Report - crushus-1.latestcache.com/

Report Overview

Submitted URL
crushus-1.latestcache.com/
IP
104.21.36.134
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-01 05:36:22
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2023-05-31	421 B	24 kB	69.16.175.42
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-01	545 B	16 kB	216.58.207.227
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2023-05-31	910 B	178 kB	104.18.11.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-31	394 B	1.8 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-05-31	446 B	7.1 kB	104.17.25.14
staticbay.pages.dev	unknown	2020-09-02	2023-02-26	2023-05-05	1.2 kB	100 kB	172.66.47.92
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-31	2.0 kB	4.2 kB	142.250.74.131
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-31	680 B	1.9 kB	54.230.80.227
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-31	389 B	87 kB	142.250.74.168
addresseepaper.com	18169	2021-11-01	2021-11-01	2023-06-01	368 B	0 B	0.0.0.0
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2023-05-31	473 B	20 kB	104.16.57.101
crushus-1.latestcache.com	unknown	unknown	2023-03-08	2023-03-29	4.3 kB	59 kB	104.21.36.134
simplewebanalysis.com	unknown	2022-02-15	2022-02-25	2023-05-31	814 B	864 B	3.125.225.220
poshhateful.com	unknown	2022-04-19	2022-04-26	2023-05-29	371 B	327 B	173.233.137.36
greedevolution.com	unknown	2023-01-22	2023-01-22	2023-04-07	7.4 kB	22 kB	173.233.137.44
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2023-05-29	1.8 kB	542 kB	45.133.44.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	poshhateful.com
2023-06-01	medium	addresseepaper.com

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-24
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:40 Last Seen2024-04-24 09:36:58 Times Seen1458 Hash baaadea4492b059f284187d75af46063 7326bf5e023f871afcf6ebb18cb89109f81a7708 0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b Loading...

	crushus-1.latestcache.com/	924 B	2023-03-14	2023-08-17
Pretty URL crushus-1.latestcache.com/ IP 104.21.36.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 06:40:02 Last Seen2023-08-17 08:30:29 Times Seen14 Hash f66cb00544e3fa89452ace21a4390ce7 1819619921aba5c74ca21b749b26018ca36bc8ca 3ead56c7739ead426486d57073614017c440fc04a1230a0298bd7c59745debaf Loading...

	staticbay.pages.dev/proxy/js/ads/banner.js	27 kB	2023-03-14	2023-08-17
Pretty URL staticbay.pages.dev/proxy/js/ads/banner.js IP 172.66.47.92 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:58:31 Last Seen2023-08-17 08:30:29 Times Seen38 Hash cdcb5b8abbc9d532c62e2022032a0253 4f6537fd997995d839641dd20ee24fbf4577356b 72b0d92784cba20ae8f6c5f4b5e75dd9baadd1bcbe0a4551443985dd1b2dd268 Loading...

	staticbay.pages.dev/proxy/js/ads/pop.js	46 kB	2023-03-14	2023-08-17
Pretty URL staticbay.pages.dev/proxy/js/ads/pop.js IP 172.66.47.92 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:58:31 Last Seen2023-08-17 08:30:29 Times Seen35 Hash d980de133fec713f6a82ff45967a6686 40ad905aa541cff38af5ba9f3ca2e7dc6a2c8574 8cbfe6f954f68f3f36417f0ee0ae1bd5faed307f4d7bc4b9923ecd20f3d5c764 Loading...

	www.googletagmanager.com/gtag/js?id=G-H55MMD7MCD	253 kB	2023-06-01	2023-06-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-H55MMD7MCD IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 07:36:23 Last Seen2023-06-01 07:36:24 Times Seen2 Hash 51b07b00b9eca21361e8c2aede4f05c8 1ffbddde0529b049b79ff6d4ecb6f67363a7584d 9693610ffca0717155c787b3576526f9c44711e00f58b3841d99958eb35a0b39 Loading...

	crushus-1.latestcache.com/cdn-cgi/apps/head/q6VigkzHh5xGbmd0GX6edfKnNmE.js	9.7 kB	2023-03-26	2023-12-30
Pretty URL crushus-1.latestcache.com/cdn-cgi/apps/head/q6VigkzHh5xGbmd0GX6edfKnNmE.js IP 104.21.36.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 06:58:58 Last Seen2023-12-30 18:10:26 Times Seen274 Hash 34cd0418f533aaab670da51c20764068 aa248185d4fb459cdf50491227664c6022294ffe 0ae46cdd253c4a84de426e86e1e1548794e230a5880dbedaac7b73064571f3b5 Loading...

	crushus-1.latestcache.com/	418 B	2023-03-14	2023-08-17
Pretty URL crushus-1.latestcache.com/ IP 104.21.36.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 13:58:31 Last Seen2023-08-17 08:30:29 Times Seen28 Hash 128cfce9f9f7e825de3d2a6fa965e7ad 6c355f62a42eb2c31963a270b55df8bedd1d94dc 8aa0615d118c154d8e2558557e299e8196cc3771ee59a04bae232226d4450bac Loading...

	static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816	20 kB	2023-04-18	2024-04-21
Pretty URL static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 04:27:55 Last Seen2024-04-21 01:34:52 Times Seen14481 Hash d294b48fb7400508953205265f95d2e1 fd545d38241c9c56e81f61e45cd239976ecd0b46 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-24
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-24 17:00:54 Times Seen106065 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js	19 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:31 Last Seen2024-04-18 09:29:53 Times Seen1361 Hash 6383a57baa1479e8490a42f4184b7f0b a7e89fa1896ec8afca2a442b792c9aa29e5823dd 5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017 Loading...

	unknown	10 B	2023-05-02	2023-08-17
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-05-02 18:23:27 Last Seen2023-08-17 08:30:29 Times Seen8 Hash 1cc0e62c1c4249b19c152f4c66eca8be bb325d53ab3f7ef460eccae6a67c5eb34af39f9f bbea0be1044e2876f1a8bff2f4e39a88acc306e52755c13eaa122e882861f40f Loading...

	staticbay.pages.dev/proxy/js/ads/invoke.js	25 kB	2023-03-14	2023-08-17
Pretty URL staticbay.pages.dev/proxy/js/ads/invoke.js IP 172.66.47.92 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:58:31 Last Seen2023-08-17 08:30:29 Times Seen27 Hash 131d3763ac00e9c7430da2b55b6e9992 026e058533f80c804c2fc69c6d6f73ca27e7ded1 c3b6c819e4bc2d3f71ac82c8aa49e87ff490c3a4d62c01dfdbec7d318b99b33c Loading...

	crushus-1.latestcache.com/cdn-cgi/apps/body/0u8bev7r7LyK2fjruYWKC6_8D8A.js	3.7 kB	2023-03-26	2023-12-30
Pretty URL crushus-1.latestcache.com/cdn-cgi/apps/body/0u8bev7r7LyK2fjruYWKC6_8D8A.js IP 104.21.36.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 06:58:58 Last Seen2023-12-30 18:10:26 Times Seen279 Hash 47e471b950bdb80d663fdc8c637961d6 6b7abd66fcf0ef7f6aa60ebc68716c5aa9811b78 23bf82350c62d88b7effb31bdd9bef908a05424a45c13a68f01430da6183c732 Loading...

	poshhateful.com/advertisers.js	0 B	2023-03-07	2024-04-24
Pretty URL poshhateful.com/advertisers.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 17:00:55 Times Seen37041794 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - 6fa57a93ababfba194a601e340b0153f	97 B	2023-03-25	2023-08-17
Pretty Observations First Seen2023-03-25 23:17:59 Last Seen2023-08-17 08:30:29 Times Seen28 Hash 6fa57a93ababfba194a601e340b0153f e2d2ce21bacb6077cb5e91f9fbb3412f1c114611 f8df12c4e13fc1601fde3e6f3868951586511aab8737d7975170bd851a8a0e58 Loading...

HTTP Transactions (40)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js

104.17.25.14

200 OK

6.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18860)
Size
6.1 kB (6098 bytes)
Hash
6383a57baa1479e8490a42f4184b7f0b
a7e89fa1896ec8afca2a442b792c9aa29e5823dd
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017

HTTP Headers

GET /ajax/libs/popper.js/1.11.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 6098
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4a59"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4795204
expires: Tue, 21 May 2024 05:36:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqUgoflUZRj0N7YuZscQbqdYybKYG%2F3lnoJ2YYpLNvN%2Fr4J5gXL5L2OlUBxRdFlYI2k5DqQJTYAqHcPbMSENrRQdqGe0ubconZHA4q9YAX46IxHTdIO0AkDuOqt6ynR8fsvpMsYL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0518cfdcea0b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.42

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685597765.dop205.sk1.t,1685597765.cds009.sk1.hn,1685597765.cds253.sk1.c
X-Firefox-Spdy: h2

crushus-1.latestcache.com/static/images/lock.png

104.21.36.134

200 OK

161 B

URL GET HTTP/3
crushus-1.latestcache.com/static/images/lock.png
IP
104.21.36.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectlatestcache.com
Fingerprint11:01:92:86:EF:AE:A4:21:FE:EF:75:D0:0C:C5:B2:DF:AE:D6:DE:8F
ValidityFri, 05 May 2023 09:29:07 GMT - Thu, 03 Aug 2023 09:29:06 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Size
161 B (161 bytes)
Hash
f65536f74d80fa4ba060a0697f5f3142
3cf3d901cb29e88a2c4f75dac2b8d93521e85814
45f5a209079611483e4a990fcf69fe22971d3a941002da68092df2ba33b65115

HTTP Headers

GET /static/images/lock.png HTTP/1.1
Host: crushus-1.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crushus-1.latestcache.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: image/png
content-length: 161
etag: "63ee381c-a1"
last-modified: Thu, 16 Feb 2023 14:05:16 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLZGZ699C0ktzprEY3%2BNWNzPtJ66qkLgJyrPCOIGjGgHwK3SwhG7i2pkLmPJUStZMKxbyb1%2FXzWsdAW6PNWHtEuIcFjG6XdbfR8s2kwhiUGDifwAq4GiAgkGFMh8Gg2SBx%2FJOVlk8WXNZ46t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0518cf59531bfa-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
582908ff8bc13bc9b5422491129d8b0e
8deb8d1987e09761ca90108160cc262f1ee8dffa
daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 05:36:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
582908ff8bc13bc9b5422491129d8b0e
8deb8d1987e09761ca90108160cc262f1ee8dffa
daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 05:36:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 05:36:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/dosis/v27/HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xME.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/dosis/v27/HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xME.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15548, version 1.0\012- data
Size
16 kB (15548 bytes)
Hash
72f419b6583f0c15692ee5267f26e75e
640f336a8ae14388e68aac134f0cf7bc0532f93b
ffcaf935e7915d062e0fafff6b452e48b14fc34433deae075ca25df0d0a8185c

HTTP Headers

GET /s/dosis/v27/HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xME.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 11:50:06 GMT
expires: Fri, 24 May 2024 11:50:06 GMT
cache-control: public, max-age=31536000
age: 582359
last-modified: Mon, 11 Jul 2022 20:56:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 05:36:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
cd710817e90d5697f5b4680879cafe43
5ab00875da3d97318423ca9a59d979b825dfe2c9
9e310bf7c827a39c7a90770e3ce8bda8717e87bfd06042a56824a4b250f91755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 05:36:05 GMT
Last-Modified: Thu, 01 Jun 2023 04:52:19 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PzI35xKnRWa4KNVIKUQDkosFmy2BnRGUILSTGtHbEn6muwueokU4oQ==
Age: 2626

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
cd710817e90d5697f5b4680879cafe43
5ab00875da3d97318423ca9a59d979b825dfe2c9
9e310bf7c827a39c7a90770e3ce8bda8717e87bfd06042a56824a4b250f91755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 05:36:05 GMT
Last-Modified: Thu, 01 Jun 2023 05:13:26 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iYo5NyFQbFdc701OKR13AU6BEFBO_Br-sKe4py1wqtmBeGxYQxi0rQ==
Age: 1359

simplewebanalysis.com/stats

3.125.225.220

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
3.125.225.220:443
ASN
#16509 AMAZON-02

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
67241bc8a61d0fceee1074b998aa8f56
628ef9f1f7cadb39d41f31e520729aeb15a443c1
781dbaadd1e1be9294832fb826f51cc11556011939078a1fe9a89e7bf89aca37

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://crushus-1.latestcache.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=514fa921-1475-4b83-b591-1e7e63fb9a8d:3:1; expires=Sun, 29 May 2033 05:36:05 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

3.125.225.220

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
3.125.225.220:443
ASN
#16509 AMAZON-02

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a52c32a131272855e7fbe65fa6baefbc
125817b88b6ab1e5fe2249de0d32381829d009df
0a72578132be2479d9b61dfc9a7a9ba7a8a52a8f4e17cc98d86b7f63b5a6025d

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://crushus-1.latestcache.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=20813ba0-3ff5-436e-87dd-4c55124f02cc:3:1; expires=Sun, 29 May 2033 05:36:05 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b53f2fcda25e30bbbf202b507fac96c
1d1cfb1765f42aba83c3b3e89417b228ed9f0b22
6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 05:36:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-H55MMD7MCD

142.250.74.168

200 OK

86 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-H55MMD7MCD
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (4537)
Size
86 kB (86268 bytes)
Hash
51b07b00b9eca21361e8c2aede4f05c8
1ffbddde0529b049b79ff6d4ecb6f67363a7584d
9693610ffca0717155c787b3576526f9c44711e00f58b3841d99958eb35a0b39

HTTP Headers

GET /gtag/js?id=G-H55MMD7MCD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Jun 2023 05:36:05 GMT
expires: Thu, 01 Jun 2023 05:36:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b53f2fcda25e30bbbf202b507fac96c
1d1cfb1765f42aba83c3b3e89417b228ed9f0b22
6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 05:36:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

poshhateful.com/advertisers.js

173.233.137.36

200 OK

0 B

URL GET HTTP/1.1
poshhateful.com/advertisers.js
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerLet's Encrypt
Subjectposhhateful.com
Fingerprint86:EA:FA:D7:E2:8F:7D:8C:A8:64:EE:3D:F1:60:9F:90:9E:8B:FF:D5
ValiditySun, 16 Apr 2023 07:05:46 GMT - Sat, 15 Jul 2023 07:05:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: poshhateful.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Jun 2023 05:36:06 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c4c715d0c386f7b65e4696440a0bb74
Strict-Transport-Security: max-age=0; includeSubdomains

greedevolution.com/ntv.json?key=c5f015defb41680bd68a4987925f5537&vstc=4

173.233.137.44

200 OK

18 kB

URL GET HTTP/1.1
greedevolution.com/ntv.json?key=c5f015defb41680bd68a4987925f5537&vstc=4
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerLet's Encrypt
Subjectgreedevolution.com
Fingerprint78:78:A0:0D:31:2B:DE:26:F5:39:14:49:E5:D5:3C:0B:E9:AC:02:E3
ValidityMon, 22 May 2023 06:33:53 GMT - Sun, 20 Aug 2023 06:33:52 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (17908), with no line terminators
Size
18 kB (17930 bytes)
Hash
4ea3db5b03b3d63094b53098282ddece
de1f4389589a586d5550f1ee32525dc2fae17e1b
d0c3b77f7899addd35b58802b73839c3ec6f9f56bf84681b22ca3829420220a9

HTTP Headers

GET /ntv.json?key=c5f015defb41680bd68a4987925f5537&vstc=4 HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Jun 2023 05:36:06 GMT
Content-Type: application/json
Content-Length: 17930
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://crushus-1.latestcache.com
Access-Control-Allow-Origin: https://crushus-1.latestcache.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18193230; expires=Fri, 02 Jun 2023 05:36:06 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Jun 2023 05:36:06 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Jun 2023 05:36:06 GMT; secure; SameSite=None
pdhtkv49=true; expires=Fri, 02 Jun 2023 05:36:06 GMT; secure; SameSite=None
uncs49=1; expires=Fri, 02 Jun 2023 05:36:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ba47f43c400a34598a7ce513caac860
Strict-Transport-Security: max-age=0; includeSubdomains

crushus-1.latestcache.com/static/images/favicon.ico

104.21.36.134

200 OK

148 B

URL GET HTTP/3
crushus-1.latestcache.com/static/images/favicon.ico
IP
104.21.36.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectlatestcache.com
Fingerprint11:01:92:86:EF:AE:A4:21:FE:EF:75:D0:0C:C5:B2:DF:AE:D6:DE:8F
ValidityFri, 05 May 2023 09:29:07 GMT - Thu, 03 Aug 2023 09:29:06 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Size
148 B (148 bytes)
Hash
6f8382abb1625bccd829eceb7f56ded6
279a65392ca05d6be3e01857d76919119f2461e1
e8f5a7e23dd5f0534221ed7923b8caaab0c397dffe083f7fbf4cbe55a84adad8

HTTP Headers

GET /static/images/favicon.ico HTTP/1.1
Host: crushus-1.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crushus-1.latestcache.com/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=20813ba0-3ff5-436e-87dd-4c55124f02cc%3A3%3A1; _ga_H55MMD7MCD=GS1.1.1685597765.1.0.1685597765.0.0.0; _ga=GA1.1.1167601038.1685597766; ppu_main_6c1f3c85c99e62eb028505b3f6b22cd4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 05:36:06 GMT
content-type: image/x-icon
etag: W/"63ee381c-13e"
last-modified: Thu, 16 Feb 2023 14:05:16 GMT
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieVqQeZRvL9k9QVccjHGAH2R4X4M4F0PF56uOsO891us8jP32GWW50IZgbRpoavxoPIdQ%2FTc9wtyXFxLTabe%2B9Qgw8pJf83sewPqXr%2BESQRMSO3%2B7Gu6A12u%2FI8adq%2Bkwc5W3e83HWJUtxOG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0518d77ec81bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidDVclFREUNOgQFCCh8%2B56z3dHioAJhyyMnR8QdGh2ZvY8eHZnmdm9PbuyiEApr6ABmvU7OxbgRKSjAaF1GmQpUq5AcoELJCqoCKREaB2LI5%2B0389%2Br3jvffPpdn5MXOT0qP%2B23pRK0bl2y22%2B%2BL7nXWguyyQfNUfdhQ8WggtNM3zFc3st96Xmm4Kt6znf9VzXc71mXxoR6dGc53ktFzLd73mtntsK%2FJbXDjAyj882d2CpAz48Juch%2BfTs%2Fu0AklVI4m8vCbue6fTlN%2BJc0UwbDPneu8l6oosE8ayNjIMo2TtFQ9v7%2FR%2Bgk90TwtDD%2F4ChnBLnt18RJnunLBEOdx8RDRVEgpCfQzGsIFQFSSswfR2S3ycA41hZRRLfXNGmoBuQ9ACM1tspaTx8AFlMSeOXp5DEtxeVHDWvaZVnUicWo6iEHFWQgwppfoBs8wxkcQCWfQzJ75G5h8tI4p1VqzQkL0%2FES1lBRhWUGINaB3n9SQd55CBPHcT8qNlhQbfLu21OBWN%2BGHndKIiCHmVuxNz5no%2Bc1fTGyNIxmBqDmS2kZgvrcgyT%2Fwi7VsJyBzabEufKFoa8RCEICktQUIJCEhQZQTEsd7myvi1vcmXz0Dut%2FmmdLyc6G2zTXZ0NREK202PyZO2L8%2FSXK1gXR03WjlyvzUUUBt5C1w35QpcGvW6n57ejdnu%2BAytLSHvmROqmnJLnXsiRyikhP99DSA9g1QGYPA%2Bae6DFpOO7oGuToOtiM7kVS2O0CelGS5sBuC6RZg1kG862OibPnBzo1bt%2FQrDDi3d%2B%2F%2BTZ7678AWZKpKbEh%2FIuwUDdmFzVBdm5qgtL7qymmYzlJq2Pdy2jmXji67fERqENX7pkx1%2B9xupF3e6%2FI2y2TBMuk4El3yxKzoXpa8ME%2BX7JvifCy7ldW8xNkqfLl1%2FvL8WpEdZKnVSgtbbqIzA5Jef%2BSU8e5vP2FqSpYPIScX5ITgNSV2DpFmw64281gVEzTJg2UOTlxPjh7KeSBErMZhqWsP%2Bbw1m%2FbW9gYBqg2XUkcYmhKTFUJagaw%2BZnJ1lqDi%2F%2B9HkdXyBUjUmoTGMnVEZ9Vpv7oE5%2F1%2BmvR15bedQUHbHQ6wVu0OGuGwbc9722YHQ%2BoD3q%2B1EHmZ3yUav%2FLwAAAP%2F%2FAQAA%2F%2F%2F2PSDxdAQAAA%3D%3D

173.233.137.44

200 OK

7 B

URL GET HTTP/1.1
greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidDVclFREUNOgQFCCh8%2B56z3dHioAJhyyMnR8QdGh2ZvY8eHZnmdm9PbuyiEApr6ABmvU7OxbgRKSjAaF1GmQpUq5AcoELJCqoCKREaB2LI5%2B0389%2Br3jvffPpdn5MXOT0qP%2B23pRK0bl2y22%2B%2BL7nXWguyyQfNUfdhQ8WggtNM3zFc3st96Xmm4Kt6znf9VzXc71mXxoR6dGc53ktFzLd73mtntsK%2FJbXDjAyj882d2CpAz48Juch%2BfTs%2Fu0AklVI4m8vCbue6fTlN%2BJc0UwbDPneu8l6oosE8ayNjIMo2TtFQ9v7%2FR%2Bgk90TwtDD%2F4ChnBLnt18RJnunLBEOdx8RDRVEgpCfQzGsIFQFSSswfR2S3ycA41hZRRLfXNGmoBuQ9ACM1tspaTx8AFlMSeOXp5DEtxeVHDWvaZVnUicWo6iEHFWQgwppfoBs8wxkcQCWfQzJ75G5h8tI4p1VqzQkL0%2FES1lBRhWUGINaB3n9SQd55CBPHcT8qNlhQbfLu21OBWN%2BGHndKIiCHmVuxNz5no%2Bc1fTGyNIxmBqDmS2kZgvrcgyT%2Fwi7VsJyBzabEufKFoa8RCEICktQUIJCEhQZQTEsd7myvi1vcmXz0Dut%2FmmdLyc6G2zTXZ0NREK202PyZO2L8%2FSXK1gXR03WjlyvzUUUBt5C1w35QpcGvW6n57ejdnu%2BAytLSHvmROqmnJLnXsiRyikhP99DSA9g1QGYPA%2Bae6DFpOO7oGuToOtiM7kVS2O0CelGS5sBuC6RZg1kG862OibPnBzo1bt%2FQrDDi3d%2B%2F%2BTZ7678AWZKpKbEh%2FIuwUDdmFzVBdm5qgtL7qymmYzlJq2Pdy2jmXji67fERqENX7pkx1%2B9xupF3e6%2FI2y2TBMuk4El3yxKzoXpa8ME%2BX7JvifCy7ldW8xNkqfLl1%2FvL8WpEdZKnVSgtbbqIzA5Jef%2BSU8e5vP2FqSpYPIScX5ITgNSV2DpFmw64281gVEzTJg2UOTlxPjh7KeSBErMZhqWsP%2Bbw1m%2FbW9gYBqg2XUkcYmhKTFUJagaw%2BZnJ1lqDi%2F%2B9HkdXyBUjUmoTGMnVEZ9Vpv7oE5%2F1%2BmvR15bedQUHbHQ6wVu0OGuGwbc9722YHQ%2BoD3q%2B1EHmZ3yUav%2FLwAAAP%2F%2FAQAA%2F%2F%2F2PSDxdAQAAA%3D%3D
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerLet's Encrypt
Subjectgreedevolution.com
Fingerprint78:78:A0:0D:31:2B:DE:26:F5:39:14:49:E5:D5:3C:0B:E9:AC:02:E3
ValidityMon, 22 May 2023 06:33:53 GMT - Sun, 20 Aug 2023 06:33:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidDVclFREUNOgQFCCh8%2B56z3dHioAJhyyMnR8QdGh2ZvY8eHZnmdm9PbuyiEApr6ABmvU7OxbgRKSjAaF1GmQpUq5AcoELJCqoCKREaB2LI5%2B0389%2Br3jvffPpdn5MXOT0qP%2B23pRK0bl2y22%2B%2BL7nXWguyyQfNUfdhQ8WggtNM3zFc3st96Xmm4Kt6znf9VzXc71mXxoR6dGc53ktFzLd73mtntsK%2FJbXDjAyj882d2CpAz48Juch%2BfTs%2Fu0AklVI4m8vCbue6fTlN%2BJc0UwbDPneu8l6oosE8ayNjIMo2TtFQ9v7%2FR%2Bgk90TwtDD%2F4ChnBLnt18RJnunLBEOdx8RDRVEgpCfQzGsIFQFSSswfR2S3ycA41hZRRLfXNGmoBuQ9ACM1tspaTx8AFlMSeOXp5DEtxeVHDWvaZVnUicWo6iEHFWQgwppfoBs8wxkcQCWfQzJ75G5h8tI4p1VqzQkL0%2FES1lBRhWUGINaB3n9SQd55CBPHcT8qNlhQbfLu21OBWN%2BGHndKIiCHmVuxNz5no%2Bc1fTGyNIxmBqDmS2kZgvrcgyT%2Fwi7VsJyBzabEufKFoa8RCEICktQUIJCEhQZQTEsd7myvi1vcmXz0Dut%2FmmdLyc6G2zTXZ0NREK202PyZO2L8%2FSXK1gXR03WjlyvzUUUBt5C1w35QpcGvW6n57ejdnu%2BAytLSHvmROqmnJLnXsiRyikhP99DSA9g1QGYPA%2Bae6DFpOO7oGuToOtiM7kVS2O0CelGS5sBuC6RZg1kG862OibPnBzo1bt%2FQrDDi3d%2B%2F%2BTZ7678AWZKpKbEh%2FIuwUDdmFzVBdm5qgtL7qymmYzlJq2Pdy2jmXji67fERqENX7pkx1%2B9xupF3e6%2FI2y2TBMuk4El3yxKzoXpa8ME%2BX7JvifCy7ldW8xNkqfLl1%2FvL8WpEdZKnVSgtbbqIzA5Jef%2BSU8e5vP2FqSpYPIScX5ITgNSV2DpFmw64281gVEzTJg2UOTlxPjh7KeSBErMZhqWsP%2Bbw1m%2FbW9gYBqg2XUkcYmhKTFUJagaw%2BZnJ1lqDi%2F%2B9HkdXyBUjUmoTGMnVEZ9Vpv7oE5%2F1%2BmvR15bedQUHbHQ6wVu0OGuGwbc9722YHQ%2BoD3q%2B1EHmZ3yUav%2FLwAAAP%2F%2FAQAA%2F%2F%2F2PSDxdAQAAA%3D%3D HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl=18193230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Jun 2023 05:36:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9e2df1f14b3a8b1ea61bbfad22acb696
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/9b/47/fb/9b47fb4316ad611bd932807c02c26cff/1683356991.png

45.133.44.10

200 OK

139 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/9b/47/fb/9b47fb4316ad611bd932807c02c26cff/1683356991.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint9A:03:0E:A5:2F:A4:91:E5:B4:C5:8B:64:C6:26:DA:66:35:19:14:97
ValidityMon, 29 May 2023 23:04:30 GMT - Sun, 27 Aug 2023 23:04:29 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
139 kB (139050 bytes)
Hash
b5095853b4c6e16acd9d238c51c479ff
b7436311ee33f668d8a71e1300a60a4e11ff32e4
b47522a109caa660ee05c5278f3ffc9eecd1d290b4132b6388d5677f9ea372a7

HTTP Headers

GET /si/9b/47/fb/9b47fb4316ad611bd932807c02c26cff/1683356991.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:06 GMT
content-type: image/png
content-length: 139050
server: nginx/1.17.6
last-modified: Sat, 06 May 2023 07:10:00 GMT
etag: "6455fd48-21f2a"
expires: Sat, 03 Jun 2023 05:36:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/f5/1a/51/f51a5127fdcd4dba8257a50bc502162f/1683356981.png

45.133.44.10

200 OK

128 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/f5/1a/51/f51a5127fdcd4dba8257a50bc502162f/1683356981.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint9A:03:0E:A5:2F:A4:91:E5:B4:C5:8B:64:C6:26:DA:66:35:19:14:97
ValidityMon, 29 May 2023 23:04:30 GMT - Sun, 27 Aug 2023 23:04:29 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
128 kB (128338 bytes)
Hash
2e213fca84ea9e780c6bf1c25ec75b61
d8fc9898a7bc1031b1d4c350c0d827ce424e17d5
c4cc2ce592d14c491c0430f3a6263e489a680b75ffecf97f6fde10f96ba6a9dd

HTTP Headers

GET /si/f5/1a/51/f51a5127fdcd4dba8257a50bc502162f/1683356981.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:06 GMT
content-type: image/png
content-length: 128338
server: nginx/1.17.6
last-modified: Sat, 06 May 2023 07:09:51 GMT
etag: "6455fd3f-1f552"
expires: Sat, 03 Jun 2023 05:36:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/e7/65/91/e76591885426335875f96fec271ab416/1683357009.png

45.133.44.10

200 OK

118 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/e7/65/91/e76591885426335875f96fec271ab416/1683357009.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint9A:03:0E:A5:2F:A4:91:E5:B4:C5:8B:64:C6:26:DA:66:35:19:14:97
ValidityMon, 29 May 2023 23:04:30 GMT - Sun, 27 Aug 2023 23:04:29 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
118 kB (118147 bytes)
Hash
42aa625f7b89a3d77b9fe771f1f1d3c3
9b3d290a8eba25e0c882692bc11c9c3ef4e52dbd
e85910c5985368e86dd68b62ca341599e65a4950383aa0a99e9336eecc47e122

HTTP Headers

GET /si/e7/65/91/e76591885426335875f96fec271ab416/1683357009.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:06 GMT
content-type: image/png
content-length: 118147
server: nginx/1.17.6
last-modified: Sat, 06 May 2023 07:10:21 GMT
etag: "6455fd5d-1cd83"
expires: Sat, 03 Jun 2023 05:36:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/3c/a6/9a/3ca69a4ec5579fd98f5bf2c32dc4bf0c/1683357000.png

45.133.44.10

200 OK

156 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/3c/a6/9a/3ca69a4ec5579fd98f5bf2c32dc4bf0c/1683357000.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint9A:03:0E:A5:2F:A4:91:E5:B4:C5:8B:64:C6:26:DA:66:35:19:14:97
ValidityMon, 29 May 2023 23:04:30 GMT - Sun, 27 Aug 2023 23:04:29 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
156 kB (155511 bytes)
Hash
4e4f25622c983e074eb908d4c15724bc
80f165b39dc08ebc204b390db0f7a3718b422a3d
12801ac20be4a4587a27149f756dd3123c9ba5d9555d73792a5c64df90bc4c05

HTTP Headers

GET /si/3c/a6/9a/3ca69a4ec5579fd98f5bf2c32dc4bf0c/1683357000.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:06 GMT
content-type: image/png
content-length: 155511
server: nginx/1.17.6
last-modified: Sat, 06 May 2023 07:10:08 GMT
etag: "6455fd50-25f77"
expires: Sat, 03 Jun 2023 05:36:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidDVclFREUNOgQFCCh8%2B56z3dHikAIhyyMnR8QdGh2ZvY8eHZnmdm9PbuyiEApr6ABmvU7OxZgoqSjAaF1GmQpUq5AcoELJCqoCKREaA%2BLg0%2Fa72e%2FV7z3vvl4Jz8hLnJ63H9Tb0ml6EK75Taff9fzLjRXZJKPmqPu0ntLwYWmGb7kub2W%2B0LzdcE29ILveq7ruV6zL42I9GjB87yWC5ke9LxWz20FfstrBxiZ%2F882d2CpAz48Iech%2BfTswe0AklVI4juXhd3IdPria3GuaKYNhnz%2F7WQj0UWCeN5GxkGU7J%2Bioe2D%2FnfQyd6MMPTwX2Aop8T55WeEyf4pS4TDvX%2BIhgoiQcjPoRhWEKqCpBWYvgHJHxCAcayuIYlvrWpT0E1IeghG6%2B2UNB49hCympPHTE0ji25eUHDWva5VnUicWo6iEHFWQgwppfohs6wxkcQiWfQjJ75OFRytI4t01qzQkL2fipawgowpKjEGtg7z%2BpIM8cpCnDmJ%2B3OywoNvl3TangjE%2FjLxuFERBjzI3Yu5iz0fOanpjZOkYTI3BzDZSs40NOYbJv4ddL2G5A5tNiXN1G0NeohAEhSUoKEEhCYqMoBiWe1xZ35a3uLJ56J1W%2F7QulhOdDXbons4GIiE76Ql5vPbFefLzVWyI4yZrR67X5iIKA2%2Bp64Z8qUuDXrfT89tRu73YgZUlpD0zk7olp%2BSZ53KkckrIj%2FcR0kNYdQgmz4PmHmgx6fgu6Pok6LrYSr6OpTHahHSzpc0AXJdIswayTWdHnZCnZgd6%2Bd6fEOzo4t1fP3r6m6u%2FgZkSqSnxvrxHMFA3J9d0QXav6cKSu2tpJmO5RevjXc9oJh778g2xWWjDly%2Fb8RevsHpRtwdvCZut0ITLZGDJV5ck58L0tWGCfLts3xHhldyuX8pNkqcrV17tL8epEdZKnVSgtbbqAzA5Jef%2BSmcP81l7B9JUMHmJOD8ipwGpK7B0Gzad87eawKg5JkzPoMjLifHD%2BU8lCZSYzzQsYf8zh%2FN%2Bx97EwDRAsxtI4hJDU2KoSlA1hs3PTrLUHF384dM6PkOoGpNQmcZuqIz6pDb34czhOv1Rp99h5XFTdMRSrxe4QYe7bhhw3%2FfagtHFgPao70cdZHbKR63%2B3wAAAP%2F%2FAQAA%2F%2F%2By1Hd7dAQAAA%3D%3D

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidDVclFREUNOgQFCCh8%2B56z3dHikAIhyyMnR8QdGh2ZvY8eHZnmdm9PbuyiEApr6ABmvU7OxZgoqSjAaF1GmQpUq5AcoELJCqoCKREaA%2BLg0%2Fa72e%2FV7z3vvl4Jz8hLnJ63H9Tb0ml6EK75Taff9fzLjRXZJKPmqPu0ntLwYWmGb7kub2W%2B0LzdcE29ILveq7ruV6zL42I9GjB87yWC5ke9LxWz20FfstrBxiZ%2F882d2CpAz48Iech%2BfTswe0AklVI4juXhd3IdPria3GuaKYNhnz%2F7WQj0UWCeN5GxkGU7J%2Bioe2D%2FnfQyd6MMPTwX2Aop8T55WeEyf4pS4TDvX%2BIhgoiQcjPoRhWEKqCpBWYvgHJHxCAcayuIYlvrWpT0E1IeghG6%2B2UNB49hCympPHTE0ji25eUHDWva5VnUicWo6iEHFWQgwppfohs6wxkcQiWfQjJ75OFRytI4t01qzQkL2fipawgowpKjEGtg7z%2BpIM8cpCnDmJ%2B3OywoNvl3TangjE%2FjLxuFERBjzI3Yu5iz0fOanpjZOkYTI3BzDZSs40NOYbJv4ddL2G5A5tNiXN1G0NeohAEhSUoKEEhCYqMoBiWe1xZ35a3uLJ56J1W%2F7QulhOdDXbons4GIiE76Ql5vPbFefLzVWyI4yZrR67X5iIKA2%2Bp64Z8qUuDXrfT89tRu73YgZUlpD0zk7olp%2BSZ53KkckrIj%2FcR0kNYdQgmz4PmHmgx6fgu6Pok6LrYSr6OpTHahHSzpc0AXJdIswayTWdHnZCnZgd6%2Bd6fEOzo4t1fP3r6m6u%2FgZkSqSnxvrxHMFA3J9d0QXav6cKSu2tpJmO5RevjXc9oJh778g2xWWjDly%2Fb8RevsHpRtwdvCZut0ITLZGDJV5ck58L0tWGCfLts3xHhldyuX8pNkqcrV17tL8epEdZKnVSgtbbqAzA5Jef%2BSmcP81l7B9JUMHmJOD8ipwGpK7B0Gzad87eawKg5JkzPoMjLifHD%2BU8lCZSYzzQsYf8zh%2FN%2Bx97EwDRAsxtI4hJDU2KoSlA1hs3PTrLUHF384dM6PkOoGpNQmcZuqIz6pDb34czhOv1Rp99h5XFTdMRSrxe4QYe7bhhw3%2FfagtHFgPao70cdZHbKR63%2B3wAAAP%2F%2FAQAA%2F%2F%2By1Hd7dAQAAA%3D%3D
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerLet's Encrypt
Subjectgreedevolution.com
Fingerprint78:78:A0:0D:31:2B:DE:26:F5:39:14:49:E5:D5:3C:0B:E9:AC:02:E3
ValidityMon, 22 May 2023 06:33:53 GMT - Sun, 20 Aug 2023 06:33:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidDVclFREUNOgQFCCh8%2B56z3dHikAIhyyMnR8QdGh2ZvY8eHZnmdm9PbuyiEApr6ABmvU7OxZgoqSjAaF1GmQpUq5AcoELJCqoCKREaA%2BLg0%2Fa72e%2FV7z3vvl4Jz8hLnJ63H9Tb0ml6EK75Taff9fzLjRXZJKPmqPu0ntLwYWmGb7kub2W%2B0LzdcE29ILveq7ruV6zL42I9GjB87yWC5ke9LxWz20FfstrBxiZ%2F882d2CpAz48Iech%2BfTswe0AklVI4juXhd3IdPria3GuaKYNhnz%2F7WQj0UWCeN5GxkGU7J%2Bioe2D%2FnfQyd6MMPTwX2Aop8T55WeEyf4pS4TDvX%2BIhgoiQcjPoRhWEKqCpBWYvgHJHxCAcayuIYlvrWpT0E1IeghG6%2B2UNB49hCympPHTE0ji25eUHDWva5VnUicWo6iEHFWQgwppfohs6wxkcQiWfQjJ75OFRytI4t01qzQkL2fipawgowpKjEGtg7z%2BpIM8cpCnDmJ%2B3OywoNvl3TangjE%2FjLxuFERBjzI3Yu5iz0fOanpjZOkYTI3BzDZSs40NOYbJv4ddL2G5A5tNiXN1G0NeohAEhSUoKEEhCYqMoBiWe1xZ35a3uLJ56J1W%2F7QulhOdDXbons4GIiE76Ql5vPbFefLzVWyI4yZrR67X5iIKA2%2Bp64Z8qUuDXrfT89tRu73YgZUlpD0zk7olp%2BSZ53KkckrIj%2FcR0kNYdQgmz4PmHmgx6fgu6Pok6LrYSr6OpTHahHSzpc0AXJdIswayTWdHnZCnZgd6%2Bd6fEOzo4t1fP3r6m6u%2FgZkSqSnxvrxHMFA3J9d0QXav6cKSu2tpJmO5RevjXc9oJh778g2xWWjDly%2Fb8RevsHpRtwdvCZut0ITLZGDJV5ck58L0tWGCfLts3xHhldyuX8pNkqcrV17tL8epEdZKnVSgtbbqAzA5Jef%2BSmcP81l7B9JUMHmJOD8ipwGpK7B0Gzad87eawKg5JkzPoMjLifHD%2BU8lCZSYzzQsYf8zh%2FN%2Bx97EwDRAsxtI4hJDU2KoSlA1hs3PTrLUHF384dM6PkOoGpNQmcZuqIz6pDb34czhOv1Rp99h5XFTdMRSrxe4QYe7bhhw3%2FfagtHFgPao70cdZHbKR63%2B3wAAAP%2F%2FAQAA%2F%2F%2By1Hd7dAQAAA%3D%3D HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl=18193230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Jun 2023 05:36:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d174765cc12558cf3b7ad4cb25751b7
Strict-Transport-Security: max-age=0; includeSubdomains

greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudTa5Kql%2F0o6BBh6AACZ1313u%2BO1IEQjhkYez8AUGHZmdmz4Nnd5aZ3duzK4sIlPIKGqBZv7NjASaQjgaE1mmQpUi5AskFLpCooCKQEqE9LA4%2Bab8%2F%2B73ivffNBzv5CXGR0%2BP%2Ba3pLKkUX2i23%2BcxbnnexuSKTfNQcdZfeXgouNs3wec%2Fttdxnm68ItqEXfNdzXc%2F1mn1pRKRHC57ntVzI9KDntXpuK%2FBbXjvAyPx3trkDSx3w4Qm5AMmn5w7uBJCsQhJ%2FdUXYjUynz70c54pm2mDI999INhJdJIjnbWQcRMn%2BKRraPuh%2FC53szQhDD%2F8BhnJKnJ9%2FQpjsn7JEONz7m2ioIBKE%2FDyKYQWhKkhagembkPwBARjH6hqS%2BPaqNgXdhKSHYLTeTknj0UPIYkoaP%2F4fSXznspKj5g2t8kzqxGIUlZCjCnJQIc0PkW2dgSwOwbL3IPl9svBoBUm8u2aVhuTlTLyUFWRUQYkxqHWQ1590kEcO8tRBzI%2BbHRZ0u7zb5lQw5oeR142CKOhR5kbMXez5yFlNb4wsHYOpMZjZRmq2sSHHMPl3sOslLHdgsylxrm1jyEsUgqCwBAUlKCRBkREUw3KPK%2Bvb8jZXNg%2B90%2Bqf1sVyorPBDt3T2UAkZCc9If%2BrfXEe%2B2QVG%2BK4ydqR67W5iMLAW%2Bq6IV%2Fq0qDX7fT8dtRuL3ZgZQlpz8ykbskpefLpHKmcEvLDfYT0EFYdgskLoLkHWkw6vgu6Pgm6LraSL2JpjDYh3WxpMwDXJdKsgWzT2VEn5PHZgV649zsEO7p095f3n%2Fj62q9gpkRqSrwj7xEM1K3JdV2Q3eu6sOTuWprJWG7R%2Bng3MpqJs5%2B9KjYLbfjyFTv%2B9EVWL%2Br24HVhsxWacJkMLPn8suRcmL42TJBvlu2bIrya2%2FXLuUnydOXqS%2F3lODXCWqmTCrTWVr0LJqfk%2FJ%2Fp7GE%2BZb%2BENBVMXiLOj8hpQOoKLN2GTef8rSYwao4J07Mo8nJi%2FHD%2BU0kCJeYzDUvYf83hvN%2BxtzAwDdDsJpK4xNCUGKoSVI1h83OTLDVHl77%2FqI6PEarGJFSmsRsqoz6szX1Ypz9mNtfpN1h53BQdsdTrBW7Q4a4bBtz3vbZgdDGgPer7UQeZnfJRq%2F8XAAAA%2F%2F8BAAD%2F%2F1N8ic90BAAA

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudTa5Kql%2F0o6BBh6AACZ1313u%2BO1IEQjhkYez8AUGHZmdmz4Nnd5aZ3duzK4sIlPIKGqBZv7NjASaQjgaE1mmQpUi5AskFLpCooCKQEqE9LA4%2Bab8%2F%2B73ivffNBzv5CXGR0%2BP%2Ba3pLKkUX2i23%2BcxbnnexuSKTfNQcdZfeXgouNs3wec%2Fttdxnm68ItqEXfNdzXc%2F1mn1pRKRHC57ntVzI9KDntXpuK%2FBbXjvAyPx3trkDSx3w4Qm5AMmn5w7uBJCsQhJ%2FdUXYjUynz70c54pm2mDI999INhJdJIjnbWQcRMn%2BKRraPuh%2FC53szQhDD%2F8BhnJKnJ9%2FQpjsn7JEONz7m2ioIBKE%2FDyKYQWhKkhagembkPwBARjH6hqS%2BPaqNgXdhKSHYLTeTknj0UPIYkoaP%2F4fSXznspKj5g2t8kzqxGIUlZCjCnJQIc0PkW2dgSwOwbL3IPl9svBoBUm8u2aVhuTlTLyUFWRUQYkxqHWQ1590kEcO8tRBzI%2BbHRZ0u7zb5lQw5oeR142CKOhR5kbMXez5yFlNb4wsHYOpMZjZRmq2sSHHMPl3sOslLHdgsylxrm1jyEsUgqCwBAUlKCRBkREUw3KPK%2Bvb8jZXNg%2B90%2Bqf1sVyorPBDt3T2UAkZCc9If%2BrfXEe%2B2QVG%2BK4ydqR67W5iMLAW%2Bq6IV%2Fq0qDX7fT8dtRuL3ZgZQlpz8ykbskpefLpHKmcEvLDfYT0EFYdgskLoLkHWkw6vgu6Pgm6LraSL2JpjDYh3WxpMwDXJdKsgWzT2VEn5PHZgV649zsEO7p095f3n%2Fj62q9gpkRqSrwj7xEM1K3JdV2Q3eu6sOTuWprJWG7R%2Bng3MpqJs5%2B9KjYLbfjyFTv%2B9EVWL%2Br24HVhsxWacJkMLPn8suRcmL42TJBvlu2bIrya2%2FXLuUnydOXqS%2F3lODXCWqmTCrTWVr0LJqfk%2FJ%2Fp7GE%2BZb%2BENBVMXiLOj8hpQOoKLN2GTef8rSYwao4J07Mo8nJi%2FHD%2BU0kCJeYzDUvYf83hvN%2BxtzAwDdDsJpK4xNCUGKoSVI1h83OTLDVHl77%2FqI6PEarGJFSmsRsqoz6szX1Ypz9mNtfpN1h53BQdsdTrBW7Q4a4bBtz3vbZgdDGgPer7UQeZnfJRq%2F8XAAAA%2F%2F8BAAD%2F%2F1N8ic90BAAA
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerLet's Encrypt
Subjectgreedevolution.com
Fingerprint78:78:A0:0D:31:2B:DE:26:F5:39:14:49:E5:D5:3C:0B:E9:AC:02:E3
ValidityMon, 22 May 2023 06:33:53 GMT - Sun, 20 Aug 2023 06:33:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudTa5Kql%2F0o6BBh6AACZ1313u%2BO1IEQjhkYez8AUGHZmdmz4Nnd5aZ3duzK4sIlPIKGqBZv7NjASaQjgaE1mmQpUi5AskFLpCooCKQEqE9LA4%2Bab8%2F%2B73ivffNBzv5CXGR0%2BP%2Ba3pLKkUX2i23%2BcxbnnexuSKTfNQcdZfeXgouNs3wec%2Fttdxnm68ItqEXfNdzXc%2F1mn1pRKRHC57ntVzI9KDntXpuK%2FBbXjvAyPx3trkDSx3w4Qm5AMmn5w7uBJCsQhJ%2FdUXYjUynz70c54pm2mDI999INhJdJIjnbWQcRMn%2BKRraPuh%2FC53szQhDD%2F8BhnJKnJ9%2FQpjsn7JEONz7m2ioIBKE%2FDyKYQWhKkhagembkPwBARjH6hqS%2BPaqNgXdhKSHYLTeTknj0UPIYkoaP%2F4fSXznspKj5g2t8kzqxGIUlZCjCnJQIc0PkW2dgSwOwbL3IPl9svBoBUm8u2aVhuTlTLyUFWRUQYkxqHWQ1590kEcO8tRBzI%2BbHRZ0u7zb5lQw5oeR142CKOhR5kbMXez5yFlNb4wsHYOpMZjZRmq2sSHHMPl3sOslLHdgsylxrm1jyEsUgqCwBAUlKCRBkREUw3KPK%2Bvb8jZXNg%2B90%2Bqf1sVyorPBDt3T2UAkZCc9If%2BrfXEe%2B2QVG%2BK4ydqR67W5iMLAW%2Bq6IV%2Fq0qDX7fT8dtRuL3ZgZQlpz8ykbskpefLpHKmcEvLDfYT0EFYdgskLoLkHWkw6vgu6Pgm6LraSL2JpjDYh3WxpMwDXJdKsgWzT2VEn5PHZgV649zsEO7p095f3n%2Fj62q9gpkRqSrwj7xEM1K3JdV2Q3eu6sOTuWprJWG7R%2Bng3MpqJs5%2B9KjYLbfjyFTv%2B9EVWL%2Br24HVhsxWacJkMLPn8suRcmL42TJBvlu2bIrya2%2FXLuUnydOXqS%2F3lODXCWqmTCrTWVr0LJqfk%2FJ%2Fp7GE%2BZb%2BENBVMXiLOj8hpQOoKLN2GTef8rSYwao4J07Mo8nJi%2FHD%2BU0kCJeYzDUvYf83hvN%2BxtzAwDdDsJpK4xNCUGKoSVI1h83OTLDVHl77%2FqI6PEarGJFSmsRsqoz6szX1Ypz9mNtfpN1h53BQdsdTrBW7Q4a4bBtz3vbZgdDGgPer7UQeZnfJRq%2F8XAAAA%2F%2F8BAAD%2F%2F1N8ic90BAAA HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl=18193230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Jun 2023 05:36:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 71b8319f5be62db15bdf844a313d5907
Strict-Transport-Security: max-age=0; includeSubdomains

crushus-1.latestcache.com/cdn-cgi/rum?

104.21.36.134

204 No Content

0 B

URL POST HTTP/3
crushus-1.latestcache.com/cdn-cgi/rum?
IP
104.21.36.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectlatestcache.com
Fingerprint11:01:92:86:EF:AE:A4:21:FE:EF:75:D0:0C:C5:B2:DF:AE:D6:DE:8F
ValidityFri, 05 May 2023 09:29:07 GMT - Thu, 03 Aug 2023 09:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: crushus-1.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crushus-1.latestcache.com/
content-type: application/json
Content-Length: 1049
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=20813ba0-3ff5-436e-87dd-4c55124f02cc%3A3%3A1; _ga_H55MMD7MCD=GS1.1.1685597765.1.0.1685597765.0.0.0; _ga=GA1.1.1167601038.1685597766; ppu_main_6c1f3c85c99e62eb028505b3f6b22cd4=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=greedevolution.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 01 Jun 2023 05:36:13 GMT
access-control-allow-origin: https://crushus-1.latestcache.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7d051904c8991bfa-OSL
x-frame-options: DENY
x-content-type-options: nosniff

crushus-1.latestcache.com/cdn-cgi/rum?

104.21.36.134

204 No Content

0 B

URL POST HTTP/3
crushus-1.latestcache.com/cdn-cgi/rum?
IP
104.21.36.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectlatestcache.com
Fingerprint11:01:92:86:EF:AE:A4:21:FE:EF:75:D0:0C:C5:B2:DF:AE:D6:DE:8F
ValidityFri, 05 May 2023 09:29:07 GMT - Thu, 03 Aug 2023 09:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: crushus-1.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crushus-1.latestcache.com/
Content-Type: application/json
Content-Length: 460
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Thu, 01 Jun 2023 05:36:20 GMT
access-control-allow-origin: https://crushus-1.latestcache.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7d05192ef8e11bfa-OSL
x-frame-options: DENY
x-content-type-options: nosniff

addresseepaper.com/sfp.js

0.0.0.0

0 B

URL GET
addresseepaper.com/sfp.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://crushus-1.latestcache.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

staticbay.pages.dev/proxy/js/ads/pop.js

172.66.47.92

200 OK

46 kB

URL GET HTTP/2
staticbay.pages.dev/proxy/js/ads/pop.js
IP
172.66.47.92:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:B8:08:37:9E:8C:AE:74:DF:9E:6D:A7:9E:A2:7B:34:A4:9F:17:AC
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (46040), with no line terminators
Size
46 kB (46040 bytes)
Hash
d980de133fec713f6a82ff45967a6686
40ad905aa541cff38af5ba9f3ca2e7dc6a2c8574
8cbfe6f954f68f3f36417f0ee0ae1bd5faed307f4d7bc4b9923ecd20f3d5c764

HTTP Headers

GET /proxy/js/ads/pop.js HTTP/1.1
Host: staticbay.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"bdac5e23c18e97813eaf29f94f5a77d4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QTZ28QJcf0qVMzkbhWqvpPq2m3Vet0%2Fxm6Um%2B83EIs1Ase%2F7I2sTlEGc2C3tT3bC3vtk7pS4v3NgIyVNgnNcQOJ2MHK5df2uObCijJEP0XIqkcC6tTNsPNtJqHiLOd5lqrziCO9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0518d05862b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

staticbay.pages.dev/proxy/js/ads/banner.js

172.66.47.92

200 OK

27 kB

URL GET HTTP/3
staticbay.pages.dev/proxy/js/ads/banner.js
IP
172.66.47.92:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:B8:08:37:9E:8C:AE:74:DF:9E:6D:A7:9E:A2:7B:34:A4:9F:17:AC
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
exported SGML document, ASCII text, with very long lines (27037), with no line terminators
Size
27 kB (27037 bytes)
Hash
cdcb5b8abbc9d532c62e2022032a0253
4f6537fd997995d839641dd20ee24fbf4577356b
72b0d92784cba20ae8f6c5f4b5e75dd9baadd1bcbe0a4551443985dd1b2dd268

HTTP Headers

GET /proxy/js/ads/banner.js HTTP/1.1
Host: staticbay.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2fc9a82ae39d89f0426be1690662d533"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CemtcZEVHJ0P5M7%2BhJMJhu0oBJHcFBgAjKIr1hXKPef2XoiIo39jVBZllE17oUyAK24ENg471pH%2FeAnxihyNhc3h8FL1GEer2OAc9Z7IiOTmTVIaVGPlVffhzY7jnY8jdW5S%2BJEx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0518d2a9901bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

crushus-1.latestcache.com/

104.21.36.134

200 OK

37 kB

URL User Request GET HTTP/2
crushus-1.latestcache.com/
IP
104.21.36.134:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectlatestcache.com
Fingerprint11:01:92:86:EF:AE:A4:21:FE:EF:75:D0:0C:C5:B2:DF:AE:D6:DE:8F
ValidityFri, 05 May 2023 09:29:07 GMT - Thu, 03 Aug 2023 09:29:06 GMT

File type

Size
37 kB (37140 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: crushus-1.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:04 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=315360000
cross-origin-opener-policy: same-origin
expires: Thu, 31 Dec 2037 23:55:55 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: DENY
x-proxy-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHY5bDp0b9wJv%2Fk4AJerNLDbV4bPj%2Fi3iCO1WnFeiT79z0Le0hIaTApZ1kSx6oPL5bYyoOXNx%2BdunLXaldOstom5pYQRmREh6IIL6%2FeCOY2%2BRh79%2BCmH34XkJ6qUBdxjKIeeI9ZWaF6Z4shw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0518cc0ad4fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js

104.18.11.207

200 OK

51 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (50904)
Size
51 kB (51143 bytes)
Hash
baaadea4492b059f284187d75af46063
7326bf5e023f871afcf6ebb18cb89109f81a7708
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

HTTP Headers

GET /bootstrap/4.0.0-beta/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"baaadea4492b059f284187d75af46063"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:49:23
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 302502a073a84b333b2936fdfea69338
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d0518d01c47b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

staticbay.pages.dev/proxy/js/ads/invoke.js

172.66.47.92

200 OK

25 kB

URL GET HTTP/2
staticbay.pages.dev/proxy/js/ads/invoke.js
IP
172.66.47.92:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:B8:08:37:9E:8C:AE:74:DF:9E:6D:A7:9E:A2:7B:34:A4:9F:17:AC
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type

Size
25 kB (25076 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /proxy/js/ads/invoke.js HTTP/1.1
Host: staticbay.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f3c2aeb7b85ec97fd7234296c9ac37e0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7pVR1Al4V5PW4fF%2FadTh8OPFLsmd%2FvDeT0%2FfrvjV40YiIgu78AYQuv2vFMaMsWlKXEA53vj4N%2FNRltZZOF0i7wbBcKFqa3aYtM0PXRDcPdy%2F4QVGEBYXdFV%2BFOfnaW%2BvkSY8s4A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0518d0585fb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Dosis

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Dosis
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (1164), with no line terminators
Size
1.1 kB (1140 bytes)
Hash
05b65a22f70879496e2c0e43257911c0
a3cc80e6ae7bb5a963f99fd352d8e7aea6f850d6
df1d32ef1f2d8d33020cb4c27ec36fcc29cb49524b0393660bd3517e8a0acd93

HTTP Headers

GET /css?family=Dosis HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Jun 2023 05:36:05 GMT
date: Thu, 01 Jun 2023 05:36:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

crushus-1.latestcache.com/cdn-cgi/apps/head/q6VigkzHh5xGbmd0GX6edfKnNmE.js

104.21.36.134

200 OK

9.7 kB

URL GET HTTP/3
crushus-1.latestcache.com/cdn-cgi/apps/head/q6VigkzHh5xGbmd0GX6edfKnNmE.js
IP
104.21.36.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectlatestcache.com
Fingerprint11:01:92:86:EF:AE:A4:21:FE:EF:75:D0:0C:C5:B2:DF:AE:D6:DE:8F
ValidityFri, 05 May 2023 09:29:07 GMT - Thu, 03 Aug 2023 09:29:06 GMT

File type
ASCII text, with very long lines (9853), with no line terminators
Size
9.7 kB (9695 bytes)
Hash
a2f2bf6c4d33a72606ac2d8d41206d75
76254108c6fe2c3a5394ba17fd957f34ed519ceb
e280775ab9c6ae519574acdd25fca0999c42214f7dd68eed4536b5ddb86a2e84

HTTP Headers

GET /cdn-cgi/apps/head/q6VigkzHh5xGbmd0GX6edfKnNmE.js HTTP/1.1
Host: crushus-1.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crushus-1.latestcache.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Rr6yvgUuef84dCr/B4ZiHPJct6XEmqxjFjAXxxKlZBJbh6t+daK2tha3H8HIHsPyEUgRrB6+Nhw=
x-amz-request-id: VSGHNWAADRB0VBTE
cache-control: public, max-age=31536000
last-modified: Wed, 15 Mar 2023 02:06:52 GMT
x-amz-version-id: zM4u_59zAj8rPmX3qgu0ez9JA1MXRRrK
etag: W/"2bd55c12a937916233a15f3608de6a92"
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUGaW0taZBFwL%2Fqi4L4sfQwXwrTavxI31OCJP6OutjboVMonAdkDx4RW4SJyCxbwOGoXX%2Bk%2F5O6yEN6RrZlDDKRkIHOXyID91hXa01SXtbuvAmy1uhKYhRSZmXf4MBOe6Xc8NM0JMAoNZ%2BmD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0518cf49451bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

crushus-1.latestcache.com/cdn-cgi/apps/body/0u8bev7r7LyK2fjruYWKC6_8D8A.js

104.21.36.134

200 OK

3.7 kB

URL GET HTTP/3
crushus-1.latestcache.com/cdn-cgi/apps/body/0u8bev7r7LyK2fjruYWKC6_8D8A.js
IP
104.21.36.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectlatestcache.com
Fingerprint11:01:92:86:EF:AE:A4:21:FE:EF:75:D0:0C:C5:B2:DF:AE:D6:DE:8F
ValidityFri, 05 May 2023 09:29:07 GMT - Thu, 03 Aug 2023 09:29:06 GMT

File type
ASCII text, with very long lines (3740), with no line terminators
Size
3.7 kB (3716 bytes)
Hash
2f4910f93d25a85f5aad8ab46339a4c3
431514f26c79cb359f0a52c454d5dbb3bc4c2444
3a977f056e371be3b5928f4d1b3425cf20bf8a3cf700af309190efac527d246d

HTTP Headers

GET /cdn-cgi/apps/body/0u8bev7r7LyK2fjruYWKC6_8D8A.js HTTP/1.1
Host: crushus-1.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crushus-1.latestcache.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: lT8No0AJfVbDNpZMCXql+jojW0vC21eCkdgEsAnWFigLWd/JvB5KzxyDCfPIF2rLEaBVbnm61R0=
x-amz-request-id: VSGWWAVFS4NDAWE4
cache-control: public, max-age=31536000
last-modified: Wed, 15 Mar 2023 02:06:52 GMT
x-amz-version-id: ssrzx5W2q8xknXmAPe.uy.ZXqLRcmRWy
etag: W/"0b9381048044b3207a2e9371ecb4b0fc"
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1d%2BRGaBEG5w6hV0Xs43gqDsHDp36lYvnQUL3FgG0%2FRgwt7NBZEcgPmMeay6OnubxuybXAwZ48Fjqpryeo3xuzqdnHOePWD2xPyvGM%2F2VNV5dfTfkFlTOGDlNST209vkikKgNscRiGWzi44g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0518d27b6b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

crushus-1.latestcache.com/static/css/base.css

104.21.36.134

200 OK

2.3 kB

URL GET HTTP/3
crushus-1.latestcache.com/static/css/base.css
IP
104.21.36.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectlatestcache.com
Fingerprint11:01:92:86:EF:AE:A4:21:FE:EF:75:D0:0C:C5:B2:DF:AE:D6:DE:8F
ValidityFri, 05 May 2023 09:29:07 GMT - Thu, 03 Aug 2023 09:29:06 GMT

File type
ASCII text, with very long lines (2443), with no line terminators
Size
2.3 kB (2316 bytes)
Hash
f2b6cdb3899692a5119e8da1d7fbca73
7b8e13345dbf2452e66d02619097504e61b95ddb
f0e8af6b13fed1f4349d3082f1df62225b9756fe1345791161b0f6e49c2294c0

HTTP Headers

GET /static/css/base.css HTTP/1.1
Host: crushus-1.latestcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crushus-1.latestcache.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: text/css
etag: W/"63ee381c-90c"
last-modified: Thu, 16 Feb 2023 14:05:16 GMT
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrC9RQSeMlLkUQ3Qk5yCtRzs0OknLx2Jgy9YzsNEGu51opreYrLgMXmlWeQz6z8gEDgRpwUZNtBY67yAhLGkISHFYYF1O6p3zUXgjX%2BLDqOHvYwNPvqk06v4AqhGVIZulzjKrBqhKtqvgBb4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0518cf494c1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css

104.18.11.207

200 OK

125 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65320)
Size
125 kB (124962 bytes)
Hash
3ffbab350748e841d3768b5d1ca48933
262e04cab3c1a51024d4f3960c72ebd3968476a7
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d

HTTP Headers

GET /bootstrap/4.0.0-beta/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"3ffbab350748e841d3768b5d1ca48933"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 05/04/2022 04:18:25
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 6b95e11a02d0079e68cb49781dc11627
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d0518d04c83b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDVclFREUNOgQFImEzrvrPd8dKQIhHIowdn5AUCCh2ZnZ8%2BDZnWVm9%2FbsyiICpeMKGqBZf2fHAoxFOhoQWqdBliLlCiQXuECigoqQlAjtYWF40r73vn1f8X3vzUeb%2BRFxkdPD%2Fut6XSpF59ott3nubc%2B70FyUST5qjroL7y4EF5pm%2BILn9lru%2Beargq3qOd%2F1XNdzvWZfGhHp0ZzneS0XMt3tea2e2wr8ltcOMDL%2FxzZ3YKkDPjwiZyH59PTuXgDJKiTxN5eFXc10%2Bvwrca5opg2GfOfNZDXRRYL4pI2MgyjZOWZD2%2Fv976GT7Zlg6OG%2FxFBOifPrLwiTnWOVCIfb%2FwgNFUSCkJ9BMawgVAVJKzB9E5LfJwDjWFpGEt9e0qaga5B0H4zW0ylpPHoAWUxJ4%2BcnkMR7l5QcNW9olWdSJxajqIQcVZCDCmm%2Bj2z9FGSxD5Z9AMnvkblHi0jirWWrNCQvZ%2BalrCCjCkqMQa2DvP6kgzxykKcOYn7Y7LCg2%2BXdNqeCMT%2BMvG4UREGPMjdi7nzPR85qeWNk6RhMjcHMBlKzgVU5hsl%2FgF0pYbkDm02Jc20DQ16iEASFJSgoQSEJioygGJbbXFnflre5snnoHVf%2FuM6XE50NNum2zgYiIZvpEXm83ovz5OdLWBWHTdaOXK%2FNRRQG3kLXDflClwa9bqfnt6N2e74DK0tIe2pmdV1OyTPP5UjllJCf7iGk%2B7BqH0yeBc090GLS8V3QlUnQdbGefB1LY7QJ6VpLmwG4LpFmDWRrzqY6Ik%2FNDvTi3QcQ7ODind8%2BfPrba7%2BDmRKpKfGevEswULcm13VBtq7rwpI7y2kmY7lO6%2BPdyGgmHvvyNbFWaMOvXLbjL15i9aBud98QNlukCZfJwJKvLknOhelrwwT57op9S4RXc7tyKTdJni5efbl%2FJU6NsFbqpAKtvVXvg8kpOfNXOnuYz9o9SFPB5CXi%2FIAcB6SuwNIN2PTg4u65h9XH75yH1QRGnXDC1EGRlxPjhyc%2FlSRQ4gTTsIT9Dw5P%2Bk17CwPTAM1uIolLDE2JoSpB1Rg2Pz3JUnNw8cdP6%2FgMoWpMQmUaW6Ey6pPZcuv0sE5%2F1ukPWHnYFB2x0OsFbtDhrhsG3Pe9tmB0PqA96vtRB5md8lGr%2FzcAAAD%2F%2FwEAAP%2F%2F4ZJjynQEAAA%3D

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDVclFREUNOgQFImEzrvrPd8dKQIhHIowdn5AUCCh2ZnZ8%2BDZnWVm9%2FbsyiICpeMKGqBZf2fHAoxFOhoQWqdBliLlCiQXuECigoqQlAjtYWF40r73vn1f8X3vzUeb%2BRFxkdPD%2Fut6XSpF59ott3nubc%2B70FyUST5qjroL7y4EF5pm%2BILn9lru%2Beargq3qOd%2F1XNdzvWZfGhHp0ZzneS0XMt3tea2e2wr8ltcOMDL%2FxzZ3YKkDPjwiZyH59PTuXgDJKiTxN5eFXc10%2Bvwrca5opg2GfOfNZDXRRYL4pI2MgyjZOWZD2%2Fv976GT7Zlg6OG%2FxFBOifPrLwiTnWOVCIfb%2FwgNFUSCkJ9BMawgVAVJKzB9E5LfJwDjWFpGEt9e0qaga5B0H4zW0ylpPHoAWUxJ4%2BcnkMR7l5QcNW9olWdSJxajqIQcVZCDCmm%2Bj2z9FGSxD5Z9AMnvkblHi0jirWWrNCQvZ%2BalrCCjCkqMQa2DvP6kgzxykKcOYn7Y7LCg2%2BXdNqeCMT%2BMvG4UREGPMjdi7nzPR85qeWNk6RhMjcHMBlKzgVU5hsl%2FgF0pYbkDm02Jc20DQ16iEASFJSgoQSEJioygGJbbXFnflre5snnoHVf%2FuM6XE50NNum2zgYiIZvpEXm83ovz5OdLWBWHTdaOXK%2FNRRQG3kLXDflClwa9bqfnt6N2e74DK0tIe2pmdV1OyTPP5UjllJCf7iGk%2B7BqH0yeBc090GLS8V3QlUnQdbGefB1LY7QJ6VpLmwG4LpFmDWRrzqY6Ik%2FNDvTi3QcQ7ODind8%2BfPrba7%2BDmRKpKfGevEswULcm13VBtq7rwpI7y2kmY7lO6%2BPdyGgmHvvyNbFWaMOvXLbjL15i9aBud98QNlukCZfJwJKvLknOhelrwwT57op9S4RXc7tyKTdJni5efbl%2FJU6NsFbqpAKtvVXvg8kpOfNXOnuYz9o9SFPB5CXi%2FIAcB6SuwNIN2PTg4u65h9XH75yH1QRGnXDC1EGRlxPjhyc%2FlSRQ4gTTsIT9Dw5P%2Bk17CwPTAM1uIolLDE2JoSpB1Rg2Pz3JUnNw8cdP6%2FgMoWpMQmUaW6Ey6pPZcuv0sE5%2F1ukPWHnYFB2x0OsFbtDhrhsG3Pe9tmB0PqA96vtRB5md8lGr%2FzcAAAD%2F%2FwEAAP%2F%2F4ZJjynQEAAA%3D
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerLet's Encrypt
Subjectgreedevolution.com
Fingerprint78:78:A0:0D:31:2B:DE:26:F5:39:14:49:E5:D5:3C:0B:E9:AC:02:E3
ValidityMon, 22 May 2023 06:33:53 GMT - Sun, 20 Aug 2023 06:33:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDVclFREUNOgQFImEzrvrPd8dKQIhHIowdn5AUCCh2ZnZ8%2BDZnWVm9%2FbsyiICpeMKGqBZf2fHAoxFOhoQWqdBliLlCiQXuECigoqQlAjtYWF40r73vn1f8X3vzUeb%2BRFxkdPD%2Fut6XSpF59ott3nubc%2B70FyUST5qjroL7y4EF5pm%2BILn9lru%2Beargq3qOd%2F1XNdzvWZfGhHp0ZzneS0XMt3tea2e2wr8ltcOMDL%2FxzZ3YKkDPjwiZyH59PTuXgDJKiTxN5eFXc10%2Bvwrca5opg2GfOfNZDXRRYL4pI2MgyjZOWZD2%2Fv976GT7Zlg6OG%2FxFBOifPrLwiTnWOVCIfb%2FwgNFUSCkJ9BMawgVAVJKzB9E5LfJwDjWFpGEt9e0qaga5B0H4zW0ylpPHoAWUxJ4%2BcnkMR7l5QcNW9olWdSJxajqIQcVZCDCmm%2Bj2z9FGSxD5Z9AMnvkblHi0jirWWrNCQvZ%2BalrCCjCkqMQa2DvP6kgzxykKcOYn7Y7LCg2%2BXdNqeCMT%2BMvG4UREGPMjdi7nzPR85qeWNk6RhMjcHMBlKzgVU5hsl%2FgF0pYbkDm02Jc20DQ16iEASFJSgoQSEJioygGJbbXFnflre5snnoHVf%2FuM6XE50NNum2zgYiIZvpEXm83ovz5OdLWBWHTdaOXK%2FNRRQG3kLXDflClwa9bqfnt6N2e74DK0tIe2pmdV1OyTPP5UjllJCf7iGk%2B7BqH0yeBc090GLS8V3QlUnQdbGefB1LY7QJ6VpLmwG4LpFmDWRrzqY6Ik%2FNDvTi3QcQ7ODind8%2BfPrba7%2BDmRKpKfGevEswULcm13VBtq7rwpI7y2kmY7lO6%2BPdyGgmHvvyNbFWaMOvXLbjL15i9aBud98QNlukCZfJwJKvLknOhelrwwT57op9S4RXc7tyKTdJni5efbl%2FJU6NsFbqpAKtvVXvg8kpOfNXOnuYz9o9SFPB5CXi%2FIAcB6SuwNIN2PTg4u65h9XH75yH1QRGnXDC1EGRlxPjhyc%2FlSRQ4gTTsIT9Dw5P%2Bk17CwPTAM1uIolLDE2JoSpB1Rg2Pz3JUnNw8cdP6%2FgMoWpMQmUaW6Ey6pPZcuv0sE5%2F1ukPWHnYFB2x0OsFbtDhrhsG3Pe9tmB0PqA96vtRB5md8lGr%2FzcAAAD%2F%2FwEAAP%2F%2F4ZJjynQEAAA%3D HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl=18193230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Jun 2023 05:36:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8a67dca8c77e89d12d49f7d6d04106d0
Strict-Transport-Security: max-age=0; includeSubdomains

static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

104.16.57.101

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
IP
104.16.57.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crushus-1.latestcache.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19927), with no line terminators
Size
20 kB (19927 bytes)
Hash
d294b48fb7400508953205265f95d2e1
fd545d38241c9c56e81f61e45cd239976ecd0b46
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

HTTP Headers

GET /beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crushus-1.latestcache.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 05:36:05 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.4.2
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0518d0295cb505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML