Report - direct-links.org/s?DuRa

Report Overview

Visited public
2024-08-12 15:22:55
Tags
Submit Tags
URL
direct-links.org/s?DuRa
Finishing URL
direct-links.org/s?DuRa
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
Jessthebby

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Sent	Received	IP
fonts.googleapis.com	8877	952 B	16 kB	142.250.74.106
fonts.gstatic.com	unknown	522 B	8.7 kB	142.250.74.163
direct-links.org	unknown	912 B	97 kB	188.114.97.1
dfdgfruitie.xyz	unknown	411 B	708 B	172.67.132.206
o.pki.goog	unknown	1.3 kB	2.8 kB	142.250.74.131
d2uu46itxfd65q.cloudfront.net	unknown	417 B	92 kB	143.204.42.227
gplansforourcom.com	unknown	1.0 kB	1.4 kB	188.114.96.1
yfueuktureu.com	unknown	991 B	2.5 kB	172.67.132.181
pogothere.xyz	unknown	852 B	104 kB	188.114.97.1
undefined	142677	975 B	0 B	0.0.0.0
r10.o.lencr.org	unknown	2.0 kB	5.3 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-12	medium	undefined	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	d2uu46itxfd65q.cloudfront.net/?tid=1047137	ScriptElement	248 kB	2024-08-19	2024-08-19
Pretty URL d2uu46itxfd65q.cloudfront.net/?tid=1047137 IP 143.204.42.227 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 13:42 Last Seen2024-08-19 13:42 Times Seen1 Hash 9ae9731dbea55cac6b33ba8a5d71c792 4e76610208f546f30672cbec9528448f1ce87936 caabc24885e45fad97490f30aee7138044b289238756a09ad13ef8fd1797195f Loading...

	direct-links.org/s?DuRa	ScriptElement	92 kB	2024-08-19	2024-08-19
Pretty URL direct-links.org/s?DuRa IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 13:42 Last Seen2024-08-19 13:42 Times Seen1 Hash b5104c51af0ef6df53ccc03b6112ec26 720c95a91c7a59ab18b4e1090a731b10ca9e2281 46956880344a86f908253d0d43d7750e3a35671099983040297e692ec07ee695 Loading...

	dfdgfruitie.xyz/adserver/yzfdmoan.js	ScriptElement	0 B	0001-01-01	2025-07-16
Pretty URL dfdgfruitie.xyz/adserver/yzfdmoan.js IP 172.67.132.206 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-16 07:10 Times Seen5433718 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (24)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c2c08f8e2c667f91e7ee939f41a7ca06
159557c63c8c8ef725ae9b3fec75d5f1810b40d8
68059941cc11a454898b59b485e702d97abe8025bd02657174e26ec24eb68c81

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "68059941CC11A454898B59B485E702D97ABE8025BD02657174E26EC24EB68C81"
Last-Modified: Sun, 11 Aug 2024 06:56:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13126
Expires: Mon, 12 Aug 2024 19:01:15 GMT
Date: Mon, 12 Aug 2024 15:22:29 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
14927ac0fa718432ac5839f70891b90c
fa1224f50929eaf13800f1cefb874e57ebdd9c12
83614f2bb6b89c6f08c23a06ca037a68eb6557d42829cd1504eae2ddca77739a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "83614F2BB6B89C6F08C23A06CA037A68EB6557D42829CD1504EAE2DDCA77739A"
Last-Modified: Sun, 11 Aug 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16132
Expires: Mon, 12 Aug 2024 19:51:21 GMT
Date: Mon, 12 Aug 2024 15:22:29 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
920e4f3a49784056e5c5faa263b2f6a7
5070431826e2f4b1988fff3b3e6ff8a4e1a97919
037a14a94c65f88afcab57eae3fc805e8115b35825ec9659f173442b45918e8e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "037A14A94C65F88AFCAB57EAE3FC805E8115B35825EC9659F173442B45918E8E"
Last-Modified: Sun, 11 Aug 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13850
Expires: Mon, 12 Aug 2024 19:13:19 GMT
Date: Mon, 12 Aug 2024 15:22:29 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fa9d9a7703999cfc274f02dcaadb4561
eb147c3d5cebb3001dfeb1e60aa7054d1f2ca51c
1f147459e31f4e1f2f37449a98c122615b2ad8051ac691d52f0fb1cf2892a35c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1F147459E31F4E1F2F37449A98C122615B2AD8051AC691D52F0FB1CF2892A35C"
Last-Modified: Sun, 11 Aug 2024 06:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21228
Expires: Mon, 12 Aug 2024 21:16:17 GMT
Date: Mon, 12 Aug 2024 15:22:29 GMT
Connection: keep-alive

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3876063379e57dbf599d7df5b237421c
00bd6f6d473b358b17690d2bf897ba3561b04216
1553b7bef66a2bc19d410010e64a67633ac1a4c085ddeaed16e9aa2cbeb08cc3

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Aug 2024 15:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3876063379e57dbf599d7df5b237421c
00bd6f6d473b358b17690d2bf897ba3561b04216
1553b7bef66a2bc19d410010e64a67633ac1a4c085ddeaed16e9aa2cbeb08cc3

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Aug 2024 15:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET dfdgfruitie.xyz/adserver/yzfdmoan.js

172.67.132.206

200 OK

0 B

URL GET HTTP/2
dfdgfruitie.xyz/adserver/yzfdmoan.js
IP
172.67.132.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subjectdfdgfruitie.xyz
FingerprintC0:1F:AC:8D:BE:C9:5B:C9:02:DE:C3:F9:4F:D8:16:38:46:E7:88:E8
ValidityThu, 25 Jul 2024 20:04:52 GMT - Wed, 23 Oct 2024 20:04:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adserver/yzfdmoan.js HTTP/1.1
Host: dfdgfruitie.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://direct-links.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:22:30 GMT
content-type: application/x-javascript
content-length: 0
last-modified: Fri, 03 Feb 2023 19:26:28 GMT
etag: "63dd5fe4-0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3023
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ocaj956jUFQOcm3K03XDEJmTMzk%2BXAegOCVPP4545iIgegfkoQEmjxwnmF3a3m4aM5Ho723N9bxQ07tvUR83lSg5Xx8h7AZyDWCIj8T2qeVHqpT3OU9L%2BsXodVtzN11RgH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b217614482eb4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET d2uu46itxfd65q.cloudfront.net/?tid=1047137

143.204.42.227

200 OK

91 kB

URL GET HTTP/2
d2uu46itxfd65q.cloudfront.net/?tid=1047137
IP
143.204.42.227:443
ASN
#16509 AMAZON-02

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (891)
Size
91 kB (91104 bytes)
Hash
9ae9731dbea55cac6b33ba8a5d71c792
4e76610208f546f30672cbec9528448f1ce87936
caabc24885e45fad97490f30aee7138044b289238756a09ad13ef8fd1797195f

HTTP Headers

GET /?tid=1047137 HTTP/1.1
Host: d2uu46itxfd65q.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://direct-links.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 91104
date: Mon, 12 Aug 2024 15:22:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gunZjgHfWMJyHQtmxaHU9CRiFVHVJibxcNdOyQIh2j0FZgAkVVf0JA==
X-Firefox-Spdy: h2

GET gplansforourcom.com/ZVZpdnlKaQoFRDNkXEIsPQwBIUknPzsbOzwCLh46PwAFOyAwH08CEAFrWEZNUmdaQV8VPw1LSlBwGgIYESMaS0hDPwcQFlhwH0tJS2NHTldUcBxLSEMiGRceWGdPBg0ROlRHTldlXUFPVGNYR0BT

188.114.96.1

204 No Content

0 B

URL GET HTTP/2
gplansforourcom.com/ZVZpdnlKaQoFRDNkXEIsPQwBIUknPzsbOzwCLh46PwAFOyAwH08CEAFrWEZNUmdaQV8VPw1LSlBwGgIYESMaS0hDPwcQFlhwH0tJS2NHTldUcBxLSEMiGRceWGdPBg0ROlRHTldlXUFPVGNYR0BT
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subjectgplansforourcom.com
Fingerprint3B:F4:03:18:2F:E6:7C:79:19:70:72:2D:96:8A:5A:56:18:17:36:7C
ValiditySun, 28 Jul 2024 08:47:19 GMT - Sat, 26 Oct 2024 08:47:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ZVZpdnlKaQoFRDNkXEIsPQwBIUknPzsbOzwCLh46PwAFOyAwH08CEAFrWEZNUmdaQV8VPw1LSlBwGgIYESMaS0hDPwcQFlhwH0tJS2NHTldUcBxLSEMiGRceWGdPBg0ROlRHTldlXUFPVGNYR0BT HTTP/1.1
Host: gplansforourcom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://direct-links.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Mon, 12 Aug 2024 15:22:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPOM1EX3kULFir7Kpq3qaUGewltfGq1WEGdpen8iOxjPP6J%2F8qfNs%2B1CAApVwymYs39Y069uD90iBUnAlSR2iozW0EYj1EzEZpIqAhDFu5f%2FL%2FJrvy4IYO8tZgRv%2BDq0jFEGTHGs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b2176195e440b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b3cb4fa78d48efd3475d6c2225a3a440
d25b7736221fe0073288e3ec4950389761ae2a06
799a896dc6357139a345e649d5cc7560ec07901f5a272e102018cb4dc18aebd7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "799A896DC6357139A345E649D5CC7560EC07901F5A272E102018CB4DC18AEBD7"
Last-Modified: Sun, 11 Aug 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18893
Expires: Mon, 12 Aug 2024 20:37:24 GMT
Date: Mon, 12 Aug 2024 15:22:31 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b3cb4fa78d48efd3475d6c2225a3a440
d25b7736221fe0073288e3ec4950389761ae2a06
799a896dc6357139a345e649d5cc7560ec07901f5a272e102018cb4dc18aebd7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "799A896DC6357139A345E649D5CC7560EC07901F5A272E102018CB4DC18AEBD7"
Last-Modified: Sun, 11 Aug 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18893
Expires: Mon, 12 Aug 2024 20:37:24 GMT
Date: Mon, 12 Aug 2024 15:22:31 GMT
Connection: keep-alive

GET gplansforourcom.com/popunder.gif

188.114.96.1

58 B

URL GET
gplansforourcom.com/popunder.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subjectgplansforourcom.com
Fingerprint3B:F4:03:18:2F:E6:7C:79:19:70:72:2D:96:8A:5A:56:18:17:36:7C
ValiditySun, 28 Jul 2024 08:47:19 GMT - Sat, 26 Oct 2024 08:47:18 GMT

File type
GIF image data, version 89a, 1 x 1
Size
58 B (58 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: gplansforourcom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://direct-links.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 12 Aug 2024 15:22:31 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 47712
last-modified: Mon, 12 Aug 2024 02:07:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FLx10ZuCiJ6o03lRBGr29kRULscLN4SfkU7MvDaArJru%2BYfN0zDvqyg3F6MXudGePbW0nsROd%2Bnlo%2B3mXdwjPcga1JFl9i3h1C1I59GAY81w%2FQGGzYDT5%2BmtiURRUYwPbeUJdPq8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b21761b9b6656b4-OSL
alt-svc: h3=":443"; ma=86400

GET fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap

142.250.74.106

200 OK

358 B

URL GET HTTP/3
fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
ASCII text
Size
358 B (358 bytes)
Hash
a9a33d98ea8d21afe643ba2f673aa65f
bfd56d752a02a8a95e0f680fedd322cbaedc8c87
171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d

HTTP Headers

GET /css?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://direct-links.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Aug 2024 15:22:31 GMT
date: Mon, 12 Aug 2024 15:22:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
018ab2dba1b3634df22fb7a3b4a843e4
9bf18db2873b69312ff9ee629e32e0ab0f901c4a
8c678e4227479b6627c51ff8cef6d856d13f633fb86e0ad8bf5d6f885248b150

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Aug 2024 15:22:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.163

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://direct-links.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Aug 2024 03:06:25 GMT
expires: Sun, 10 Aug 2025 03:06:25 GMT
cache-control: public, max-age=31536000
age: 216967
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
018ab2dba1b3634df22fb7a3b4a843e4
9bf18db2873b69312ff9ee629e32e0ab0f901c4a
8c678e4227479b6627c51ff8cef6d856d13f633fb86e0ad8bf5d6f885248b150

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Aug 2024 15:22:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET direct-links.org/s?DuRa

188.114.97.1

200 OK

95 kB

URL User Request GET HTTP/2
direct-links.org/s?DuRa
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdirect-links.org
Fingerprint42:DF:1E:D7:77:BF:C4:BB:E4:D2:45:B6:BA:0C:9D:A9:5F:D4:B6:FB
ValidityWed, 03 Jul 2024 12:32:45 GMT - Tue, 01 Oct 2024 12:32:44 GMT

File type
HTML document, ASCII text, with very long lines (61299)
Size
95 kB (95375 bytes)
Hash
f4aba097451e7600c5311009dd29fbad
5c0df5350688ddfcc16418cd3e4daffc744b44c4
6ea598ce4b8a9930345f6bbfd56119a0efe054456ca4273584db97d6866b27e5

HTTP Headers

GET /s?DuRa HTTP/1.1
Host: direct-links.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:22:29 GMT
content-type: text/html
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ukZP32r%2BkM3AMBoORD3D5mIfi7caXLb8IzNy1kHxPwk2GoFkyR6pwGiM9lKa5IRz9tyeR4SLG8fSpKQGn%2BgJ1LYPUtI%2B2B2T6QkoyaL7ujjcXOf7%2BdoK9xZeJSDqyKoUV8Mp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b21760ee970b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

OPTIONS yfueuktureu.com/tc

172.67.132.181

204 No Content

0 B

URL OPTIONS HTTP/2
yfueuktureu.com/tc
IP
172.67.132.181:443
ASN
#13335 CLOUDFLARENET

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subjectyfueuktureu.com
FingerprintFC:F4:09:C0:30:1A:19:90:2B:41:25:DA:F6:34:2B:0E:C9:2B:BE:7C
ValidityThu, 01 Aug 2024 11:17:24 GMT - Wed, 30 Oct 2024 11:17:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /tc HTTP/1.1
Host: yfueuktureu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://direct-links.org/
Origin: https://direct-links.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Mon, 12 Aug 2024 15:22:31 GMT
set-cookie: ci=780462397353910; Max-Age=86400; Secure; SameSite=None
access-control-allow-origin: https://direct-links.org
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=485Wz%2FUy9WEC1v%2FuqxsD0aur3QZ1x9hOyKZ3UIJ0QWcXCKRAckr72%2BU8jrFwUtCkNEUOO9%2B%2BdQefJ5CEn3ADwUiZreyjDylK4HmATOUG%2FmEfH%2Fe3Y7zQJ1U6mEETMWXxGO4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b21761c4d48569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST yfueuktureu.com/tc

172.67.132.181

200 OK

667 B

URL POST HTTP/2
yfueuktureu.com/tc
IP
172.67.132.181:443
ASN
#13335 CLOUDFLARENET

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subjectyfueuktureu.com
FingerprintFC:F4:09:C0:30:1A:19:90:2B:41:25:DA:F6:34:2B:0E:C9:2B:BE:7C
ValidityThu, 01 Aug 2024 11:17:24 GMT - Wed, 30 Oct 2024 11:17:23 GMT

File type
ASCII text, with very long lines (715), with no line terminators
Size
667 B (667 bytes)
Hash
2f1d40b79b50ef7d18d43e1bca8dd423
856d9a0a8a1ee45956274133b9a3c6ce4072c8aa
d4e12878730d9549fb84089d6f167d022bdd0a956128ed0d4842bd24d02221d0

HTTP Headers

POST /tc HTTP/1.1
Host: yfueuktureu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://direct-links.org/
Content-Type: application/json
Content-Length: 169
Origin: https://direct-links.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:22:32 GMT
content-type: application/json
set-cookie: ci=1062891836318996; Max-Age=86400; Secure; SameSite=None
access-control-allow-origin: https://direct-links.org
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YD%2BdzgvTNgXUh15EIijP7eyO4Oxnk14vWI7CVtSBLipOYc5rma4WjQ7hCjQNHPzyq6jDDE6aKM%2BzSq6RljIn5IZ9%2BvvnUyc0%2BHHFHAS3dP6bTY%2Fk3OqiAkgxm7SqFx8ubb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b21761d181656aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET direct-links.org/favicon.ico

188.114.97.1

404 Not Found

159 B

URL GET HTTP/3
direct-links.org/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subjectdirect-links.org
Fingerprint42:DF:1E:D7:77:BF:C4:BB:E4:D2:45:B6:BA:0C:9D:A9:5F:D4:B6:FB
ValidityWed, 03 Jul 2024 12:32:45 GMT - Tue, 01 Oct 2024 12:32:44 GMT

File type
HTML document, ASCII text, with no line terminators
Size
159 B (159 bytes)
Hash
047df4239d5e57f4c78db606a5859d7b
6f2a5da57c2a02837e19f8ac1158db728f3ad62c
45eda3cf633f023269cef5c11cf1c1d5dde3345afdc28610589ef3682ae5130a

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: direct-links.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://direct-links.org/s?DuRa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Mon, 12 Aug 2024 15:22:30 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMg%2FHQTZSjadU%2F6PGv4SVQXYKOflmL2L8jkwFDXHlflyU%2BwGwnScQOWgTcXBsT3lHPTl%2B7b1vnCRsKnabzeB4GH5g72hDtaORoteVica5V79WjoMFeWA%2BB6vMc3kjvYghc1O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b217613cbe7712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET pogothere.xyz/asd100.bin

188.114.97.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subjectpogothere.xyz
Fingerprint07:B6:9C:F9:CF:D9:C8:A6:57:9C:E3:13:F4:CD:43:4A:94:CE:06:6A
ValidityTue, 23 Jul 2024 05:27:01 GMT - Mon, 21 Oct 2024 05:27:00 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://direct-links.org/
Origin: https://direct-links.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:22:31 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://direct-links.org
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Mon, 12 Aug 2024 15:22:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jJD8NqNMTW32medFdhT7AI1PTpKiCV%2FJX8jRXPvCt73q%2B6%2FoFnu19koniBlq7m6YevWE4vcgDEuQ6zSFt81%2BAU8n17LDWlBM9rNUJdK55VGi1tU6NM8BMJXdDwS8YBW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b2176196813b51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET pogothere.xyz/

188.114.97.1

200 OK

27 B

URL GET HTTP/2
pogothere.xyz/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subjectpogothere.xyz
Fingerprint07:B6:9C:F9:CF:D9:C8:A6:57:9C:E3:13:F4:CD:43:4A:94:CE:06:6A
ValidityTue, 23 Jul 2024 05:27:01 GMT - Mon, 21 Oct 2024 05:27:00 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
bc9e420e7acc91a13030498f03492aa7
12cd1ca2b591166e39fc05bae97dcd6fed2d1d7a
8bf202cea91970588acdd5441457060d914f9b8b3a1179aef2464dae4b36171f

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://direct-links.org/
Origin: https://direct-links.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 12 Aug 2024 15:22:31 GMT
content-type: text/plain
set-cookie: csu=2020338627877658@1@1723476151; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://direct-links.org
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZCjPb1JCpvEeuwrSiG0%2BtEl7mCXco85uKOFbJftmqj3slQiQyfull%2FHx%2F30eF2ArARwoJ6lnB4AIE%2BCBOPgLFfR0%2Fa7IMu%2Ba69183loHO54yJd9K2VWgz05UfNB4dNs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b2176196818b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

142.250.74.106

200 OK

14 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://direct-links.org/s?DuRa
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
ASCII text
Size
14 kB (14029 bytes)
Hash
446881ababc91b95dae7122a0acd4366
8194fa6f1aa8375c7b4b5dd1493ef9e097564ced
d9a0b2a5b4fee4e6e2f74e8131619545972b864657c524d16a52f2618a429eec

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://direct-links.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Aug 2024 15:22:30 GMT
date: Mon, 12 Aug 2024 15:22:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET undefined/TWtsVHEsCQ85TixWDnIEPwdRcUMLTl4SFX8eGWBHJB8UMhV7Xh16EiEEGTAXPwQCIF8jDhhxQwsmOBIVeCU0DQcCKQgAIhkMSWYzBToEHBcKJSMWNBtcDwUdBS4VJAAFPRsROhk6IhMzIgcjBjsKPC8ZHQUDITchNww0BiQ+XSFkCR0jLwEZBgZUPzU6IhwQMnQaJSM/HzhfLAkLPT0NOn8bCgEzKh0NPxYZLRUzQB8qKgU+Dgg7DBo+XiMGQBwuLwFEBS0qBT4ZMSkDMyZZPDwnFy1eOB0dHC4NFwUhIBYneVs2PxYcOT1hCB4cOTU7GQAhACcDTl4WKzpGKRogDyUEACMPLSg6OwEpPQVHLgAcZCV+G1kHIzU/CjkSKD4uAR8CLRscPAVeAgcwGywKAxUELikGSQA5Lhw0NARYFSMPLi85RB0sXA4ABAA9EVcnGAM6AXAdCGELJwIaBysfKDkESBQ

0.0.0.0

0 B

URL GET
undefined/TWtsVHEsCQ85TixWDnIEPwdRcUMLTl4SFX8eGWBHJB8UMhV7Xh16EiEEGTAXPwQCIF8jDhhxQwsmOBIVeCU0DQcCKQgAIhkMSWYzBToEHBcKJSMWNBtcDwUdBS4VJAAFPRsROhk6IhMzIgcjBjsKPC8ZHQUDITchNww0BiQ+XSFkCR0jLwEZBgZUPzU6IhwQMnQaJSM/HzhfLAkLPT0NOn8bCgEzKh0NPxYZLRUzQB8qKgU+Dgg7DBo+XiMGQBwuLwFEBS0qBT4ZMSkDMyZZPDwnFy1eOB0dHC4NFwUhIBYneVs2PxYcOT1hCB4cOTU7GQAhACcDTl4WKzpGKRogDyUEACMPLSg6OwEpPQVHLgAcZCV+G1kHIzU/CjkSKD4uAR8CLRscPAVeAgcwGywKAxUELikGSQA5Lhw0NARYFSMPLi85RB0sXA4ABAA9EVcnGAM6AXAdCGELJwIaBysfKDkESBQ
IP
0.0.0.0:0
ASN
#0

Requested by
https://direct-links.org/s?DuRa

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /TWtsVHEsCQ85TixWDnIEPwdRcUMLTl4SFX8eGWBHJB8UMhV7Xh16EiEEGTAXPwQCIF8jDhhxQwsmOBIVeCU0DQcCKQgAIhkMSWYzBToEHBcKJSMWNBtcDwUdBS4VJAAFPRsROhk6IhMzIgcjBjsKPC8ZHQUDITchNww0BiQ+XSFkCR0jLwEZBgZUPzU6IhwQMnQaJSM/HzhfLAkLPT0NOn8bCgEzKh0NPxYZLRUzQB8qKgU+Dgg7DBo+XiMGQBwuLwFEBS0qBT4ZMSkDMyZZPDwnFy1eOB0dHC4NFwUhIBYneVs2PxYcOT1hCB4cOTU7GQAhACcDTl4WKzpGKRogDyUEACMPLSg6OwEpPQVHLgAcZCV+G1kHIzU/CjkSKD4uAR8CLRscPAVeAgcwGywKAxUELikGSQA5Lhw0NARYFSMPLi85RB0sXA4ABAA9EVcnGAM6AXAdCGELJwIaBysfKDkESBQ HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://direct-links.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (24)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN