Report - uploadvirus.com/uploads/vbrzfqu.doc

Report Overview

Submitted URL
uploadvirus.com/uploads/vbrzfqu.doc
IP
166.88.62.202
ASN
#18779 EGIHOSTING
Submitted
2022-10-12 20:58:53
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.dynadot.com	239555	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	416 kB	104.18.28.19
p.typekit.net	620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	357 B	23.36.76.186
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	863 B	562 B	216.239.32.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.228.207.167
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	76 kB	142.250.74.168
use.typekit.net	494	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	1.3 kB	23.36.76.186
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	468 B	694 B	142.250.74.3
stats.dynadot.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	432 B	64 kB	68.68.98.112
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	471 B	562 B	173.194.73.154
mainstats.dynadot.com	542881	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	70 kB	68.68.98.49
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	325 B	1.6 kB	54.230.111.7
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
uploadvirus.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	306 B	166.88.62.202
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	796 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-12	medium	uploadvirus.com	Sinkholed

JavaScript (16)

	URL	Size	First Seen	Last Seen
	www.dynadot.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7592c14e2eafb4f4	59 kB	2023-03-08	2023-03-08
Pretty URL www.dynadot.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7592c14e2eafb4f4 IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:46:34 Last Seen2023-03-08 13:46:34 Times Seen1 Hash 88244265c72c9d47fd1c77a845382604 1acaf72d0ed7737e90af76d1294fee9cbefcc791 8a477225d8981a23b2e3c7b54434fbb9c825b1c2585615d332984e019e26ca73 Loading...

	www.dynadot.com/1665556828780forsale-buynow-landing-page.js	1.5 kB	2023-03-07	2023-06-20
Pretty URL www.dynadot.com/1665556828780forsale-buynow-landing-page.js IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:09 Last Seen2023-06-20 00:08:32 Times Seen57 Hash 92f53e8e15239f64267d1fd59f66c3b3 ebe872fd66d12fd8f6adac5a93475fcb468a984f da42080d1d66a392257a06f3012040bf35ae49d3310ae2dcab3b54f172329341 Loading...

	stats.dynadot.com/matomo.js	64 kB	2023-03-07	2024-04-05
Pretty URL stats.dynadot.com/matomo.js IP 68.68.98.112 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-04-05 20:11:10 Times Seen286 Hash 68e32650fea29cf0fbbfa1df6c13f6f9 143d3250f699f4f9ab3d1890cd791ff0f5d649d9 0ce713b6cef25179719f242dcfa4ed9e985f1443257722299df2768deeb5ab6e Loading...

	mainstats.dynadot.com/matomo.js	69 kB	2023-03-07	2024-03-15
Pretty URL mainstats.dynadot.com/matomo.js IP 68.68.98.49 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:09 Last Seen2024-03-15 15:44:41 Times Seen9 Hash fdd9171daeb5d6c28325d5cddebbc786 1af7d60e4e89daca011eedfa97ecb2c963f03e12 ad2c5ecd660a0a5dff000926a75fe4b13cafa7849ad1e85c36676f1a120e013a Loading...

	www.dynadot.com/forsale/uploadvirus.com?drefid=2071	17 B	2023-03-07	2023-04-05
Pretty URL www.dynadot.com/forsale/uploadvirus.com?drefid=2071 IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2023-04-05 02:12:11 Times Seen1946 Hash 8ff8851cc2351b1ece0667fc38808aca 1948720040e391039821b5f1e0ffb994f42af529 39dc54b6b6d6d57f0d76b09b6e775fa9bf57418049cbb68c31fa4176a8b81175 Loading...

	www.dynadot.com/tr/lazysizes.min.js	7.9 kB	2023-03-07	2024-04-25
Pretty URL www.dynadot.com/tr/lazysizes.min.js IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:12 Last Seen2024-04-25 23:00:14 Times Seen800 Hash 96201abb62283557a9d7b97b4cab14ab a72f33d920d0ab863df4cb60edf44ec140304cdb 46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98 Loading...

	www.dynadot.com/tr/bootstrap.min.js	36 kB	2023-03-07	2024-01-28
Pretty URL www.dynadot.com/tr/bootstrap.min.js IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:09 Last Seen2024-01-28 17:32:39 Times Seen143 Hash b889d0e0e360373791a7478530bfc61f a45320736b67a1c255dc734b162ee0c67f01393c 0183ef0763e720f30973508786716b02890ed82ec71239b6ec6dee24b9dae7e3 Loading...

	www.dynadot.com/forsale/uploadvirus.com?drefid=2071	147 B	2023-03-07	2024-01-28
Pretty URL www.dynadot.com/forsale/uploadvirus.com?drefid=2071 IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:09 Last Seen2024-01-28 17:32:37 Times Seen56 Hash cd89c941c1f94bd54ddd684b3b8f2a25 b3db1ee61ebdd10c9ea3024afb9adfe28bde0b6f cf7565c859d20c1a2247b5ea8a175c1fcae81136a83e1ad6af68769da1ecf047 Loading...

	www.dynadot.com/forsale/uploadvirus.com?drefid=2071	521 B	2023-03-08	2023-03-08
Pretty URL www.dynadot.com/forsale/uploadvirus.com?drefid=2071 IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:46:34 Last Seen2023-03-08 13:49:23 Times Seen1 Hash e4d377a219c8b3c4d4580fd9f4721ae9 1d97b9521d1de15d63462e5fd07121f2ebc747d0 50259692546a637899a5cfe4c646991b9ccc930b32f19d60bdf05363962ed43c Loading...

	www.dynadot.com/forsale/uploadvirus.com?drefid=2071	3.0 kB	2023-03-08	2023-03-08
Pretty URL www.dynadot.com/forsale/uploadvirus.com?drefid=2071 IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:46:34 Last Seen2023-03-08 13:46:34 Times Seen1 Hash 895cd7bd265bc18a661653ba8fe65d77 b43a6a6977f6e943761febb5f1d559ce5cf25ec7 00ac5cc851d8c668ee8dd23203cddb01294b849b2e1714aa924b42b576c7e10c Loading...

	www.dynadot.com/tr/jquery.min.js	96 kB	2023-03-07	2024-04-18
Pretty URL www.dynadot.com/tr/jquery.min.js IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:56 Last Seen2024-04-18 11:12:34 Times Seen254 Hash 019c5fb7c4771808dc65e1096c771348 44a33096a0498722bc286c5f190d37b070db2d23 c8963b6bd2ca8497603794bf9adcbff7a3ea55c9c3edef3d5a992405ee256a90 Loading...

	www.dynadot.com/forsale/uploadvirus.com?drefid=2071	436 B	2023-03-07	2023-03-17
Pretty URL www.dynadot.com/forsale/uploadvirus.com?drefid=2071 IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:09 Last Seen2023-03-17 12:35:05 Times Seen1 Hash f00da29468dcf8c60b740a009eb9c61c d9434346e84f83e381e7c33d85ef21ba3526ff88 4cd278e811f35442acd545160899cf70b0518134fd1d65b045e703a0b4977137 Loading...

	www.dynadot.com/hp_script.js	4.3 kB	2023-03-07	2024-04-25
Pretty URL www.dynadot.com/hp_script.js IP 104.18.28.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:14 Last Seen2024-04-25 10:52:23 Times Seen192 Hash e3a38f9f90665f041fc2f74a7783d11f 36a00e17f15f30e9bb864d42acf2614f0a6085af 76b055d98452d34162573203254cbdaa9938774e55fae84d7e8a41b912522687 Loading...

	www.googletagmanager.com/gtag/js?id=G-S0L3BZSLYB	216 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-S0L3BZSLYB IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:46:34 Last Seen2023-03-08 13:46:34 Times Seen1 Hash 10b3f48697e67ab5627e599b40d93cf0 45995efc38aa10003f9ede0adeef9156e577672c b7dc3ca80eb5f07fc869012c17cccb59de6584b8a502ea98a44c745f58d2b500 Loading...

		Size	First Seen	Last Seen
	#1 Eval - bb443245f08ff44fdaa38a6539b4b748	491 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 13:46:34 Last Seen2023-03-08 13:46:34 Times Seen1 Hash bb443245f08ff44fdaa38a6539b4b748 b08f4404af1a71e83106dcb38e4a00d6975dbaea a03de8376876cbde7cfd29dcbf54b51199c8b6505dbc7df3a487db854f382b8a Loading...

		Size	First Seen	Last Seen
	#1 Write - 467d82ac802ebf5b672ecdb8e02505e6	3.6 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:02:24 Last Seen2023-07-11 15:29:01 Times Seen16478 Hash 467d82ac802ebf5b672ecdb8e02505e6 b3df725dd3285fd4618d65c08e83b8f08c8e4798 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515 Loading...

HTTP Transactions (61)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 12 Oct 2022 20:49:20 GMT
Expires: Wed, 12 Oct 2022 21:35:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kFpADlKkx5c6NXTsJ24Vs06AsLLPxp2AH5vC0rzjZhfduWs4bVcjZw==
Age: 561

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6507
Expires: Wed, 12 Oct 2022 22:47:09 GMT
Date: Wed, 12 Oct 2022 20:58:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bce7a9c1ff7500c4cfad5c3a3581a939
74b8dadf6ead0ce5d1d72e40a2eac554c5f5430c
6c840089371a0e25d60d0d76d6400348b0cdfb5967876c7b88e2b4a2aaf01a03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C840089371A0E25D60D0D76D6400348B0CDFB5967876C7B88E2B4A2AAF01A03"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2581
Expires: Wed, 12 Oct 2022 21:41:43 GMT
Date: Wed, 12 Oct 2022 20:58:42 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: oN794xGgegEIRHBhsAslnWO5IJU9OjvDR4wQgHIQyvkZ2CLtuANJs+EcTksL1z5LBp4mEPNJIx4=
x-amz-request-id: H203XWJRG2M8KH4J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 12 Oct 2022 20:01:24 GMT
age: 3438
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

uploadvirus.com/uploads/vbrzfqu.doc

166.88.62.202

302 Moved Temporarily

0 B

URL HTTP/1.1
uploadvirus.com/uploads/vbrzfqu.doc
IP
166.88.62.202:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /uploads/vbrzfqu.doc HTTP/1.1
Host: uploadvirus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Date: Wed, 12 Oct 2022 20:58:42 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 20:58:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.dynadot.com/favicon.ico

104.18.28.19

200 OK

721 B

URL HTTP/2
www.dynadot.com/favicon.ico
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
721 B (721 bytes)
Hash
ab307efbdcdd2e4f671636784ab6f3d2
7fdc7a15cb3ed35515565d44128e7d5b9f30cfeb
4a9b9159917a365827d2ef79e639d70d1d27ff8c6cb489b96f6645c193e06825

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:42 GMT
content-type: image/x-icon
content-length: 721
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209579
expires: Wed, 26 Oct 2022 6:40:57 GMT
etag: 1665556825970
cf-cache-status: HIT
age: 51444
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15009d9b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7592c14e2eafb4f4

104.18.28.19

200 OK

42 B

URL HTTP/2
www.dynadot.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7592c14e2eafb4f4
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7592c14e2eafb4f4 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:42 GMT
content-type: image/gif
content-length: 42
last-modified: Fri, 07 Oct 2022 16:50:57 GMT
etag: "634058f1-2a"
server: cloudflare
cf-ray: 7592c1503a22b4f4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 12 Oct 2022 22:58:42 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5804116755327947:1665605170:ez4PVcSqTTSIOCpLk8ETQgAJXgD8iFj8td_U00KFbqs/7592c14e2eafb4f4/19307857d022a6d

104.18.28.19

200 OK

60 kB

URL HTTP/2
www.dynadot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5804116755327947:1665605170:ez4PVcSqTTSIOCpLk8ETQgAJXgD8iFj8td_U00KFbqs/7592c14e2eafb4f4/19307857d022a6d
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
60 kB (60028 bytes)
Hash
1834810a32d7085086b262cdf038e7f5
5a9b194304b3e01273b9c333bd3d46d87bb32037
cd628392523586cc8d15dac344b5c92688bd4836d269386a476d2b6e92c6f71d

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.5804116755327947:1665605170:ez4PVcSqTTSIOCpLk8ETQgAJXgD8iFj8td_U00KFbqs/7592c14e2eafb4f4/19307857d022a6d HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
CF-Challenge: 19307857d022a6d
Content-Length: 1706
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:42 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_chl_seq_19307857d022a6d=kbd9UA_v9RTonCI;SameSite=Strict;HttpOnly
cf_chl_gen: GZQ5VAPNNkK8xDkop/SRt6kpGfMrcnjfSht/8CFUJ/uNLE7NdVw3+zIuAFy8b3/EAgiI5mWnLYT0ZapbsSLmCyho7NnMbpPGkzAJVJMYa5EkmOEjulbeB+s3gdf0ejIxy4CODoTAQVmQjGS90b6uanqaN1u6G9hUKeIS0eBePalJgdO0TkJhel717i+dMuZCCb30XP20fnRUs3LkSkDUtip9PP5RkHXBBaVh36Pf80fM4zxLRSJgGvSep4KpuycQx42b7ALD9ZtfuhUrfNiBfXmjhd9tmZHNivnBAWNkVwOk6+CwU8Cil50uOgsSdT00CsdnqWEhTQ8qryxSIQ9QL88YBmZ3tQ3BGSb+P29FvhZavx4ecxoLZrVlyCLhCxgbZgkjPZuZxT3Agi/XRrZ/XA==$A7MBZZGk876pwnkXiBJDOw==
server: cloudflare
cf-ray: 7592c1513bd5b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
63604bda613d148120c491e2f095255f
0fc63ecaff8a0f36dc2a82f3fb187725d0064d69
8478a84e8513fb9afb0d1c369b668bd37ca98943a624ac3a3a69165536bd1748

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 522
Cache-Control: max-age=127008
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 20:58:43 GMT
Etag: "63467599-1d7"
Expires: Fri, 14 Oct 2022 08:15:31 GMT
Last-Modified: Wed, 12 Oct 2022 08:06:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.228.207.167

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.207.167:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MYMXO8yMkmxHRAEtp6nS+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gprZlY5E0W9/ajjMRU17Kb/3xuA=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4645
Expires: Wed, 12 Oct 2022 22:16:09 GMT
Date: Wed, 12 Oct 2022 20:58:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4645
Expires: Wed, 12 Oct 2022 22:16:09 GMT
Date: Wed, 12 Oct 2022 20:58:44 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50df13c8-d4e3-4d87-8794-332894dfce82.jpeg

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50df13c8-d4e3-4d87-8794-332894dfce82.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7108 bytes)
Hash
f5d47115d404a4b49a15c5aa29f132c2
22a32b863ce79c6165cc90e998f1498bf9e74fd0
549725a62e4c15820c47249ae933120bbb091a55331be511b486307e33ec59c0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50df13c8-d4e3-4d87-8794-332894dfce82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7108
x-amzn-requestid: 9f8e92e1-b64f-46b4-8a87-4d0e5c21bdaf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BzOEmzoAMFsoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e347-3ec5e4d50d2e14a17f88a64d;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:42:31 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -PDUkBoSz0m_qAelLTQB5nwXRYx0vZ-U8MVWzN2ZsKutf1CgDDUhCw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:55:11 GMT
age: 83013
etag: "22a32b863ce79c6165cc90e998f1498bf9e74fd0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5252 bytes)
Hash
4f78379e6bde371b492c950402bcc39e
53a7502d8932c515aa09055c5cf8f2d2242e4398
241016bbd3cebc009f63dff2773c1c7fdb68fa941ab62b368d5e023b9155fa37

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5252
x-amzn-requestid: b4ef9c4f-7ca4-42c9-a928-b0b8aa3cc695
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BUaEtBoAMF8Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e282-455619be605fa91977c66df7;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:39:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zg4cBw3GML5OoCmS3yOEMdwKHFgl4fulcLN0Eqp4ttYBPj3umRY9lg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:34:25 GMT
age: 80659
etag: "53a7502d8932c515aa09055c5cf8f2d2242e4398"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11800 bytes)
Hash
6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 5f2ce4dd-0df8-4df7-a12d-e6fffd622752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZnTQHGADIAMFXfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f98cd-5044665325e5d64975c1ff0c;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 03:11:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZKsi1hYgZdJQNWpphaMVLfpg69dC93J575Y2RsOzFV3ZzBb6x-nrew==
via: 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:22:17 GMT
age: 81387
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbb15fc1-cc74-4918-8e82-688ede90f3df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12284 bytes)
Hash
5a61ea2d6a9b25c5567339c60f503bc6
19dd911262d941074183edd995d59abc84a42cd5
0ff68c4572b0eda2ddce4ce76b39cd268dcf5182acdaacb0274c23e2c5f50b3d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbb15fc1-cc74-4918-8e82-688ede90f3df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12284
x-amzn-requestid: 7df5e0e3-155f-4cfd-b1e1-62310edf4516
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3B7JFbxIAMFxnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e37a-0882e1333f26304f1d89c3c9;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:43:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9wDJ29JLh2XIpgl5eKOBisYXYZY0IUFJGzZVNIJ-s3oBVET3NoL4ig==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:33:17 GMT
age: 80727
etag: "19dd911262d941074183edd995d59abc84a42cd5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74c4905d-ef25-43db-8882-67009cd34f1a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3985 bytes)
Hash
eda06240feabfa1b019765fe963c2d9c
3bbdd5560213e9b49ab7c079c5f2549d68890720
cd3724bfc1355b419c46df1259bfa40b4b4517a81bd45a4392d34e22c14a3d6e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74c4905d-ef25-43db-8882-67009cd34f1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3985
x-amzn-requestid: 6da73a65-c346-4040-9a03-63d5d6845adf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z1Cr1HeVoAMFubg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634517e5-34af0c8d6dc8218963b7319c;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 07:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LAjdvQ29NhOnJjwigVkIjb7vx5tCPJPrHOOPmUD5Vh9N45WN4ZZXCg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 07:37:37 GMT
age: 48067
etag: "3bbdd5560213e9b49ab7c079c5f2549d68890720"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9325 bytes)
Hash
d31330d47548d966e50813d7e2253551
ec0a371cca2d4e43f3375dd6b699478c5af62884
309f2cf9ccd62d5c2fd8713836b602317875f4273ef560f3bf3d681aa868b9d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9325
x-amzn-requestid: 6a0388e5-97d6-42f4-b54d-a3f4826f2293
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxMaDE2JoAMFieg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63438dd9-76ff69230ce03c033b35a4c4;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 03:13:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oUdj3LVRzke7i9j4pQRCGqss6LC-l1Qf4gvtAnrM9ZH1Bzu6Adezuw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 04:00:51 GMT
age: 61073
etag: "ec0a371cca2d4e43f3375dd6b699478c5af62884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/challenge-platform/h/g/img/7592c14e2eafb4f4/1665608322770/N8kEizzlx26ppIo

104.18.28.19

200 OK

22 kB

URL HTTP/2
www.dynadot.com/cdn-cgi/challenge-platform/h/g/img/7592c14e2eafb4f4/1665608322770/N8kEizzlx26ppIo
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 100 x 71, 8-bit/color RGB, non-interlaced\012- data
Size
22 kB (22337 bytes)
Hash
d1594eb66a3bd6e33758e897dd5b3b64
05259c5923167d0b1781c7dc2c3164d370f796f7
6ea47ded24d349201508201191e8ba7d5b7fa5262817ce054796b5a9e4c806b2

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/img/7592c14e2eafb4f4/1665608322770/N8kEizzlx26ppIo HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:43 GMT
content-type: image/png
server: cloudflare
cf-ray: 7592c1574e39b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/1665556831763responsive.css

104.18.28.19

200 OK

996 B

URL HTTP/2
www.dynadot.com/tr/1665556831763responsive.css
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text
Size
996 B (996 bytes)
Hash
379850517f1fec4f2c8773351a3f015c
2fc117ef2fa5d760158086b8102f9f1dcbcd6b75
ad840d27bda3d906257d10d65ea6903d224dafa41d4d7bd9f60d3069cb3467b5

HTTP Headers

GET /tr/1665556831763responsive.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: text/css
content-length: 996
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209599
expires: Wed, 26 Oct 2022 6:40:59 GMT
etag: 1665556831763
cf-cache-status: HIT
age: 49327
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15fcd86b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/1665556831762main.css

104.18.28.19

200 OK

1.5 kB

URL HTTP/2
www.dynadot.com/tr/1665556831762main.css
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.5 kB (1494 bytes)
Hash
281acf842e0903af7b015313bcbcdb1b
07e13f2d618454bbcd1f58521cf8a93dab6ef805
688381f4496b4b1d6910295a4a03023cce45f99ae5696bb088bd2a1a032b4fff

HTTP Headers

GET /tr/1665556831762main.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: text/css
content-length: 1494
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209599
expires: Wed, 26 Oct 2022 6:40:59 GMT
etag: 1665556831762
cf-cache-status: HIT
age: 49327
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15fcd80b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/fontawesome6/css/all.min.css

104.18.28.19

200 OK

83 kB

URL HTTP/2
www.dynadot.com/fontawesome6/css/all.min.css
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65360)
Size
83 kB (83001 bytes)
Hash
07edf92895ae5461d512465919fac404
7b2de1cbcdf31921bf9ed8ff1d66a0e461b3818f
0a58a9e4d074c95c0aaa50507754f395152827d3d50ed30503db8bdb7fe8ee62

HTTP Headers

GET /fontawesome6/css/all.min.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: text/css
content-length: 83001
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209599
expires: Wed, 26 Oct 2022 6:40:59 GMT
etag: 1665556825883
cf-cache-status: HIT
age: 2760
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15fdd89b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/fontawesome6/css/v4-shims.min.css

104.18.28.19

200 OK

4.2 kB

URL HTTP/2
www.dynadot.com/fontawesome6/css/v4-shims.min.css
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (25889)
Size
4.2 kB (4188 bytes)
Hash
1264a43e39e587ce7a063917b62f5b1e
fbeb018feb3d7bf9c331f918fcf34ef777e49834
28a7e6d0fb0e59493c2e859617eb28ba4a5ddb7f76bc84de4d5a456bcfbc4656

HTTP Headers

GET /fontawesome6/css/v4-shims.min.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: text/css
content-length: 4188
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209599
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556825855
cf-cache-status: HIT
age: 51458
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15fdd8db4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/lazysizes.min.js

104.18.28.19

200 OK

3.5 kB

URL HTTP/2
www.dynadot.com/tr/lazysizes.min.js
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (7862)
Size
3.5 kB (3494 bytes)
Hash
85e998e98b79e1caa4fd12f79c7750ab
21b5559406acba84867b6bec05606469a5e6a9ea
0ac64f32729e19571811f1baa8745389bacaef3accdfe45e6e003e31e7bd4618

HTTP Headers

GET /tr/lazysizes.min.js HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: application/x-javascript
content-length: 3494
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209598
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556831736
cf-cache-status: HIT
age: 51451
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15feda5b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/jquery.min.js

104.18.28.19

200 OK

33 kB

URL HTTP/2
www.dynadot.com/tr/jquery.min.js
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32047)
Size
33 kB (33318 bytes)
Hash
3fe8235897b96dd42d36ee5f9ea2882b
1f74c5f4da7440e09e0d1fd9970c77b8d1afecdd
afc71408b0c0b10e70101a7e40766d7b125ef17ded4fd79524fc1d0fe05b0002

HTTP Headers

GET /tr/jquery.min.js HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: application/x-javascript
content-length: 33318
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209598
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556831728
cf-cache-status: HIT
age: 51456
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15feda3b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/1665556831769cropper.css

104.18.28.19

200 OK

1.5 kB

URL HTTP/2
www.dynadot.com/tr/1665556831769cropper.css
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.5 kB (1467 bytes)
Hash
2e0b47108a7bf2c95f22c14c4abf88ab
4020241782f9d973d0fd1ce008baf67d8e103344
7f4ba3f95e629a1b35928aa22737b3b02baae94e225f57c3e95871209e00b1cb

HTTP Headers

GET /tr/1665556831769cropper.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: text/css
content-length: 1467
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209589
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556831769
cf-cache-status: HIT
age: 51457
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15fdd97b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/bootstrap.min.js

104.18.28.19

200 OK

9.5 kB

URL HTTP/2
www.dynadot.com/tr/bootstrap.min.js
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32025)
Size
9.5 kB (9538 bytes)
Hash
e3c8458f792a363c3efdea9db280aabb
5211cbc23a3686bd9d202502f2ea1b0813a4953a
7e13b5a52e07a32e4f991682ac9ca8738e9c29e878d8f60aad0cfb5379e6cee7

HTTP Headers

GET /tr/bootstrap.min.js HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: application/x-javascript
content-length: 9538
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209598
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556831731
cf-cache-status: HIT
age: 51456
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15feda4b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/sr/1665556823835popup.css

104.18.28.19

200 OK

247 B

URL HTTP/2
www.dynadot.com/sr/1665556823835popup.css
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
247 B (247 bytes)
Hash
640ffb779bf81a7906a310aa8ee6827a
d339f5c61a9e5f1c04b2664b98a20d4535a86220
31ff8981eaaa7338c1a3da12b471bb0f5844c652a88567585b0bdfb9cce4a966

HTTP Headers

GET /sr/1665556823835popup.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: text/css
content-length: 247
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209454
expires: Wed, 26 Oct 2022 6:41:05 GMT
etag: 1665556823835
cf-cache-status: HIT
age: 46971
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15ffdb3b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/1665556828779forsale-common.css

104.18.28.19

200 OK

493 B

URL HTTP/2
www.dynadot.com/1665556828779forsale-common.css
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
493 B (493 bytes)
Hash
e1bc704b62f60f005b53235186d4da46
59f86697049f9394b64c0a386f9706367bb8d149
ef2f5b7b15e979fe5a6535033f0c50758ef79644ff014484e316b1f95667f147

HTTP Headers

GET /1665556828779forsale-common.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: text/css
content-length: 493
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209455
expires: Wed, 26 Oct 2022 6:41:05 GMT
etag: 1665556828779
cf-cache-status: HIT
age: 46971
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15ffdb4b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/1665556828779forsale-buyitnow.css

104.18.28.19

200 OK

941 B

URL HTTP/2
www.dynadot.com/1665556828779forsale-buyitnow.css
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
941 B (941 bytes)
Hash
e6a857b5da4b59f2a2fd0b0c999d29b7
fca6139a8d3812fcd29492b837e7021c83b19a01
b0b7d3a802f9b483fb86ef14a560acb573a6a655af4baf9364dea284d7d510e0

HTTP Headers

GET /1665556828779forsale-buyitnow.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: text/css
content-length: 941
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209454
expires: Wed, 26 Oct 2022 6:41:04 GMT
etag: 1665556828779
cf-cache-status: HIT
age: 46711
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15ffdb6b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/1665556828780forsale-buynow-landing-page.js

104.18.28.19

200 OK

527 B

URL HTTP/2
www.dynadot.com/1665556828780forsale-buynow-landing-page.js
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
527 B (527 bytes)
Hash
530193bf1f629bfaffb6e63db9ae981b
804508fe2f5ca0ddc6af0aec26fdfc4c458211c0
327f3bc6718eac9fa1174aad6524ff770a35a88cb6258f430ad7e4401843f7c9

HTTP Headers

GET /1665556828780forsale-buynow-landing-page.js HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: application/x-javascript
content-length: 527
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209455
expires: Wed, 26 Oct 2022 6:41:05 GMT
etag: 1665556828780
cf-cache-status: HIT
age: 46711
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15ffdc2b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/hp_script.js

104.18.28.19

200 OK

1.7 kB

URL HTTP/2
www.dynadot.com/hp_script.js
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4289), with no line terminators
Size
1.7 kB (1689 bytes)
Hash
e34449c658b03e8a3c79fd9e1f3c2ceb
2f391d7b60e8ea82736a89540f8644925567c753
b34342bfc8819e0b1097172a192277d88f157543bfac447dd0bfefc76ae22b34

HTTP Headers

GET /hp_script.js HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: application/x-javascript
content-length: 1689
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209598
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556858117
cf-cache-status: HIT
age: 51454
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c15ffdc4b4f4-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
befa75dbbe9d5dfa501f9c1f03b7cdfa
73814c47bdcd6bebffc963b71d0a20fb361fad50
76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 20:58:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-S0L3BZSLYB

142.250.74.168

200 OK

75 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-S0L3BZSLYB
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21373)
Size
75 kB (75384 bytes)
Hash
5a0b60b0dcf1096e271b11d6a23e5fa9
327835c524a50e1041ec3d5de1bbad91ec98bbae
c18003d6f80df1174c3bd3844241d811dd44a57ce1981c5de8a7e034f63a3809

HTTP Headers

GET /gtag/js?id=G-S0L3BZSLYB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 12 Oct 2022 20:58:45 GMT
expires: Wed, 12 Oct 2022 20:58:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
befa75dbbe9d5dfa501f9c1f03b7cdfa
73814c47bdcd6bebffc963b71d0a20fb361fad50
76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 20:58:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.typekit.net/eyi5ire.css

23.36.76.186

200 OK

892 B

URL HTTP/2
use.typekit.net/eyi5ire.css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
892 B (892 bytes)
Hash
767d0efc6eab4569b031258a8c470899
3bb592714c1b412af66c20aa71ed4146a837a55a
7e824afd30d06ddb4e0e2bf67c64a73fde6403e66a53d1793687e7c2bae15768

HTTP Headers

GET /eyi5ire.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 892
date: Wed, 12 Oct 2022 20:58:45 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=eyi5ire&ht=tk&f=139.140.173.174.175.176.25136.25137&a=699613&app=typekit&e=css

23.36.76.186

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=eyi5ire&ht=tk&f=139.140.173.174.175.176.25136.25137&a=699613&app=typekit&e=css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=eyi5ire&ht=tk&f=139.140.173.174.175.176.25136.25137&a=699613&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Wed, 12 Oct 2022 20:58:45 GMT
X-Firefox-Spdy: h2

www.dynadot.com/for-sale-background.jpg

104.18.28.19

200 OK

50 kB

URL HTTP/2
www.dynadot.com/for-sale-background.jpg
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1065, components 3\012- data
Size
50 kB (50022 bytes)
Hash
e5d448729254b2c3e6004c1a032294b3
eff428b054a75ff48de0e1d1540af4d048f13424
d227846f6b1dd0166bed6dbef4f86625f0ca4e28956f3de3c61790e5e6805b21

HTTP Headers

GET /for-sale-background.jpg HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: image/jpeg
content-length: 50022
cache-control: max-age=1209168
cf-bgj: h2pri
etag: 1665556828778
expires: Wed, 26 Oct 2022 6:41:07 GMT
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 46970
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c161d8a0b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/fontawesome6/webfonts/fa-brands-400.woff2

104.18.28.19

200 OK

106 kB

URL HTTP/2
www.dynadot.com/fontawesome6/webfonts/fa-brands-400.woff2
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 105768, version 769.768\012- data
Size
106 kB (105768 bytes)
Hash
ea24446014ea86d85129883a9511629f
90fe0513c6a0ff1d8f564ec782fa54b559e7d3f8
3701cbff3acccd80b1f2eede4311050514f7a64c2039eb77a77368fcd6e3de28

HTTP Headers

GET /fontawesome6/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dynadot.com/fontawesome6/css/all.min.css
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: application/octet-stream
content-length: 105768
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209163
expires: Wed, 26 Oct 2022 6:41:02 GMT
etag: 1665556825606
cf-cache-status: HIT
age: 49094
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c161e8acb4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/logo-dark-blue273x90.png

104.18.28.19

200 OK

4.9 kB

URL HTTP/2
www.dynadot.com/logo-dark-blue273x90.png
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 273 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4916 bytes)
Hash
8820a24754e94b3e3a2a117635b87416
12ea0b727c8009ffcc78521444adf030e4754f6a
ed91e81f8ec57f6f2e5dce4d58e11d6b8df058ac7b2ae0ed78f81ae99e257822

HTTP Headers

GET /logo-dark-blue273x90.png HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: image/png
content-length: 4916
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209441
expires: Wed, 26 Oct 2022 6:41:07 GMT
etag: 1665556828778
cf-cache-status: HIT
age: 46970
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c1624925b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/for-sale-tag.png

104.18.28.19

200 OK

425 B

URL HTTP/2
www.dynadot.com/for-sale-tag.png
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
425 B (425 bytes)
Hash
c0b3dc6ef896c486166a4dd442dc5d2a
a8792f88d4036ad8c034c69d345f5bd86a556fff
7ea36112383b54b5b9c65b830221a99498d3fb81bbe4e6b155dbe304648135b7

HTTP Headers

GET /for-sale-tag.png HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: image/png
content-length: 425
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209439
expires: Wed, 26 Oct 2022 6:41:06 GMT
etag: 1665556828776
cf-cache-status: HIT
age: 46970
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c162492bb4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/alipay.png

104.18.28.19

200 OK

8.1 kB

URL HTTP/2
www.dynadot.com/alipay.png
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 306 x 306, 8-bit/color RGBA, non-interlaced\012- data
Size
8.1 kB (8117 bytes)
Hash
acb5474212e1ad5d27a2f0d8c571c684
9c258342fa720dcb08287f9eef492cfd907a2a22
aabc8440836955a53bda81631f589ea72aebd930081e2cc818fbde76f1285a42

HTTP Headers

GET /alipay.png HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: image/png
content-length: 8117
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209439
expires: Wed, 26 Oct 2022 6:41:07 GMT
etag: 1665556828779
cf-cache-status: HIT
age: 46970
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c1624928b4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/for-sale-phone.png

104.18.28.19

200 OK

842 B

URL HTTP/2
www.dynadot.com/for-sale-phone.png
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size
842 B (842 bytes)
Hash
1b66d1be100d7036f15a36751cf360fe
7409c644380191e0ebdf16ac20be1745cdc19965
ada12557bc7ad69be093b1ad741f6dbd6d3007f9d6814eb8f5b54a29b115fc8a

HTTP Headers

GET /for-sale-phone.png HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: image/png
content-length: 842
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209439
expires: Wed, 26 Oct 2022 6:41:07 GMT
etag: 1665556828776
cf-cache-status: HIT
age: 46970
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c1625937b4f4-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
df2ada3024ecfb341d7265c0cd9ce1b5
1bd4062cb0bee7cf829f6b303ef696c90fcaf322
a2d60f3925390530ce315037f4cdea6068d48249b86ed69d331e5e2735581823

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2D60F3925390530CE315037F4CDEA6068D48249B86ED69D331E5E2735581823"
Last-Modified: Tue, 11 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10860
Expires: Wed, 12 Oct 2022 23:59:45 GMT
Date: Wed, 12 Oct 2022 20:58:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9475ff0b134fe05b17663875904734c3
0bbb7fbbbf2ae84146de60639ca456e887bc131e
9cd38dc644901404f14b39ea1ffdf2a70dfc3496f841f1975db7c1a9491a9ff3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CD38DC644901404F14B39EA1FFDF2A70DFC3496F841F1975DB7C1A9491A9FF3"
Last-Modified: Mon, 10 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5611
Expires: Wed, 12 Oct 2022 22:32:16 GMT
Date: Wed, 12 Oct 2022 20:58:45 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 20:58:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S0L3BZSLYB&cid=437038466.1665608326&gtm=2oeaa0&aip=1&z=618205706

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S0L3BZSLYB&cid=437038466.1665608326&gtm=2oeaa0&aip=1&z=618205706
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S0L3BZSLYB&cid=437038466.1665608326&gtm=2oeaa0&aip=1&z=618205706 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 20:58:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 20:58:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.dynadot.com/matomo.js

68.68.98.112

200 OK

64 kB

URL HTTP/2
stats.dynadot.com/matomo.js
IP
68.68.98.112:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with very long lines (1601)
Size
64 kB (63675 bytes)
Hash
68e32650fea29cf0fbbfa1df6c13f6f9
143d3250f699f4f9ab3d1890cd791ff0f5d649d9
0ce713b6cef25179719f242dcfa4ed9e985f1443257722299df2768deeb5ab6e

HTTP Headers

GET /matomo.js HTTP/1.1
Host: stats.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/
Cookie: cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 12 Oct 2022 20:58:45 GMT
content-type: application/javascript
content-length: 63675
last-modified: Thu, 04 Nov 2021 03:01:34 GMT
etag: "61834d0e-f8bb"
expires: Wed, 12 Oct 2022 21:58:45 GMT
pragma: public
cache-control: max-age=3600, public
accept-ranges: bytes
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-S0L3BZSLYB&gtm=2oeaa0&_p=2434880&_gaz=1&cid=437038466.1665608326&ul=en-us&sr=1280x1024&_s=1&sid=1665608325&sct=1&seg=0&dl=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&dr=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3DQMG9TRVXdrxku6A3gYK8MpvzSa8q.PU6Aku2IOIGWVA-1665608322-0-gaNycGzNCBE&dt=For%20Sale%20Domain%3A%20uploadvirus.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-S0L3BZSLYB&gtm=2oeaa0&_p=2434880&_gaz=1&cid=437038466.1665608326&ul=en-us&sr=1280x1024&_s=1&sid=1665608325&sct=1&seg=0&dl=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&dr=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3DQMG9TRVXdrxku6A3gYK8MpvzSa8q.PU6Aku2IOIGWVA-1665608322-0-gaNycGzNCBE&dt=For%20Sale%20Domain%3A%20uploadvirus.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-S0L3BZSLYB&gtm=2oeaa0&_p=2434880&_gaz=1&cid=437038466.1665608326&ul=en-us&sr=1280x1024&_s=1&sid=1665608325&sct=1&seg=0&dl=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&dr=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3DQMG9TRVXdrxku6A3gYK8MpvzSa8q.PU6Aku2IOIGWVA-1665608322-0-gaNycGzNCBE&dt=For%20Sale%20Domain%3A%20uploadvirus.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.dynadot.com
date: Wed, 12 Oct 2022 20:58:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b328dd45b340d747021ad1da23ede95d
92811e18e93271b7b7fc75b2e0ff9d3617f0417e
8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 20:58:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/g/collect?v=2&tid=G-S0L3BZSLYB&cid=437038466.1665608326&gtm=2oeaa0&aip=1

173.194.73.154

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-S0L3BZSLYB&cid=437038466.1665608326&gtm=2oeaa0&aip=1
IP
173.194.73.154:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-S0L3BZSLYB&cid=437038466.1665608326&gtm=2oeaa0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.dynadot.com
date: Wed, 12 Oct 2022 20:58:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b328dd45b340d747021ad1da23ede95d
92811e18e93271b7b7fc75b2e0ff9d3617f0417e
8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 20:58:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mainstats.dynadot.com/matomo.js

68.68.98.49

200 OK

69 kB

URL HTTP/1.1
mainstats.dynadot.com/matomo.js
IP
68.68.98.49:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with very long lines (1892)
Size
69 kB (68947 bytes)
Hash
fdd9171daeb5d6c28325d5cddebbc786
1af7d60e4e89daca011eedfa97ecb2c963f03e12
ad2c5ecd660a0a5dff000926a75fe4b13cafa7849ad1e85c36676f1a120e013a

HTTP Headers

GET /matomo.js HTTP/1.1
Host: mainstats.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/
Cookie: cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 20:58:45 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 15 Feb 2020 01:34:10 GMT
ETag: "2145e-10d53-59e93519b7d1b"
Accept-Ranges: bytes
Content-Length: 68947
Connection: close
Content-Type: text/javascript

www.dynadot.com/for-sale-recommended.png

104.18.28.19

200 OK

9.2 kB

URL HTTP/2
www.dynadot.com/for-sale-recommended.png
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 218 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
9.2 kB (9223 bytes)
Hash
4980483ab0c4703bfbf244af96d7b76e
ff4f41165eb27ece8bfc89528143c44f40ce3538
319c0d2b0a61f02be5fd72837d87c82fc7cda2e9d67ef10ba96149ffa18b1b04

HTTP Headers

GET /for-sale-recommended.png HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=19307857d022a6d; cf_chl_prog=x14; cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; session_id=732735832; new_ref=2071-1665608324728; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q; _ga_S0L3BZSLYB=GS1.1.1665608325.1.0.1665608325.60.0.0; _ga=GA1.1.437038466.1665608326; _pk_id.1.1bae=066f13f5fef32c83.1665608326.; _pk_ses.1.1bae=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:46 GMT
content-type: image/png
content-length: 9223
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209456
expires: Wed, 26 Oct 2022 6:41:25 GMT
etag: 1665556828776
cf-cache-status: HIT
age: 46971
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c168bcf9b4f4-OSL
X-Firefox-Spdy: h2

mainstats.dynadot.com/matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=034725&h=20&m=58&s=46&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3DQMG9TRVXdrxku6A3gYK8MpvzSa8q.PU6Aku2IOIGWVA-1665608322-0-gaNycGzNCBE&_id=066f13f5fef32c83&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=for-sale&pv_id=7rnON1&pf_net=0&pf_srv=994&pf_tfr=171&pf_dm1=475

68.68.98.49

204 No Response

0 B

URL HTTP/1.1
mainstats.dynadot.com/matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=034725&h=20&m=58&s=46&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3DQMG9TRVXdrxku6A3gYK8MpvzSa8q.PU6Aku2IOIGWVA-1665608322-0-gaNycGzNCBE&_id=066f13f5fef32c83&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=for-sale&pv_id=7rnON1&pf_net=0&pf_srv=994&pf_tfr=171&pf_dm1=475
IP
68.68.98.49:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=034725&h=20&m=58&s=46&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3DQMG9TRVXdrxku6A3gYK8MpvzSa8q.PU6Aku2IOIGWVA-1665608322-0-gaNycGzNCBE&_id=066f13f5fef32c83&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=for-sale&pv_id=7rnON1&pf_net=0&pf_srv=994&pf_tfr=171&pf_dm1=475 HTTP/1.1
Host: mainstats.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/
Cookie: cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; _ga_S0L3BZSLYB=GS1.1.1665608325.1.0.1665608325.60.0.0; _ga=GA1.1.437038466.1665608326
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Response
Date: Wed, 12 Oct 2022 20:58:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/7.3.13
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dynadot.com
Connection: close
Content-Type: text/html; charset=UTF-8

mainstats.dynadot.com/matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=773608&h=20&m=58&s=46&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3DQMG9TRVXdrxku6A3gYK8MpvzSa8q.PU6Aku2IOIGWVA-1665608322-0-gaNycGzNCBE&_id=066f13f5fef32c83&_idn=0&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=visitor&pv_id=aZqBZI&pf_net=0&pf_srv=994&pf_tfr=171&pf_dm1=475

68.68.98.49

204 No Response

0 B

URL HTTP/1.1
mainstats.dynadot.com/matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=773608&h=20&m=58&s=46&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3DQMG9TRVXdrxku6A3gYK8MpvzSa8q.PU6Aku2IOIGWVA-1665608322-0-gaNycGzNCBE&_id=066f13f5fef32c83&_idn=0&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=visitor&pv_id=aZqBZI&pf_net=0&pf_srv=994&pf_tfr=171&pf_dm1=475
IP
68.68.98.49:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=773608&h=20&m=58&s=46&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3DQMG9TRVXdrxku6A3gYK8MpvzSa8q.PU6Aku2IOIGWVA-1665608322-0-gaNycGzNCBE&_id=066f13f5fef32c83&_idn=0&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=visitor&pv_id=aZqBZI&pf_net=0&pf_srv=994&pf_tfr=171&pf_dm1=475 HTTP/1.1
Host: mainstats.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/
Cookie: cf_clearance=w8dgbjx71GYVwjvj5hdRzl5mV5FrNzWQ9Vl30lwdQPY-1665608323-0-150; _ga_S0L3BZSLYB=GS1.1.1665608325.1.0.1665608325.60.0.0; _ga=GA1.1.437038466.1665608326
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Response
Date: Wed, 12 Oct 2022 20:58:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/7.3.13
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dynadot.com
Connection: close
Content-Type: text/html; charset=UTF-8

www.dynadot.com/forsale/uploadvirus.com?drefid=2071

104.18.28.19

503 Service Unavailable

0 B

URL HTTP/2
www.dynadot.com/forsale/uploadvirus.com?drefid=2071
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /forsale/uploadvirus.com?drefid=2071 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 503 Service Unavailable
date: Wed, 12 Oct 2022 20:58:42 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referer-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7592c14e2eafb4f4-OSL
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7592c14e2eafb4f4

104.18.28.19

200 OK

0 B

URL HTTP/2
www.dynadot.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7592c14e2eafb4f4
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7592c14e2eafb4f4 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071&__cf_chl_rt_tk=QMG9TRVXdrxku6A3gYK8MpvzSa8q.PU6Aku2IOIGWVA-1665608322-0-gaNycGzNCBE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:42 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7592c1503a26b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5804116755327947:1665605170:ez4PVcSqTTSIOCpLk8ETQgAJXgD8iFj8td_U00KFbqs/7592c14e2eafb4f4/19307857d022a6d

104.18.28.19

200 OK

0 B

URL HTTP/2
www.dynadot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5804116755327947:1665605170:ez4PVcSqTTSIOCpLk8ETQgAJXgD8iFj8td_U00KFbqs/7592c14e2eafb4f4/19307857d022a6d
IP
104.18.28.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.5804116755327947:1665605170:ez4PVcSqTTSIOCpLk8ETQgAJXgD8iFj8td_U00KFbqs/7592c14e2eafb4f4/19307857d022a6d HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
CF-Challenge: 19307857d022a6d
Content-Length: 16168
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_seq_19307857d022a6d=kbd9UA_v9RTonCI; cf_chl_2=19307857d022a6d; cf_chl_prog=b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 20:58:43 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_ni=;Expires=Tue, 11 Oct 2022 20:58:43 GMT;SameSite=Strict
cf_chl_out: t2VIM84xvQdfY1eBibpj9rQeAZZl55GYwKbj5irccN4O4lfotC6y04uzuI1oawcm2wgWlGm9Tki20WhpXtStGw==$oTfXYjuq//fB81S/iC6NgQ==
cf_chl_out_s: ZQa2TCMLLAf7MvYjUyBKC+99wBOYpHNYUK+Qt/G3QkiODvoM8NGiGBH9VrCP3Zgm$SWc/KP2QXe/nN0y03k3Kdg==
server: cloudflare
cf-ray: 7592c157ff67b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations