Report - hczog.com/game-rotator.php

Report Overview

Submitted URL
hczog.com/game-rotator.php
IP
104.18.3.69
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-28 07:27:36
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
hczog.com	106329	2021-01-25T17:12:00Z	2023-03-10T15:11:38Z	812 B	723 B	104.18.2.69
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
family-simulators.io	unknown	2023-01-10T18:39:25Z	2023-01-30T01:02:01Z	504 B	933 B	104.18.2.69
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.0 kB	2.9 kB	172.64.155.188
cdncontentstorage.com	232697	2022-01-09T09:24:58Z	2023-03-10T02:55:23Z	1.6 kB	7.7 kB	78.128.113.74
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	49 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	568 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.237.163.41
bangready.b-cdn.net	90839	2021-12-18T07:44:57Z	2023-03-10T02:55:22Z	1.7 kB	156 kB	194.242.11.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-28 07:27:29	medium	78.128.113.74	Client IP	ET DROP Dshield Block Listed Source group 1

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	family-simulators.io/t8/index17.php?t=default\|rtcnf:25-384-1	1.6 kB	2023-03-13	2023-03-14
Pretty URL family-simulators.io/t8/index17.php?t=default\|rtcnf:25-384-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:26:53 Last Seen2023-03-14 18:07:45 Times Seen1 Hash f4000f9c138ae597b4cd972eba9df1b5 c9e5eea2c39815562e0691ce09307b4f3f02b483 9454609cddfb317c9050af8e01fe9872b4caf0a67f5f2360d05e783b6e9caa62 Loading...

	family-simulators.io/t8/index17.php?t=default\|rtcnf:25-384-1	495 B	2023-03-07	2023-03-14
Pretty URL family-simulators.io/t8/index17.php?t=default\|rtcnf:25-384-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:16:21 Last Seen2023-03-14 18:07:45 Times Seen1 Hash 4066576ad2e9298a2ec0c3f229a92b86 4ed9e5fe7277116b6e21a7b927089ec82949a920 7e54997fe26b5eca6d463ad05d9e8110c299ab699b59546813ffd724fba06e52 Loading...

	family-simulators.io/t8/index17.php?t=default\|rtcnf:25-384-1	237 B	2023-03-13	2023-03-13
Pretty URL family-simulators.io/t8/index17.php?t=default\|rtcnf:25-384-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:26:36 Last Seen2023-03-13 09:26:36 Times Seen1 Hash 8ba56fa38c41dee41c8e1591e9566adb 9d1b6a222f6466af958a35c465230b0e97807727 5d3c4a9fea3afaaac03afffbb8aaf0963d5ddb9a5c7ad70a0b73a563c46de6c1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - a8eacb7d13d3e333d170174ea66c3e27	8.2 kB	2023-03-09	2023-03-14
Pretty Observations First Seen2023-03-09 21:08:41 Last Seen2023-03-14 19:24:02 Times Seen1 Hash a8eacb7d13d3e333d170174ea66c3e27 da468d241b5f01fb986f535b1e327d90bd2368cb 1724bd8fc137e26fdd6dabc2f1c5cc92da3268e683c45c2d8ae58e3c10a4ac4c Loading...

	#2 Eval - 628631f07321b22d8c176c200c855e1b	3 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:06:52 Last Seen2024-04-23 19:14:37 Times Seen431 Hash 628631f07321b22d8c176c200c855e1b 088fb1a4ab057f4fcf7d487006499060c7fe5773 0aad7da77d2ed59c396c99a74e49f3a4524dcdbcb5163251b1433d640247aeb4 Loading...

HTTP Transactions (30)

	URL	IP	Response	Size
	hczog.com/game-rotator.php	104.18.2.69	301 Moved Permanently	0 B
URL HTTP/1.1 hczog.com/game-rotator.php IP 104.18.2.69:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /game-rotator.php HTTP/1.1 Host: hczog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Date: Sat, 28 Jan 2023 07:27:25 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Sat, 28 Jan 2023 08:27:25 GMT Location: https://hczog.com/game-rotator.php Vary: Accept-Encoding Server: cloudflare CF-RAY: 790801698b51b4eb-OSL`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 81dd5c5cc5b3278876cb44dcb520a60f c0511a59e9eccdcdda98717b87c89c5d59974808 41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17611 Expires: Sat, 28 Jan 2023 12:20:56 GMT Date: Sat, 28 Jan 2023 07:27:25 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a2104f935c638b4767ca5ae0d738ef23 85c6af15af749be0ceeae6de17c36925b750f166 5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14489 Expires: Sat, 28 Jan 2023 11:28:54 GMT Date: Sat, 28 Jan 2023 07:27:25 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 69f73ac59327cd9ad7d99816ccfcc03e c54844f82dbee0d5ee4c8ce344eb0139373e6c6b e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3" Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12843 Expires: Sat, 28 Jan 2023 11:01:28 GMT Date: Sat, 28 Jan 2023 07:27:25 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash dcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 28 Jan 2023 06:43:03 GMT content-type: application/json age: 2662 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: xJqpI8WYpak5tHi98R2+D3kuL8tr9SViYfZMtxrD0YwxnKt1lx/N285e/18O/GYrKjaVj6uRmy/6UYHHhV46Tw== x-amz-request-id: 15C155TF721JKNB4 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 28 Jan 2023 06:49:45 GMT age: 2260 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sat, 28 Jan 2023 07:27:25 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 28 Jan 2023 06:41:40 GMT age: 2746 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash 8f7a4538d92af53b916cca2532b03c4e e1501447686b81e1a5c5762def68ec35985bcd57 8eaadfdb86e79a3c053977e5329c4267b757c9a636103ea8ae975c837986b837 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1432 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 07:27:26 GMT Etag: "63d33489-117" Last-Modified: Sat, 28 Jan 2023 07:03:34 GMT Server: ECS (amb/6BB1) X-Cache: HIT Content-Length: 280`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16" Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15340 Expires: Sat, 28 Jan 2023 11:43:06 GMT Date: Sat, 28 Jan 2023 07:27:26 GMT Connection: keep-alive`

	family-simulators.io/t8/files/style.css	104.18.2.69	200 OK	536 B
URL HTTP/2 family-simulators.io/t8/files/style.css IP 104.18.2.69:0 ASN #13335 CLOUDFLARENET File type ASCII text, with CRLF line terminators Size 536 B (536 bytes) Hash 03cae55109539654d8093273bc0d3a74 d986f726d85ddb7f0679e2c770bdb064be2536bb 55417e89e71558d356256f4c0fea3dbf67f134edc3109666cc03817396c80ed7 HTTP Headers `GET /t8/files/style.css HTTP/1.1 Host: family-simulators.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://family-simulators.io/t8/index17.php?t=default\|rtcnf:25-384-1 Cookie: _stat=3566494612.1581895278.23479322.3802623051 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK date: Sat, 28 Jan 2023 07:27:26 GMT content-type: text/css content-length: 536 last-modified: Tue, 10 Jan 2023 15:41:34 GMT vary: Accept-Encoding content-encoding: gzip cache-control: public, max-age=2797200 expires: Wed, 01 Mar 2023 16:27:26 GMT cf-cache-status: HIT age: 786101 accept-ranges: bytes server: cloudflare cf-ray: 790801705defb50f-OSL X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	172.64.155.188	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 6a379969ef0ca48cbd3f48b7d2aec071 3fb823b62a997c39b8987a95a71daae7d944a37f de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 28 Jan 2023 07:27:26 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT Expires: Fri, 03 Feb 2023 14:30:25 GMT Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f" Cache-Control: max-age=543178,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 79080170af2eb505-OSL`

	push.services.mozilla.com/	44.237.163.41	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 44.237.163.41:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: MIcqNQAvgoDJt2ZEB2QtJA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 9xlj0SeRjnQZpljIUnmGtcSR424=`

	ocsp.sectigo.com/	172.64.155.188	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 6a379969ef0ca48cbd3f48b7d2aec071 3fb823b62a997c39b8987a95a71daae7d944a37f de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 28 Jan 2023 07:27:27 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT Expires: Fri, 03 Feb 2023 14:30:25 GMT Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f" Cache-Control: max-age=543178,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 79080170a9160b49-OSL`

	ocsp.sectigo.com/	172.64.155.188	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 6a379969ef0ca48cbd3f48b7d2aec071 3fb823b62a997c39b8987a95a71daae7d944a37f de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 28 Jan 2023 07:27:27 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT Expires: Fri, 03 Feb 2023 14:30:25 GMT Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f" Cache-Control: max-age=543178,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 79080170ae02b51b-OSL`

	bangready.b-cdn.net/video/famsim-pop-landscape-11.jpg	194.242.11.186	200 OK	25 kB
URL HTTP/2 bangready.b-cdn.net/video/famsim-pop-landscape-11.jpg IP 194.242.11.186:0 ASN #34989 ServeTheWorld AS File type JPEG image data, baseline, precision 8, 736x426, components 3\012- data Size 25 kB (24701 bytes) Hash 0f6bec4592204c95399ebd7332d21108 32377419be11e6213b86e6ef6cda15ab94bd0b08 248c55f2265ffe3b562adaec1ef3279919492010361bde02945fc7c0c64de878 HTTP Headers `GET /video/famsim-pop-landscape-11.jpg HTTP/1.1 Host: bangready.b-cdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://family-simulators.io/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 07:27:27 GMT content-type: image/jpeg content-length: 24701 server: BunnyCDN-NO1-830 cdn-pullzone: 660669 cdn-uid: da4fc269-3279-49f0-8d77-79ab29e23cfa cdn-requestcountrycode: NO cache-control: public, max-age=2592000 last-modified: Fri, 14 Jan 2022 21:15:37 GMT cdn-proxyver: 1.03 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cdn-cachedat: 11/25/2022 21:21:42 cdn-edgestorageid: 830 cdn-status: 200 cdn-requestid: 33bde9d966b406ae129c11403b82becd cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	bangready.b-cdn.net/video/famsim-pop-portrait-11.jpg	194.242.11.186	200 OK	22 kB
URL HTTP/2 bangready.b-cdn.net/video/famsim-pop-portrait-11.jpg IP 194.242.11.186:0 ASN #34989 ServeTheWorld AS File type JPEG image data, baseline, precision 8, 426x736, components 3\012- data Size 22 kB (22410 bytes) Hash ebcea5f6bb3e11f00a275feee0049140 b5a227d43e9ee5fcfa59b35afab17902bfc721eb 8117335ae374973da7a827902245622b8bfbaa72fd6ec5c013f168e481957e1f HTTP Headers `GET /video/famsim-pop-portrait-11.jpg HTTP/1.1 Host: bangready.b-cdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://family-simulators.io/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 07:27:27 GMT content-type: image/jpeg content-length: 22410 server: BunnyCDN-NO1-830 cdn-pullzone: 660669 cdn-uid: da4fc269-3279-49f0-8d77-79ab29e23cfa cdn-requestcountrycode: NO cache-control: public, max-age=2592000 last-modified: Fri, 14 Jan 2022 21:15:39 GMT cdn-proxyver: 1.03 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cdn-cachedat: 11/25/2022 21:21:42 cdn-edgestorageid: 830 cdn-status: 200 cdn-requestid: 8d535faf662fa9d781aa7046391b6a6d cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	bangready.b-cdn.net/video/famsim-pop-portrait-11.mp4	194.242.11.186	206 Partial Content	107 kB
URL HTTP/2 bangready.b-cdn.net/video/famsim-pop-portrait-11.mp4 IP 194.242.11.186:0 ASN #34989 ServeTheWorld AS File type ISO Media, MP4 v2 [ISO 14496-14]\012- data Size 107 kB (106683 bytes) Hash 71771367c9ff316047d5343c26dd1b3d 608b6a5dc8aad96407c467033e6e3b4b2063cc25 4fdb60c20c2b8b978fbb0cc00df73945807a979a11f53eb8b930dfe542113613 HTTP Headers `GET /video/famsim-pop-portrait-11.mp4 HTTP/1.1 Host: bangready.b-cdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://family-simulators.io/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 206 Partial Content date: Sat, 28 Jan 2023 07:27:26 GMT content-type: video/mp4 content-length: 2883695 server: BunnyCDN-NO1-830 cdn-pullzone: 660669 cdn-uid: da4fc269-3279-49f0-8d77-79ab29e23cfa cdn-requestcountrycode: NO cache-control: public, max-age=2592000 last-modified: Sun, 01 Aug 2021 18:02:16 GMT cdn-proxyver: 1.02 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cdn-cachedat: 08/17/2022 17:43:13 cdn-edgestorageid: 830 cdn-status: 200 cdn-requestid: 00c0410f7d29c6efbc20c7d9d7b5d9e9 cdn-cache: HIT content-range: bytes 0-2883694/2883695 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11047 Expires: Sat, 28 Jan 2023 10:31:34 GMT Date: Sat, 28 Jan 2023 07:27:27 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11047 Expires: Sat, 28 Jan 2023 10:31:34 GMT Date: Sat, 28 Jan 2023 07:27:27 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7538 bytes) Hash 131eb343c5abd61939457d69bd371348 ffb2035cf64fc83f01db5c6f26ffa264b6aac95b 8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7538 x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e3fobF-ZoAMFjjA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 22:14:23 GMT age: 33185 etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg	34.120.237.76	200 OK	5.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.0 kB (4975 bytes) Hash c982569d070f24dba1259603091c22e3 0f93acb5bee53670cc4ef486922f7333d96a2f4e 9a5a2d8a181a763ee6f60c27b396a0e3d7b1527e5177b2aff8d511db250753ed HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4975 x-amzn-requestid: 633350b7-4686-40d5-8c9d-3c097f8e2d34 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa-EBGuaoAMFbSw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d443b3-4201212c1a0eb2a65d3f494c;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:47 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: M4VR-I89SGD0-FLzHhZ88PJJJmdWTEi0UrBnAmCBCQAdjRsssqnSzw== via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:49:06 GMT age: 34702 etag: "0f93acb5bee53670cc4ef486922f7333d96a2f4e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg	34.120.237.76	200 OK	7.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.6 kB (7585 bytes) Hash ea24bcba583bd8bd139559448a343e68 b9d37c2b14f890d41983a59f352e8f7caa9c94bb e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7585 x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_vkE5roAMF0Hw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 22:46:13 GMT age: 31275 etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg	34.120.237.76	200 OK	4.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.6 kB (4641 bytes) Hash 01d78e0bafdf4cbe227afc503124bc55 e2d21a694342773ccbace4742c4b047e7ce92e1c 3e9027f35134d811a50144a9b70c6de2dc97cbade941a5364717b403bcaf3eb1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4641 x-amzn-requestid: b2e2ba60-21e7-4304-a354-2b49b8162cf2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_T5FJGoAMFwlA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d445b2-4b292f801433239340edab33;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: irkZKPRcil7YVMxVJXNkIn18zBSt2JWyxo9ZFMfz6aZer4_lnqG8oA== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:56:38 GMT etag: "e2d21a694342773ccbace4742c4b047e7ce92e1c" content-type: image/jpeg age: 34250 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg	34.120.237.76	200 OK	4.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.5 kB (4475 bytes) Hash 4205d8106659e00fff1cbe9262918b8c ab4f6528594a1725934727dc7d834c028a79c609 31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4475 x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_e6HsaIAMF5Lg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:56:46 GMT age: 34242 etag: "ab4f6528594a1725934727dc7d834c028a79c609" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (13376 bytes) Hash 195316042e7f798eeeb7993fecb3a383 4aeca24ad4702f87feaf9674ea0c1ff6d71826a3 b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13376 x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa-DvHIyoAMF6fA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 8cRGlncOQ6qYv7qbI1HxTz-qUYJkTVa5V2qJM1C8XM5dmyXFA8qRvA== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:48:58 GMT age: 34710 etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	cdncontentstorage.com/rtbfeed.php?36c70b2d9329	78.128.113.74	200 OK	6.8 kB
URL HTTP/1.1 cdncontentstorage.com/rtbfeed.php?36c70b2d9329 IP 78.128.113.74:0 ASN #209160 Miti 2000 EOOD File type PNG image data, 53 x 53, 8-bit/color RGB, non-interlaced\012- data Size 6.8 kB (6826 bytes) Hash ab985f3e46518e28d46c733227fcf77a 7f76d90c60292e61937946b1ea9f0da403504a9a 7a69f022418af3995d9284400bd81dff8881ccc27baec8d716f8ca7c2127db92 HTTP Headers `GET /rtbfeed.php?36c70b2d9329 HTTP/1.1 Host: cdncontentstorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://family-simulators.io Connection: keep-alive Referer: https://family-simulators.io/ Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Server: nginx Date: Sat, 28 Jan 2023 07:27:28 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/8.1.9 Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Pragma: no-cache Access-Control-Allow-Origin: * X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000`

	cdncontentstorage.com/logo.php?a3k9MzZjNzBiMmQ5MzI5XzExJmZ0PVFWUm9RMWFCMWhVVjdkZGRBQUFBQVNVVk9SSzVDWUlJJmZwPTllYmNiMjYwMzI4ZjhjMDYxMDZhY2U3ODY1NjE0MTUyOTZiODYxMWQmYmw9ZW4tVVMsZW4mcGc9JmZjPWZ1bmN0aW9uIGFsZXJ0KCkgeyAgICBbbmF0aXZlIGNvZGVdfX5mdW5jdGlvbiBwcmludCgpIHsgICAgW25hdGl2ZSBjb2RlXX1+ZnVuY3Rpb24gZXZhbCgpIHsgICAgW25hdGl2ZSBjb2RlXX0mdHo9MCZ1Zz1Nb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCZkcj0mbnA9TGludXggeDg2XzY0JmN0PWZhbHNlJmFiPSZicj1jcltmYWxzZV0sZmZbdHJ1ZV0sc2FmW2ZhbHNlXSxvb1tmYWxzZV0saWVbZmFsc2VdLGVkZ1tmYWxzZV0ma3M9MCZyZW49VHlwZUVycm9yOiBjYW4ndCBhY2Nlc3MgcHJvcGVydHkgImdldEV4dGVuc2lvbiIsIGdsIGlzIG51bGwmdmVuPSZ0aGY9aHR0cHM6Ly9mYW1pbHktc2ltdWxhdG9ycy5pby90OC9pbmRleDE3LnBocD90ZGVmYXVsdHxydGNuZjoyNS0zODQtMSZkZz1uYW4mbWY9bmFu	78.128.113.74	200 OK	106 B
URL HTTP/1.1 cdncontentstorage.com/logo.php?a3k9MzZjNzBiMmQ5MzI5XzExJmZ0PVFWUm9RMWFCMWhVVjdkZGRBQUFBQVNVVk9SSzVDWUlJJmZwPTllYmNiMjYwMzI4ZjhjMDYxMDZhY2U3ODY1NjE0MTUyOTZiODYxMWQmYmw9ZW4tVVMsZW4mcGc9JmZjPWZ1bmN0aW9uIGFsZXJ0KCkgeyAgICBbbmF0aXZlIGNvZGVdfX5mdW5jdGlvbiBwcmludCgpIHsgICAgW25hdGl2ZSBjb2RlXX1+ZnVuY3Rpb24gZXZhbCgpIHsgICAgW25hdGl2ZSBjb2RlXX0mdHo9MCZ1Zz1Nb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCZkcj0mbnA9TGludXggeDg2XzY0JmN0PWZhbHNlJmFiPSZicj1jcltmYWxzZV0sZmZbdHJ1ZV0sc2FmW2ZhbHNlXSxvb1tmYWxzZV0saWVbZmFsc2VdLGVkZ1tmYWxzZV0ma3M9MCZyZW49VHlwZUVycm9yOiBjYW4ndCBhY2Nlc3MgcHJvcGVydHkgImdldEV4dGVuc2lvbiIsIGdsIGlzIG51bGwmdmVuPSZ0aGY9aHR0cHM6Ly9mYW1pbHktc2ltdWxhdG9ycy5pby90OC9pbmRleDE3LnBocD90ZGVmYXVsdHxydGNuZjoyNS0zODQtMSZkZz1uYW4mbWY9bmFu IP 78.128.113.74:0 ASN #209160 Miti 2000 EOOD File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data Size 106 B (106 bytes) Hash 45519216be3b413c13c1bd623990d1b8 f374f2578e498a536085b57c41d3d2299fa84f5e 4742175aa9e5530bd227e6d0ca2e5d2be4aa5b46ec7ee4a7c8f81c74d7d7884c HTTP Headers GET /logo.php?a3k9MzZjNzBiMmQ5MzI5XzExJmZ0PVFWUm9RMWFCMWhVVjdkZGRBQUFBQVNVVk9SSzVDWUlJJmZwPTllYmNiMjYwMzI4ZjhjMDYxMDZhY2U3ODY1NjE0MTUyOTZiODYxMWQmYmw9ZW4tVVMsZW4mcGc9JmZjPWZ1bmN0aW9uIGFsZXJ0KCkgeyAgICBbbmF0aXZlIGNvZGVdfX5mdW5jdGlvbiBwcmludCgpIHsgICAgW25hdGl2ZSBjb2RlXX1+ZnVuY3Rpb24gZXZhbCgpIHsgICAgW25hdGl2ZSBjb2RlXX0mdHo9MCZ1Zz1Nb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCZkcj0mbnA9TGludXggeDg2XzY0JmN0PWZhbHNlJmFiPSZicj1jcltmYWxzZV0sZmZbdHJ1ZV0sc2FmW2ZhbHNlXSxvb1tmYWxzZV0saWVbZmFsc2VdLGVkZ1tmYWxzZV0ma3M9MCZyZW49VHlwZUVycm9yOiBjYW4ndCBhY2Nlc3MgcHJvcGVydHkgImdldEV4dGVuc2lvbiIsIGdsIGlzIG51bGwmdmVuPSZ0aGY9aHR0cHM6Ly9mYW1pbHktc2ltdWxhdG9ycy5pby90OC9pbmRleDE3LnBocD90ZGVmYXVsdHxydGNuZjoyNS0zODQtMSZkZz1uYW4mbWY9bmFu HTTP/1.1 Host: cdncontentstorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://family-simulators.io Connection: keep-alive Referer: https://family-simulators.io/ Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Server: nginx Date: Sat, 28 Jan 2023 07:27:28 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/8.1.9 Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Pragma: no-cache Access-Control-Allow-Origin: * X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000`

	hczog.com/game-rotator.php	104.18.3.69	302 Found	0 B
URL HTTP/2 hczog.com/game-rotator.php IP 104.18.3.69:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /game-rotator.php HTTP/1.1 Host: hczog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/2 302 Found date: Sat, 28 Jan 2023 07:27:26 GMT content-type: text/html; charset=UTF-8 location: https://family-simulators.io/t8/index17.php?t=default\|rtcnf:25-384-1 expires: Sat, 2 Aug 1980 15:15:00 GMT vary: Accept-Encoding cache-control: max-age=0, no-cache, no-store, must-revalidate pragma: no-cache cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7908016ac929b50f-OSL X-Firefox-Spdy: h2`

	bangready.b-cdn.net/video/famsim-pop-landscape-11.mp4	194.242.11.186	206 Partial Content	0 B
URL HTTP/2 bangready.b-cdn.net/video/famsim-pop-landscape-11.mp4 IP 194.242.11.186:0 ASN #34989 ServeTheWorld AS File type Size 0 B (0 bytes) Hash HTTP Headers `GET /video/famsim-pop-landscape-11.mp4 HTTP/1.1 Host: bangready.b-cdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://family-simulators.io/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 206 Partial Content date: Sat, 28 Jan 2023 07:27:27 GMT content-type: video/mp4 content-length: 3070834 server: BunnyCDN-NO1-830 cdn-pullzone: 660669 cdn-uid: da4fc269-3279-49f0-8d77-79ab29e23cfa cdn-requestcountrycode: NO cache-control: public, max-age=2592000 last-modified: Sun, 01 Aug 2021 18:02:23 GMT cdn-proxyver: 1.02 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cdn-cachedat: 08/17/2022 17:43:13 cdn-edgestorageid: 830 cdn-status: 200 cdn-requestid: 84844887f629fc710f45a934569fe166 cdn-cache: HIT content-range: bytes 0-3070833/3070834 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (30)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers