03-13 22:56:08 Times Seen1 Hash ef238fb5a2a3bda3848d5cf3704aaa73 56cd9f5f2cc47c94b58048fba16fda87ed36d587 2285504e0d72f97d56b63446ecee36151f54589cba06fae38bd5b88b17645028 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/10917194488/?random=1676367873031&cv=11&fst=1676367873031&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fausu.lol%2F&tiba=%E7%BF%BB%E7%89%86%E6%9C%80%E5%BF%AB%E6%9C%80%E7%A9%A9%E5%A6%A5%20%E4%BA%9E%E6%B4%B2%E5%8D%80%E6%9C%80%E4%BD%B3%20VPN%20%7C%20auVPN&auid=1180088311.1676367873&data=event%3Dgtag.config&rfmt=3&fmt=4	2.1 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/10917194488/?random=1676367873031&cv=11&fst=1676367873031&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fausu.lol%2F&tiba=%E7%BF%BB%E7%89%86%E6%9C%80%E5%BF%AB%E6%9C%80%E7%A9%A9%E5%A6%A5%20%E4%BA%9E%E6%B4%B2%E5%8D%80%E6%9C%80%E4%BD%B3%20VPN%20%7C%20auVPN&auid=1180088311.1676367873&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:56:08 Last Seen2023-03-13 22:56:08 Times Seen1 Hash 0f802dbc9b2a2c4bbdea2c7774af7856 615b388be974afae166128bc63052fd20b595913 122a2fd21d52568a3c1acc3d98398db0e5d338bdad64aa26375aba9be43d1b9d Loading...

	www.recaptcha.net/recaptcha/api.js?render=explicit	855 B	2023-03-13	2023-03-13
Pretty URL www.recaptcha.net/recaptcha/api.js?render=explicit IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:56:08 Last Seen2023-03-13 22:56:08 Times Seen1 Hash adcbb789cc1a73c44cd7677132df2c01 47ffcdb0e2424978dc1d0080717cdb32130be1f9 e857d68097337f07ae1c0149de42a0c3a059ef6ca0192c383a08618275d46ff9 Loading...

	trc.taboola.com/1466290/trc/3/json?tim=1676367876530&data=%7B%22id%22%3A96%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1676367876524%2C%22cv%22%3A%2220230212-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fausu.lol%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dauvpn-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1676367876530%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fausu.lol%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i	2.6 kB	2023-03-13	2023-03-13
Pretty URL trc.taboola.com/1466290/trc/3/json?tim=1676367876530&data=%7B%22id%22%3A96%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1676367876524%2C%22cv%22%3A%2220230212-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fausu.lol%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dauvpn-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1676367876530%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fausu.lol%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i IP 151.101.193.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:56:08 Last Seen2023-03-13 22:56:08 Times Seen1 Hash 0c6879d3c771e1ffbc56728ea5ff8a38 7df4fd41bd2062bf92e6ce8f6a4015d6ab4382dd 932de2df7700d974753ee621efb44459b1d1acc6c11aecb9a8ce13ca30b0921b Loading...

HTTP Transactions (57)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
111c8a4d6ad583c6126cfa9c4648851f
7bb69828eadedd57e2eb57f0612e0208bde3fcc7
44c24f6c3c0470e5b2112f9089eef8029a4f80dc966eacee001841b08e59cb79

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44C24F6C3C0470E5B2112F9089EEF8029A4F80DC966EACEE001841B08E59CB79"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6332
Expires: Tue, 14 Feb 2023 11:28:41 GMT
Date: Tue, 14 Feb 2023 09:43:09 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b39c3955aa73765d5c9cbe0d4c52f83
b13bf774f0189207d90d846b86b68fcf2f64f868
f6fea261b800d26e329ced17006c9f5d10b6c490dac3b2276cc7b0e2aa38316c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6FEA261B800D26E329CED17006C9F5D10B6C490DAC3B2276CC7B0E2AA38316C"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5076
Expires: Tue, 14 Feb 2023 11:07:45 GMT
Date: Tue, 14 Feb 2023 09:43:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 14 Feb 2023 09:37:21 GMT
content-type: application/json
age: 348
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b95b930615e89adacbb0cba6ac43288b
257c13545fd3903ece587963bae0c90935ea9bf9
a129cf843807feff42f74c16f73d3e770b143b8f501969694fc4f158bc3e8ba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A129CF843807FEFF42F74C16F73D3E770B143B8F501969694FC4F158BC3E8BA4"
Last-Modified: Sat, 11 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5679
Expires: Tue, 14 Feb 2023 11:17:48 GMT
Date: Tue, 14 Feb 2023 09:43:09 GMT
Connection: keep-alive

ausu.lol/

103.26.92.45

308 Permanent Redirect

0 B

URL HTTP/1.1
ausu.lol/
IP
103.26.92.45:0
ASN
#138959 Telekomunikasi Indonesia International Hong Kong Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: ausu.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://ausu.lol/
Server: Caddy
Date: Tue, 14 Feb 2023 09:43:09 GMT
Content-Length: 0

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 14 Feb 2023 09:43:09 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: QT6QhpQyN2WwatV5yBBs5eaE+VnLE1dohQugB5V13l3I1sZD87lub1DoDYdYco8B8SjrF+cBPXA=
x-amz-request-id: A5QNK25H74CT49JB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 14 Feb 2023 08:48:27 GMT
age: 3282
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
07d48e9dfec32c7826a0ae0d7bf37047
6cb3a01b5cc934f070bd363abe0acc6856412f40
e7094b2dfa67bad54e8a075146d0c62026c573560fe359ee1869b5727eb03145

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7094B2DFA67BAD54E8A075146D0C62026C573560FE359EE1869B5727EB03145"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17143
Expires: Tue, 14 Feb 2023 14:28:52 GMT
Date: Tue, 14 Feb 2023 09:43:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, Pragma, Expires, Cache-Control, Retry-After, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 14 Feb 2023 09:14:53 GMT
age: 1696
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.162.52.254

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.52.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +fwl7b13I6tA7TLk4RaTxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VcDPPBmFt/64qJn5T743z8phk3M=

ausu.lol/

103.26.92.45

200 OK

2.9 kB

URL HTTP/2
ausu.lol/
IP
103.26.92.45:0
ASN
#138959 Telekomunikasi Indonesia International Hong Kong Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5236)
Size
2.9 kB (2947 bytes)
Hash
a08ccc6f6e92f7b01e120b75f82041a0
540418b66bbb61d4e8fa30d1dd935e51d0d3506c
cb988b0e8b829e3f86951a7a6753207e76ff71500fc4aad9d4ad621200d2c861

HTTP Headers

GET / HTTP/1.1
Host: ausu.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-encoding: gzip
content-type: text/html
date: Tue, 14 Feb 2023 09:43:10 GMT
etag: "63e628c6-b83"
last-modified: Fri, 10 Feb 2023 11:21:42 GMT
server: Caddy, nginx/1.23.3
vary: Accept-Encoding
content-length: 2947
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2dea84b056fe03cf91ce514618731475
5eaa44bbf7d4864cb50950e90c5832027fb8a18f
5f05224b4c2683bf0d1eca2b00cb5ace1f985e8dbc9f4b5461b0a21c2d8e2398

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2dea84b056fe03cf91ce514618731475
5eaa44bbf7d4864cb50950e90c5832027fb8a18f
5f05224b4c2683bf0d1eca2b00cb5ace1f985e8dbc9f4b5461b0a21c2d8e2398

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
00fd20eb4f9603749009fbfda3e0a53f
26c44a6b1a525209d5269da38ef6aab9eb42bc43
2ae97d3e25be35531b402df9dbbc79b2f3dc373cbf80964b47d92a1dbb2d88c7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 09:43:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 12 Feb 2023 08:20:01 GMT
Expires: Sun, 19 Feb 2023 08:20:00 GMT
Etag: "26c44a6b1a525209d5269da38ef6aab9eb42bc43"
Cache-Control: max-age=426409,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7994dba2ff29b4ee-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2dea84b056fe03cf91ce514618731475
5eaa44bbf7d4864cb50950e90c5832027fb8a18f
5f05224b4c2683bf0d1eca2b00cb5ace1f985e8dbc9f4b5461b0a21c2d8e2398

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f035810e1dbe955803e22cf43f0e9678
645ccee75e3b3f99084efa01f2c9fceb6bad703c
23706220f82469e2b7dd9213be733364b4d53904dbeb6af07a07a81fae34ab79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6097
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:10 GMT
Last-Modified: Tue, 14 Feb 2023 08:01:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtag/js?id=AW-10917194488

142.250.74.168

200 OK

51 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-10917194488
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
51 kB (50881 bytes)
Hash
c7d1ded5fef58eff5a0eb5f0bd089e40
3621aba3e79e6ee9800ba721d603760f24a164d0
0584e8c2b048be73c21db66f2929b2d8c4698d1990185b56d3a808440e8c4f7e

HTTP Headers

GET /gtag/js?id=AW-10917194488 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 14 Feb 2023 09:43:10 GMT
expires: Tue, 14 Feb 2023 09:43:10 GMT
cache-control: private, max-age=900
last-modified: Tue, 14 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da746565948012cd1d758cb6468016b8
56c127b30f06a7b23a87d963e6ff91deaf8dab7e
5af346574bd8b0d041ffd5bde2e5f2caf82dd7851a3639d197197d5892a234ab

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5AF346574BD8B0D041FFD5BDE2E5F2CAF82DD7851A3639D197197D5892A234AB"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3145
Expires: Tue, 14 Feb 2023 10:35:35 GMT
Date: Tue, 14 Feb 2023 09:43:10 GMT
Connection: keep-alive

js.stripe.com/v3

151.101.192.176

200 OK

120 kB

URL HTTP/2
js.stripe.com/v3
IP
151.101.192.176:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
120 kB (119945 bytes)
Hash
deb60cee1d6d2255240c681fc1cb11f4
35b733f30b3ebe4f0a71ff489df72576cef55eb5
a105fb0fceda355ef17d031254406067a9ec1dc517025791dd2bca8e2873161b

HTTP Headers

GET /v3 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 13 Feb 2023 20:34:11 GMT
etag: "bddc7b025003060c0279cc3180de50fb"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 14 Feb 2023 09:43:10 GMT
via: 1.1 varnish
age: 36
x-request-id: 2e88224c-cab6-4bdb-a277-825f5aa8e629
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 16
vary: Accept-Encoding
timing-allow-origin: *
content-length: 119945
X-Firefox-Spdy: h2

unphionetor.com/vctx?t=91032

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vctx?t=91032
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vctx?t=91032 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ausu.lol
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Tue, 14 Feb 2023 09:43:11 GMT
access-control-allow-origin: https://ausu.lol
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: a852ab8dca609585303ad9b123243e22
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2dea84b056fe03cf91ce514618731475
5eaa44bbf7d4864cb50950e90c5832027fb8a18f
5f05224b4c2683bf0d1eca2b00cb5ace1f985e8dbc9f4b5461b0a21c2d8e2398

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6182fbbdc621829f0f257f98e9808bfa
c1176dd1ea01abc1604700e1018d179ecb02f6f3
2e8fd15b151c5943c3c8e760f8242481da89448af79630953a1b5f80bdfe9153

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5118
Cache-Control: max-age=130037
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:11 GMT
Etag: "63ea9ca6-117"
Expires: Wed, 15 Feb 2023 21:50:28 GMT
Last-Modified: Mon, 13 Feb 2023 20:25:10 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

www.googletagmanager.com/gtag/js?id=G-RR9LNKL2SC&l=dataLayer&cx=c

142.250.74.168

200 OK

80 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-RR9LNKL2SC&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (29466)
Size
80 kB (80502 bytes)
Hash
5428035b4f4b6e1fb699ba793d7e0318
8e2ed1f81ccb18306784742f3e385e012fecbb12
5d4f31a0f523be0946d1125cd86b545fc2f349e3a643d060c06378335d58e38a

HTTP Headers

GET /gtag/js?id=G-RR9LNKL2SC&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 14 Feb 2023 09:43:11 GMT
expires: Tue, 14 Feb 2023 09:43:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6182fbbdc621829f0f257f98e9808bfa
c1176dd1ea01abc1604700e1018d179ecb02f6f3
2e8fd15b151c5943c3c8e760f8242481da89448af79630953a1b5f80bdfe9153

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5118
Cache-Control: max-age=130037
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:11 GMT
Etag: "63ea9ca6-117"
Expires: Wed, 15 Feb 2023 21:50:28 GMT
Last-Modified: Mon, 13 Feb 2023 20:25:10 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d42a01fdf9af7a50d630c42fde100d30
a7568d35657f934220298ca4c2fb102398554196
f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16054
Expires: Tue, 14 Feb 2023 14:10:45 GMT
Date: Tue, 14 Feb 2023 09:43:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d42a01fdf9af7a50d630c42fde100d30
a7568d35657f934220298ca4c2fb102398554196
f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16054
Expires: Tue, 14 Feb 2023 14:10:45 GMT
Date: Tue, 14 Feb 2023 09:43:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10635 bytes)
Hash
b8526505043a5b3a1a8a3e86f80dd796
121031f827508bc441ab34387ffdf9bf878c43a9
70e9f640c8339aea888ceea9fd2ef74fa2c3ea210f69fa22442155dca61a799e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10635
x-amzn-requestid: 98a6b744-d08f-4e53-a0b0-735b336c8513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_zjG9boAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace3-5d86345a4ee7009e61291369;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KJ56reDkEbXg0bE7sE4pB1n7Lkn1nLiKblbKM9aFYCow4tpHrIqGnw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:31:33 GMT
etag: "121031f827508bc441ab34387ffdf9bf878c43a9"
content-type: image/jpeg
age: 40298
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02747389-fc16-42b4-9ec9-cf0c387a8d9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8676 bytes)
Hash
a368a0f4d91a04ece485fa6939b93ed0
34edb57e9f33babf053565c546089c2ffb80974a
35c141b46fad3913dfae10e1f6406a849bddcd0fb2c86d35561243aefe3bc54b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02747389-fc16-42b4-9ec9-cf0c387a8d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 1a72201f-c7b0-4215-81a6-e89ad432444d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_6WEqgIAMFRMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaad0e-322b9c2c03c0f7662edaf161;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:35:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: m9X0NdaBnd176DYQfgYBih2t66lv75jyu1j3nhomSTN1NKD-Ybuh_A==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:18:05 GMT
age: 41106
etag: "34edb57e9f33babf053565c546089c2ffb80974a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-NCGSZWQ

142.250.74.168

200 OK

11 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NCGSZWQ
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
data
Size
11 kB (10677 bytes)
Hash
e24473b3e335f2046f72ea198a1a9ac8
346f3744c1fd32467ac8c1783f7c28c0ffd3cc4b
87fb8a02fb286ccd1d04abe4052fb08617fc68692515aa6daed2895e83827ccd

HTTP Headers

GET /gtm.js?id=GTM-NCGSZWQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 14 Feb 2023 09:43:10 GMT
expires: Tue, 14 Feb 2023 09:43:10 GMT
cache-control: private, max-age=900
last-modified: Tue, 14 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65628
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa732bb14-3705-4898-9939-ec46b26a84d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6577 bytes)
Hash
9b963da29b1cdb8c81019f56f92fe64c
d4b9e1e4821521e39980433b772797e965e2de7f
d4371f58ba9128dec66a22f9f9bb27329127e293de152e4d6480c74b16d9c943

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa732bb14-3705-4898-9939-ec46b26a84d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: d0eb14ab-12ab-4ad9-aeca-ed35a5e6c02d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_x6FX9oAMFcCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaacd8-5a08f7fd3f9ab39d02af829b;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0_ZwHM_6JfR0IJtms8acVKU-qOGYDrdFw--8ePZt0nrOy3qsSo5HOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:31:26 GMT
etag: "d4b9e1e4821521e39980433b772797e965e2de7f"
content-type: image/jpeg
age: 40305
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3b95fd0-70b7-4757-9068-83472c90622c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12032 bytes)
Hash
dd9dfc91c131903f04b22bca2ea07569
8fac706269ae3ec4a9f60a64f6b08066e9eeb22a
d72e6a45a42dd6f6d39bdf2a68837a2fdd73b9df6e01a29dd173725b3d88e97e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3b95fd0-70b7-4757-9068-83472c90622c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12032
x-amzn-requestid: 1be7b95f-1088-4e2a-ba74-bba8a5c3b615
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AMZ_gHE7oAMFfkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e809fc-65057649605a732b64098657;Sampled=0
x-amzn-remapped-date: Sat, 11 Feb 2023 21:34:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3wc9cOb6EBcYrHuQPvVx1h8f0xSef25washUegMtRo7oeLosn4RlYg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 14 Feb 2023 00:41:17 GMT
age: 32514
etag: "8fac706269ae3ec4a9f60a64f6b08066e9eeb22a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74073173-a5a0-46f8-b23e-201ea802ab67.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8419 bytes)
Hash
dfbb7efa6627641ed50ee7738b2e2561
a759d26d6c811f964125ccba6e11498bca6b64c8
d1b2ea74eb288c5530c761830023830e43a6e8441594252736d6aa130dfd6520

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74073173-a5a0-46f8-b23e-201ea802ab67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8419
x-amzn-requestid: d19bc4f6-4174-4563-a1ef-c27ba0a9e3ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_zuHdGIAMFQlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace4-5e914df75bfda625564e1142;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e0GAkTbo83Kf6PvNKGWEeTfnGeFsgaNYwkTj6wLZcvSY_Ax4cW8jjA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:18:48 GMT
age: 41063
etag: "a759d26d6c811f964125ccba6e11498bca6b64c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-RR9LNKL2SC&gtm=45je32d0&_p=1208173096&cid=6289345.1676367873&ul=en-us&sr=1280x1024&_s=1&sid=1676367873&sct=1&seg=0&dl=https%3A%2F%2Fausu.lol%2F&dt=%E7%BF%BB%E7%89%86%E6%9C%80%E5%BF%AB%E6%9C%80%E7%A9%A9%E5%A6%A5%20%E4%BA%9E%E6%B4%B2%E5%8D%80%E6%9C%80%E4%BD%B3%20VPN%20%7C%20auVPN&en=page_view&_fv=1&_nsi=1&_ss=2&ep.debug%20mode=true

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-RR9LNKL2SC&gtm=45je32d0&_p=1208173096&cid=6289345.1676367873&ul=en-us&sr=1280x1024&_s=1&sid=1676367873&sct=1&seg=0&dl=https%3A%2F%2Fausu.lol%2F&dt=%E7%BF%BB%E7%89%86%E6%9C%80%E5%BF%AB%E6%9C%80%E7%A9%A9%E5%A6%A5%20%E4%BA%9E%E6%B4%B2%E5%8D%80%E6%9C%80%E4%BD%B3%20VPN%20%7C%20auVPN&en=page_view&_fv=1&_nsi=1&_ss=2&ep.debug%20mode=true
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-RR9LNKL2SC&gtm=45je32d0&_p=1208173096&cid=6289345.1676367873&ul=en-us&sr=1280x1024&_s=1&sid=1676367873&sct=1&seg=0&dl=https%3A%2F%2Fausu.lol%2F&dt=%E7%BF%BB%E7%89%86%E6%9C%80%E5%BF%AB%E6%9C%80%E7%A9%A9%E5%A6%A5%20%E4%BA%9E%E6%B4%B2%E5%8D%80%E6%9C%80%E4%BD%B3%20VPN%20%7C%20auVPN&en=page_view&_fv=1&_nsi=1&_ss=2&ep.debug%20mode=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ausu.lol
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://ausu.lol
date: Tue, 14 Feb 2023 09:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unphionetor.com/vbri?t=91032&bid=undefined&aid=undefined&tp=4275

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbri?t=91032&bid=undefined&aid=undefined&tp=4275
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbri?t=91032&bid=undefined&aid=undefined&tp=4275 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ausu.lol
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 14 Feb 2023 09:43:13 GMT
access-control-allow-origin: https://ausu.lol
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 680b9b16e586b5e51255c0e5c29bcc5c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b6d7ddbbaf0688739eab5db1638efc86
c1fb4ba321f1eee00df9a0941e1eff9929560460
1931bc6c1b93c0d0560ee93a7320f69e1cc054058d953334f829ae1adad95a91

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3952
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:14 GMT
Last-Modified: Tue, 14 Feb 2023 08:37:22 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
39bd8923ebd523f3d7e9a40f555e9402
d5ba449bc6c3edc72eebaf5dc66817723e387c89
14f05165df53af8abe516d752d576b901e7647ad8bef9645a621f0e634127002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27843 bytes)
Hash
dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 4alfSVNd7i7b4E3kkZcf0uxZ0C0r+GwssKspChfs9tL/yvd1aZ7WZaImqya6XHVpvs0qbxhUgLYflxi1FzaAYg==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 2074150462
date: Tue, 14 Feb 2023 09:43:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0a6f49ab4574d64f57249e1847ae887b
3fc366ae1ed2102c557f34e502aeb26a5f2a4b5f
441383931dc8d2af247d1f0989896898a2ada71bb6522f872499a79fe1d15ac8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/10917194488/?random=1676367873031&cv=11&fst=1676367873031&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fausu.lol%2F&tiba=%E7%BF%BB%E7%89%86%E6%9C%80%E5%BF%AB%E6%9C%80%E7%A9%A9%E5%A6%A5%20%E4%BA%9E%E6%B4%B2%E5%8D%80%E6%9C%80%E4%BD%B3%20VPN%20%7C%20auVPN&auid=1180088311.1676367873&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.2

200 OK

948 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10917194488/?random=1676367873031&cv=11&fst=1676367873031&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fausu.lol%2F&tiba=%E7%BF%BB%E7%89%86%E6%9C%80%E5%BF%AB%E6%9C%80%E7%A9%A9%E5%A6%A5%20%E4%BA%9E%E6%B4%B2%E5%8D%80%E6%9C%80%E4%BD%B3%20VPN%20%7C%20auVPN&auid=1180088311.1676367873&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2055), with no line terminators
Size
948 B (948 bytes)
Hash
1ae758bcd0477a33cb920458e1703eb6
ada5d79a16c5fe036a2d8934a9701b2f0e15d0e4
8942349ed6be0832e22f202f2826d7fc2f001fb1226301bed0f5cf36a3667764

HTTP Headers

GET /pagead/viewthroughconversion/10917194488/?random=1676367873031&cv=11&fst=1676367873031&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fausu.lol%2F&tiba=%E7%BF%BB%E7%89%86%E6%9C%80%E5%BF%AB%E6%9C%80%E7%A9%A9%E5%A6%A5%20%E4%BA%9E%E6%B4%B2%E5%8D%80%E6%9C%80%E4%BD%B3%20VPN%20%7C%20auVPN&auid=1180088311.1676367873&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 09:43:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 948
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Feb-2023 09:58:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b6d7ddbbaf0688739eab5db1638efc86
c1fb4ba321f1eee00df9a0941e1eff9929560460
1931bc6c1b93c0d0560ee93a7320f69e1cc054058d953334f829ae1adad95a91

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3952
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:14 GMT
Last-Modified: Tue, 14 Feb 2023 08:37:22 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Tue, 14 Feb 2023 09:43:14 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2

www.recaptcha.net/recaptcha/api.js?render=explicit

142.250.74.131

200 OK

556 B

URL HTTP/2
www.recaptcha.net/recaptcha/api.js?render=explicit
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (855), with no line terminators
Size
556 B (556 bytes)
Hash
0ef749d46c436c60ddb8b7d4aa385a45
f3505c9dcf31dfa83892ed54afefac64d2416440
5f01881cd79d4a2f797c97422cf5a16db5800dc6127de860f0e4c7f32d69d6bf

HTTP Headers

GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 14 Feb 2023 09:43:14 GMT
date: Tue, 14 Feb 2023 09:43:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
39bd8923ebd523f3d7e9a40f555e9402
d5ba449bc6c3edc72eebaf5dc66817723e387c89
14f05165df53af8abe516d752d576b901e7647ad8bef9645a621f0e634127002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.taboola.com/libtrc/unip/1466290/tfa.js

151.101.193.44

200 OK

18 kB

URL HTTP/2
cdn.taboola.com/libtrc/unip/1466290/tfa.js
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (59742)
Size
18 kB (18370 bytes)
Hash
d5afbb40b4af9a4b2491bd953ee3723b
9162d8a6aac58f702398695d1e0542974defd0f4
7d232bf67604d56b84f0b0eea3d51710b4aa705857f298139bd4acc23b8eefbd

HTTP Headers

GET /libtrc/unip/1466290/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: jQii7HdYKc93DDGQ/C5wEwJ4MVshS98M2QdYl/glffBTpwMwLTHMYayFJeWb/TIoXnPxu/9TZyo=
x-amz-request-id: RAC4ZKZ19R87NK5W
x-amz-replication-status: COMPLETED
last-modified: Sun, 12 Feb 2023 11:19:29 GMT
etag: "34de4b4c5ad588a94c503b90a190043f"
x-amz-version-id: ieqA3M0l.iuCiBOiBnU81ZE8JL_usRgs
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 14 Feb 2023 09:43:14 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1676367794.277750,VS0,VE196
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 17
content-length: 18370
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0a6f49ab4574d64f57249e1847ae887b
3fc366ae1ed2102c557f34e502aeb26a5f2a4b5f
441383931dc8d2af247d1f0989896898a2ada71bb6522f872499a79fe1d15ac8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
109822b0f39738ea8edbfe3bdcef965f
5c1dd452195c5e19136d36598bbde42d8987a6b1
2df9eeb8fcb0b427c31783766b07066b57aa6e5204828a3fd2e69d3c73090505

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5657
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:14 GMT
Last-Modified: Tue, 14 Feb 2023 08:08:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312

t.co/i/adsct?bci=3&eci=2&event_id=a7c576cc-f3e5-4cd3-a30f-865c4912624e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=491bb014-60dc-43f9-a524-c7cf11c309f3&tw_document_href=https%3A%2F%2Fausu.lol%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6hvl&type=javascript&version=2.3.29

104.244.42.69

200 OK

43 B

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=a7c576cc-f3e5-4cd3-a30f-865c4912624e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=491bb014-60dc-43f9-a524-c7cf11c309f3&tw_document_href=https%3A%2F%2Fausu.lol%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6hvl&type=javascript&version=2.3.29
IP
104.244.42.69:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=a7c576cc-f3e5-4cd3-a30f-865c4912624e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=491bb014-60dc-43f9-a524-c7cf11c309f3&tw_document_href=https%3A%2F%2Fausu.lol%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6hvl&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 14 Feb 2023 09:43:13 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=0173f158-95bf-440b-91c2-e667d3b85555; Max-Age=63072000; Expires=Thu, 13 Feb 2025 09:43:14 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 505faf79546b0059
strict-transport-security: max-age=0
x-response-time: 111
x-connection-hash: 5ad3704de0dde865216b26b2da178eebbad62418aa328a3799a308468bdeefdf
X-Firefox-Spdy: h2

js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

151.101.192.176

200 OK

122 B

URL HTTP/2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP
151.101.192.176:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
122 B (122 bytes)
Hash
0fb49bf445ceac1dcb1b6c5d284a57a1
8988f3ceef20a494a419e595e8d802a0dc663c7a
5e0d98b9fefc9f5ccf02b5ac4f4e4de3fe727a1ac97a4cd778efd58062afd5e8

HTTP Headers

GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 14 Feb 2023 09:43:16 GMT
via: 1.1 varnish
age: 7997871
x-request-id: b782a200-0252-4ebf-9791-dc6bfe741e7a
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 378994
vary: Accept-Encoding
timing-allow-origin: *
content-length: 122
X-Firefox-Spdy: h2

js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

151.101.192.176

200 OK

332 B

URL HTTP/2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP
151.101.192.176:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (526)
Size
332 B (332 bytes)
Hash
ada7d17b721f065b91d249c998f2967e
1c686ed2c2218a3889b7d9a9b1acdf851b0bf563
12125f2ad96bb800b475309dcc276eeddffd6db095e29fe1f8514b3f8c7e544a

HTTP Headers

GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "f8f6a4584135f737b26927596ce6e0a7"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 14 Feb 2023 09:43:16 GMT
via: 1.1 varnish
age: 7997871
x-request-id: 1145ad0e-7567-44dc-a7bb-6b38ed0c88fb
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 312698
vary: Accept-Encoding
timing-allow-origin: *
content-length: 332
X-Firefox-Spdy: h2

m.stripe.network/inner.html

151.101.192.176

200 OK

527 B

URL HTTP/2
m.stripe.network/inner.html
IP
151.101.192.176:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Size
527 B (527 bytes)
Hash
e02352ef72e8a9563463c07174b0e50f
7a41613f7eae0819d1a4785eae3617fdbb33b9b3
2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5

HTTP Headers

GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Tue, 14 Feb 2023 09:43:16 GMT
via: 1.1 varnish
age: 275
x-request-id: 56f5c58c-9d6b-4827-ba80-13972f319528
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 164
x-timer: S1676367796.321036,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2

script.hotjar.com/modules.5dca1694a4338dade13b.js

54.230.111.73

200 OK

68 kB

URL HTTP/2
script.hotjar.com/modules.5dca1694a4338dade13b.js
IP
54.230.111.73:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48738)
Size
68 kB (68080 bytes)
Hash
902c7d4a043c8419d7d05fb340da4f92
742764dfd471a19485dae4ec6c64e5d9d7c7c77e
837cb60cc5b1817bfcd8b21b5e5aec75cbd00345a0a21d14c292e4589a3b7259

HTTP Headers

GET /modules.5dca1694a4338dade13b.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68080
date: Tue, 14 Feb 2023 08:49:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "902c7d4a043c8419d7d05fb340da4f92"
last-modified: Tue, 14 Feb 2023 08:48:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lITYo_PWwdc9dmgmyM28ID-s7OIx5ALc74CfTr-Jm2mpjsGowgTYJg==
age: 3252
X-Firefox-Spdy: h2

trc-events.taboola.com/1466290/log/3/unip?en=pre_d_eng_tb&tos=2010&scd=0&ssd=1&est=1676367876527&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1676367878118&mrir=to&vi=1676367876524&ref=null&cv=20230212-4-RELEASE&item-url=https%3A%2F%2Fausu.lol%2F

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1466290/log/3/unip?en=pre_d_eng_tb&tos=2010&scd=0&ssd=1&est=1676367876527&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1676367878118&mrir=to&vi=1676367876524&ref=null&cv=20230212-4-RELEASE&item-url=https%3A%2F%2Fausu.lol%2F
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1466290/log/3/unip?en=pre_d_eng_tb&tos=2010&scd=0&ssd=1&est=1676367876527&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1676367878118&mrir=to&vi=1676367876524&ref=null&cv=20230212-4-RELEASE&item-url=https%3A%2F%2Fausu.lol%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ausu.lol
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Tue, 14 Feb 2023 09:43:17 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://ausu.lol
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
605c0a47169c45b131ccb1ed345cf048
110d17ee2aa9a2cb7128e27554ec8dcbb1f59296
0ac9bb15a9f9edd3750752ddf33d3478bedd369cc5f22b6a0e258f55958b7774

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
704848873afb62f820c1b194e3620519
6b5dc73daf065a51ee2364b34f0e488902663d3d
19c8c76bb1c818f85ff5aafdf3d0bdd9e7ee2a4ec0753954d220eb2f23a234a8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 09:43:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.hotjar.com/c/hotjar-3019324.js?sv=7

54.230.111.8

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-3019324.js?sv=7
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-3019324.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 14 Feb 2023 09:43:02 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/ef238fb5a2a3bda3848d5cf3704aaa73
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -_HjjVj4Z7le0eKrBeNhSEjaqKv8-kOR1g3BCAWwYM0qDoQXcNQhfw==
age: 12
X-Firefox-Spdy: h2

trc.taboola.com/1466290/trc/3/json?tim=1676367876530&data=%7B%22id%22%3A96%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1676367876524%2C%22cv%22%3A%2220230212-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fausu.lol%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dauvpn-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1676367876530%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fausu.lol%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i

151.101.193.44

200 OK

0 B

URL HTTP/2
trc.taboola.com/1466290/trc/3/json?tim=1676367876530&data=%7B%22id%22%3A96%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1676367876524%2C%22cv%22%3A%2220230212-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fausu.lol%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dauvpn-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1676367876530%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fausu.lol%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1466290/trc/3/json?tim=1676367876530&data=%7B%22id%22%3A96%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1676367876524%2C%22cv%22%3A%2220230212-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fausu.lol%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dauvpn-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1676367876530%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fausu.lol%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 14 Feb 2023 09:43:17 GMT
via: 1.1 varnish
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1676367798.832854,VS0,VE107
vary: Accept-Encoding
x-vcl-time-ms: 107
X-Firefox-Spdy: h2

propeller-tracking.com/fv.js?t=91032

139.45.197.240

200 OK

0 B

URL HTTP/2
propeller-tracking.com/fv.js?t=91032
IP
139.45.197.240:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fv.js?t=91032 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ausu.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 14 Feb 2023 09:43:10 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 7536d5f468405082f2448acb679eac2c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML