Report - best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown

Report Overview

Submitted URL
best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown
IP
103.224.182.247
ASN
#133618 Trellian Pty. Limited
Submitted
2022-11-26 15:12:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
best-targeted-traffic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418 B	416 B	103.224.182.247
ayxvy.voluumtrk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	699 B	574 B	35.156.91.109
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
q2.quotes.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	816 B	710 B	23.19.76.168
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	54.230.245.39
adult-games.life	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.9 kB	277 kB	194.87.208.13
img.sedoparking.com	54200	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	4.8 kB	205.234.175.175
dipaka-ead.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.3 kB	3.212.50.125
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.24.78.9
ww16.best-targeted-traffic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	3.9 kB	64.190.63.136
xml.sedodna.com	278378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	183 B	173.239.53.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	adult-games.life	Sinkholed
2022-11-26	medium	adult-games.life	Sinkholed
2022-11-26	medium	adult-games.life	Sinkholed
2022-11-26	medium	adult-games.life	Sinkholed
2022-11-26	medium	adult-games.life	Sinkholed
2022-11-26	medium	adult-games.life	Sinkholed
2022-11-26	medium	adult-games.life	Sinkholed
2022-11-26	medium	adult-games.life	Sinkholed
2022-11-26	medium	adult-games.life	Sinkholed
2022-11-26	medium	adult-games.life	Sinkholed

JavaScript (9)

	URL	Size	First Seen	Last Seen
	dipaka-ead.com/zcvisitor/b2712a41-6d9c-11ed-be7a-12b21a629f2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97	850 B	2023-03-11	2023-03-11
Pretty URL dipaka-ead.com/zcvisitor/b2712a41-6d9c-11ed-be7a-12b21a629f2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97 IP 3.212.50.125 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:46:46 Last Seen2023-03-11 20:46:46 Times Seen1 Hash 0ab188ee3f235f9ac4edb51995a5e0b8 3128394d1b67eade011b670930d060efd43e6fab 62cc6b3d9da6598dbf7c55759ca1faf87cb09dc334f41ffa279972d039e8e15a Loading...

	adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci	526 B	2023-03-11	2023-03-11
Pretty URL adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:46:46 Last Seen2023-03-11 20:46:46 Times Seen1 Hash 79e9884dbae329bb18337481ae85b47e afbe2b07117fb51ba05379e57fa11144ef5a1e17 75aca6dca67b1d5d060d74790d4a323302625bdeb1cfb2722abb634ce1bac8b0 Loading...

	adult-games.life/cookie/js.cookie14.js	4.1 kB	2023-03-07	2024-03-03
Pretty URL adult-games.life/cookie/js.cookie14.js IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:33 Last Seen2024-03-03 14:57:46 Times Seen146 Hash 1db175e4bfc69fb748a1133be837df3a 438fb8aa10a650dcca4311cbad1340a10a7751b7 5805ab67adcb8c0420cba70ca8c75edc82ba6af03cfe7eff2a9f65ce95241ee7 Loading...

	adult-games.life/util/utils.js	7.5 kB	2023-03-07	2024-04-26
Pretty URL adult-games.life/util/utils.js IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 07:29:11 Times Seen20659 Hash 01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea Loading...

	ww16.best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown&sub1=20221127-0212-08dc-89e7-7eb8f09d6aad	1.2 kB	2023-03-11	2023-03-11
Pretty URL ww16.best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown&sub1=20221127-0212-08dc-89e7-7eb8f09d6aad IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:46:46 Last Seen2023-03-11 20:46:46 Times Seen1 Hash 20afe65394babeaba04e589897cae69a bd7dc86e7fe4baa5cea18706941799302602071c 31600ece641c7b5447f387a378274c4a3acf6d1e7172df403a8ddcd27916f790 Loading...

	dipaka-ead.com/zcredirect?visitid=b2712a41-6d9c-11ed-be7a-12b21a629f2b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	285 B	2023-03-11	2023-03-11
Pretty URL dipaka-ead.com/zcredirect?visitid=b2712a41-6d9c-11ed-be7a-12b21a629f2b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 3.212.50.125 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:46:46 Last Seen2023-03-11 20:46:46 Times Seen1 Hash b2bd56f807f0647cc3583ce11e486d58 6d5754682608b98074af2c2a7f3f85636842e726 fb54fb41427ebf19d1b8021421513be48b6961d16ca4daafc2df3d6cb7fee363 Loading...

	adult-games.life/media/adult-games/dirtygames/js/jquery.min.js	88 kB	2023-03-07	2024-04-26
Pretty URL adult-games.life/media/adult-games/dirtygames/js/jquery.min.js IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-26 08:14:44 Times Seen95567 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	adult-games.life/media/adult-games/dirtygames/js/main.js	1.8 kB	2023-03-07	2024-02-28
Pretty URL adult-games.life/media/adult-games/dirtygames/js/main.js IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:33 Last Seen2024-02-28 20:09:26 Times Seen75 Hash bc3f94d8ba7376335e6f01cd1d7e9035 6d7e6f1fc40bdd715adb7c92c1741078d3ee2ea8 343e3acd3192e96a2919af7f5e870e4f2c2a1e36be8a69e53d4fe426fa429ba3 Loading...

	adult-games.life/media/bbag.js	1.1 kB	2023-03-07	2024-03-03
Pretty URL adult-games.life/media/bbag.js IP 194.87.208.13 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:33 Last Seen2024-03-03 14:57:46 Times Seen146 Hash d5c49a896c44f3275333d95fb87e560a 12facada7ce68f6008df5cfbcff1c8cf7156b766 4f2ae318d39611ff8511b96bccb64f0ca07f0707eeefbfa1127d99a4fe560187 Loading...

HTTP Transactions (45)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6918
Expires: Sat, 26 Nov 2022 17:07:26 GMT
Date: Sat, 26 Nov 2022 15:12:08 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3739
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:12:09 GMT
Last-Modified: Sat, 26 Nov 2022 14:09:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 14:17:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3277
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16882
Expires: Sat, 26 Nov 2022 19:53:31 GMT
Date: Sat, 26 Nov 2022 15:12:09 GMT
Connection: keep-alive

best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown

103.224.182.247

302 Found

0 B

URL HTTP/1.1
best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown
IP
103.224.182.247:0
ASN
#133618 Trellian Pty. Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown HTTP/1.1
Host: best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sat, 26 Nov 2022 15:12:08 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1669475528.7635297; expires=Tue, 23-Nov-2032 15:12:08 GMT; Max-Age=315360000
Location: http://ww16.best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown&sub1=20221127-0212-08dc-89e7-7eb8f09d6aad
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mWYdozSbUyANcji1XuaGo9VCnRyM4g9N0zBPCjy2lDOvbv9N2eo9tS2p7t7ZflHwAkpvHdvrDR8=
x-amz-request-id: SDTD41J7JGDYC32R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 14:41:15 GMT
age: 1854
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 15:12:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 15:08:54 GMT
cache-control: public,max-age=3600
age: 195
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4822
Cache-Control: max-age=155704
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:12:09 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:27:13 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.24.78.9

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.24.78.9:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eUvmdffmQwrLTc/J0O2MDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nlQCCBm9M1z0Vpm2dTRkyLJiRxc=

ww16.best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown&sub1=20221127-0212-08dc-89e7-7eb8f09d6aad

64.190.63.136

200 OK

1.4 kB

URL HTTP/1.1
ww16.best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown&sub1=20221127-0212-08dc-89e7-7eb8f09d6aad
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (740)
Size
1.4 kB (1362 bytes)
Hash
ef126a34ead0f5a3c519b249883defc2
8de8852d38f71ac9b4b81f6ba38847d3c78a7984
f5e6339f0880575eebb4101bc443c9c81e58c87c981afe2a29456241d943b0df

HTTP Headers

GET /install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown&sub1=20221127-0212-08dc-89e7-7eb8f09d6aad HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Sat, 26 Nov 2022 15:12:10 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_1pIRMNaA8sd+SdAqP6cVVYEHmeg0tcXqGBJs8yIFDxV/MDyog1IdAESSRRaL2CBcMxZtPmUE9LuQ5EBl9Vufgw==
last-modified: Sat, 26 Nov 2022 15:12:09 GMT
x-cache-miss-from: parking-d7dbd8c4d-xpwcs
server: NginX
content-encoding: gzip

ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2OTQ3NTUzMGM0MDJmNGQ5YmZkNzJjOWJjZjNlYzNhYTM2OTcxNGI1&crc=42d4112390898560af20e6326ca8b3390c738a35&cv=1

64.190.63.136

200 OK

0 B

URL HTTP/1.1
ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2OTQ3NTUzMGM0MDJmNGQ5YmZkNzJjOWJjZjNlYzNhYTM2OTcxNGI1&crc=42d4112390898560af20e6326ca8b3390c738a35&cv=1
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2OTQ3NTUzMGM0MDJmNGQ5YmZkNzJjOWJjZjNlYzNhYTM2OTcxNGI1&crc=42d4112390898560af20e6326ca8b3390c738a35&cv=1 HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown&sub1=20221127-0212-08dc-89e7-7eb8f09d6aad

HTTP/1.1 200 OK
date: Sat, 26 Nov 2022 15:12:10 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-d7dbd8c4d-7h6h9
server: NginX

img.sedoparking.com/images/js_preloader.gif

205.234.175.175

200 OK

4.3 kB

URL HTTP/1.1
img.sedoparking.com/images/js_preloader.gif
IP
205.234.175.175:0
ASN
#30081 CACHENETWORKS

File type
GIF image data, version 89a, 16 x 16\012- data
Size
4.3 kB (4254 bytes)
Hash
90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a

HTTP Headers

GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:12:10 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Sat, 03 Dec 2022 15:12:10 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 48b196042c1ff2f28661070e382f5c56
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes

ww16.best-targeted-traffic.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9UBil2Dv35U_0&v=YzAzYzQwZTRlMTE1MzAwMTNhNzA0NTIzYzc5NTZhNTQJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjE5My4yMDcyMzAzMgl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjQ2OS4xMDI2NTMxNwkxNjY5NDc1NTMwCWFkXzYzXzA=&l=OAkwNzVhN2JjZTFmODg3YzY0MjY5ZDIzY2VlOGUyZGQyYQkwCTM1CTAJYWEzMzIzNmZiMjYzN2RjMjZjYzUyNzIwMzdjODU4ODUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5NDc1NTMwCTAuMDAwMzMJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw

64.190.63.136

302 Found

0 B

URL HTTP/1.1
ww16.best-targeted-traffic.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9UBil2Dv35U_0&v=YzAzYzQwZTRlMTE1MzAwMTNhNzA0NTIzYzc5NTZhNTQJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjE5My4yMDcyMzAzMgl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjQ2OS4xMDI2NTMxNwkxNjY5NDc1NTMwCWFkXzYzXzA=&l=OAkwNzVhN2JjZTFmODg3YzY0MjY5ZDIzY2VlOGUyZGQyYQkwCTM1CTAJYWEzMzIzNmZiMjYzN2RjMjZjYzUyNzIwMzdjODU4ODUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5NDc1NTMwCTAuMDAwMzMJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9UBil2Dv35U_0&v=YzAzYzQwZTRlMTE1MzAwMTNhNzA0NTIzYzc5NTZhNTQJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjE5My4yMDcyMzAzMgl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjQ2OS4xMDI2NTMxNwkxNjY5NDc1NTMwCWFkXzYzXzA=&l=OAkwNzVhN2JjZTFmODg3YzY0MjY5ZDIzY2VlOGUyZGQyYQkwCTM1CTAJYWEzMzIzNmZiMjYzN2RjMjZjYzUyNzIwMzdjODU4ODUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5NDc1NTMwCTAuMDAwMzMJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown&sub1=20221127-0212-08dc-89e7-7eb8f09d6aad
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Sat, 26 Nov 2022 15:12:10 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sat, 26 Nov 2022 15:12:10 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9UBil2Dv35U_0&v=YzAzYzQwZTRlMTE1MzAwMTNhNzA0NTIzYzc5NTZhNTQJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjE5My4yMDcyMzAzMgl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjQ2OS4xMDI2NTMxNwkxNjY5NDc1NTMwCWFkXzYzXzA=&l=OAkwNzVhN2JjZTFmODg3YzY0MjY5ZDIzY2VlOGUyZGQyYQkwCTM1CTAJYWEzMzIzNmZiMjYzN2RjMjZjYzUyNzIwMzdjODU4ODUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5NDc1NTMwCTAuMDAwMzMJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-d7dbd8c4d-z9cx6
server: NginX

ww16.best-targeted-traffic.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9UBil2Dv35U_0&v=YzAzYzQwZTRlMTE1MzAwMTNhNzA0NTIzYzc5NTZhNTQJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjE5My4yMDcyMzAzMgl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjQ2OS4xMDI2NTMxNwkxNjY5NDc1NTMwCWFkXzYzXzA=&l=OAkwNzVhN2JjZTFmODg3YzY0MjY5ZDIzY2VlOGUyZGQyYQkwCTM1CTAJYWEzMzIzNmZiMjYzN2RjMjZjYzUyNzIwMzdjODU4ODUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5NDc1NTMwCTAuMDAwMzMJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw

64.190.63.136

302 Found

311 B

URL HTTP/1.1
ww16.best-targeted-traffic.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9UBil2Dv35U_0&v=YzAzYzQwZTRlMTE1MzAwMTNhNzA0NTIzYzc5NTZhNTQJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjE5My4yMDcyMzAzMgl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjQ2OS4xMDI2NTMxNwkxNjY5NDc1NTMwCWFkXzYzXzA=&l=OAkwNzVhN2JjZTFmODg3YzY0MjY5ZDIzY2VlOGUyZGQyYQkwCTM1CTAJYWEzMzIzNmZiMjYzN2RjMjZjYzUyNzIwMzdjODU4ODUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5NDc1NTMwCTAuMDAwMzMJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
311 B (311 bytes)
Hash
4ac0405b53144e453b114dae21af5fbc
3c081910d93e2357ea9dfe72beb6378609951d33
457fade1bc3b4e8ec12ca180c2f7c31746d8ea6927e39a84454289ca163511ad

HTTP Headers

GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9UBil2Dv35U_0&v=YzAzYzQwZTRlMTE1MzAwMTNhNzA0NTIzYzc5NTZhNTQJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjE5My4yMDcyMzAzMgl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzgyMmNjOTJkZjQ2OS4xMDI2NTMxNwkxNjY5NDc1NTMwCWFkXzYzXzA=&l=OAkwNzVhN2JjZTFmODg3YzY0MjY5ZDIzY2VlOGUyZGQyYQkwCTM1CTAJYWEzMzIzNmZiMjYzN2RjMjZjYzUyNzIwMzdjODU4ODUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjY5NDc1NTMwCTAuMDAwMzMJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=21g1122122924hxiagnb&version=1.7&pais=Unknown&sub1=20221127-0212-08dc-89e7-7eb8f09d6aad
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Sat, 26 Nov 2022 15:12:10 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sat, 26 Nov 2022 15:12:10 GMT
location: http://xml.sedodna.com/click?i=9UBil2Dv35U_0
x-cache-miss-from: parking-d7dbd8c4d-wd8pp
server: NginX

xml.sedodna.com/click?i=9UBil2Dv35U_0

173.239.53.32

302 Found

0 B

URL HTTP/1.1
xml.sedodna.com/click?i=9UBil2Dv35U_0
IP
173.239.53.32:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=9UBil2Dv35U_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://q2.quotes.com/b2679e76-6d9c-11ed-aa36-c769323254c6
Pragma: no-cache

q2.quotes.com/b2679e76-6d9c-11ed-aa36-c769323254c6

23.19.76.168

200 OK

170 B

URL HTTP/1.1
q2.quotes.com/b2679e76-6d9c-11ed-aa36-c769323254c6
IP
23.19.76.168:0
ASN
#395954 LEASEWEB-USA-LAX-11

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
170 B (170 bytes)
Hash
f8fe78edc6a56dc19f0cb2420c49f732
e53b04431446fe49511da6766ca4694d78f6fbb1
0f96058cb7fb006f36dda97b338ef703380df3fef5cf4f8e1e978bdfa7af84b3

HTTP Headers

GET /b2679e76-6d9c-11ed-aa36-c769323254c6 HTTP/1.1
Host: q2.quotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 170
content-type: text/html; charset=utf-8
date: Sat, 26 Nov 2022 15:12:10 GMT
server: nginx

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9793
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 15:12:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9793
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 15:12:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9793
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 15:12:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9793
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 15:12:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9793
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 15:12:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4366 bytes)
Hash
abd79421a3c44a8df11ad2cc50083309
8665e5f3026f2c2b9505eb139c478f4d359851c3
3a66b00498fa1322730705b1c4502614b5a520ac3f884f494d65e27a5bb62c3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4366
x-amzn-requestid: ce25f5ab-0c92-431e-ae4e-618829594a74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVNZFjHoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813588-6a3a8dff70e717011e3a0606;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75AMMfa7oq0Y51YPEC_FEDOoNVc9cgfjg9bOSOXwikONPdhW7OG3uQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:10 GMT
age: 62641
etag: "8665e5f3026f2c2b9505eb139c478f4d359851c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:05 GMT
age: 61986
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 36463
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9049 bytes)
Hash
c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:36 GMT
age: 62915
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3502 bytes)
Hash
a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 28725
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15818 bytes)
Hash
17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 59942
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

q2.quotes.com/b2679e76-6d9c-11ed-aa36-c769323254c6?hr=1

23.19.76.168

302 Found

11 B

URL HTTP/1.1
q2.quotes.com/b2679e76-6d9c-11ed-aa36-c769323254c6?hr=1
IP
23.19.76.168:0
ASN
#395954 LEASEWEB-USA-LAX-11

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /b2679e76-6d9c-11ed-aa36-c769323254c6?hr=1 HTTP/1.1
Host: q2.quotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sat, 26 Nov 2022 15:12:10 GMT
location: http://dipaka-ead.com/zcvisitor/b2712a41-6d9c-11ed-be7a-12b21a629f2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97
server: nginx

dipaka-ead.com/zcvisitor/b2712a41-6d9c-11ed-be7a-12b21a629f2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97

3.212.50.125

200

1.1 kB

URL HTTP/1.1
dipaka-ead.com/zcvisitor/b2712a41-6d9c-11ed-be7a-12b21a629f2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97
IP
3.212.50.125:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1100 bytes)
Hash
9eda237bb09061750ab7793c6cc9c38d
7b9d559324f227ed1f85c9409fa31cdd2c649426
c68dc67b0ebc14022e9f0b68948e49c26cea89eaaa821ca07f44259b759c2631

HTTP Headers

GET /zcvisitor/b2712a41-6d9c-11ed-be7a-12b21a629f2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sat, 26 Nov 2022 15:12:11 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: LgjJtGBu

dipaka-ead.com/zcredirect?visitid=b2712a41-6d9c-11ed-be7a-12b21a629f2b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

3.212.50.125

200

700 B

URL HTTP/1.1
dipaka-ead.com/zcredirect?visitid=b2712a41-6d9c-11ed-be7a-12b21a629f2b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
3.212.50.125:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (307)
Size
700 B (700 bytes)
Hash
4e3bc1cb5772781b2c7f9e8c18496534
543c507564711182f639da418a8ffa34d758ec1b
a84bddc5368b7ee03d47dea288067ae5f3433d1dc532900ec289e8c8a816720c

HTTP Headers

GET /zcredirect?visitid=b2712a41-6d9c-11ed-be7a-12b21a629f2b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/b2712a41-6d9c-11ed-be7a-12b21a629f2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sat, 26 Nov 2022 15:12:11 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: neljJUrv

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a9924caa5e5ea6771433e8987415d67b
1b54fdd5493d0ec16d7534d27bc2f22355d510b0
5af36a69736d6f9749ffd226bc8b90f14c29e5e25ebf024124b427d6671d5cf2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142172
Date: Sat, 26 Nov 2022 15:12:12 GMT
Etag: "6381a30a-1d7"
Expires: Mon, 28 Nov 2022 06:41:44 GMT
Last-Modified: Sat, 26 Nov 2022 05:24:26 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cK200lThd3YF6fv5u8blohi7SfY6bCjd4Faej83EGCoajD74B5oZCA==
Age: 4638

dipaka-ead.com/favicon.ico

3.212.50.125

404

653 B

URL HTTP/1.1
dipaka-ead.com/favicon.ico
IP
3.212.50.125:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=b2712a41-6d9c-11ed-be7a-12b21a629f2b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

HTTP/1.1 404 
Date: Sat, 26 Nov 2022 15:12:12 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: FnFSCHWr

ayxvy.voluumtrk.com/zp-redirect?target=https%3A%2F%2Fadult-games.life%2F%3Fu%3Dxunwwwr%26o%3Db02p0ze%26cid%3Dwd6h7coigrbo5fok214jltci&caid=9fc442a1-e878-4941-915c-9cdbcb4c3a14&zpid=b2712a41-6d9c-11ed-be7a-12b21a629f2b&cid=wd6h7coigrbo5fok214jltci&rt=R

35.156.91.109

302 Found

0 B

URL HTTP/2
ayxvy.voluumtrk.com/zp-redirect?target=https%3A%2F%2Fadult-games.life%2F%3Fu%3Dxunwwwr%26o%3Db02p0ze%26cid%3Dwd6h7coigrbo5fok214jltci&caid=9fc442a1-e878-4941-915c-9cdbcb4c3a14&zpid=b2712a41-6d9c-11ed-be7a-12b21a629f2b&cid=wd6h7coigrbo5fok214jltci&rt=R
IP
35.156.91.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zp-redirect?target=https%3A%2F%2Fadult-games.life%2F%3Fu%3Dxunwwwr%26o%3Db02p0ze%26cid%3Dwd6h7coigrbo5fok214jltci&caid=9fc442a1-e878-4941-915c-9cdbcb4c3a14&zpid=b2712a41-6d9c-11ed-be7a-12b21a629f2b&cid=wd6h7coigrbo5fok214jltci&rt=R HTTP/1.1
Host: ayxvy.voluumtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 26 Nov 2022 15:12:12 GMT
content-length: 0
location: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: voluum-cid-v4=%7B%22cid%22%3A%22wd6h7coigrbo5fok214jltci%22%2C%22caid%22%3A%229fc442a1-e878-4941-915c-9cdbcb4c3a14%22%7D; Max-Age=31536000; Expires=Sun, 26-Nov-2023 15:12:12 GMT; Domain=ayxvy.voluumtrk.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
79906696cd20447a421f2d8034129592
e2370c8e9ba0b73cc878a8a189ff417d3c66b22a
4888c8de4c5050b747a2428ff69aa6ea465753d21f7f3f1fec88db4c39c82614

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4888C8DE4C5050B747A2428FF69AA6EA465753D21F7F3F1FEC88DB4C39C82614"
Last-Modified: Sat, 26 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17396
Expires: Sat, 26 Nov 2022 20:02:08 GMT
Date: Sat, 26 Nov 2022 15:12:12 GMT
Connection: keep-alive

adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci

194.87.208.13

200 OK

3.2 kB

URL HTTP/1.1
adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci
IP
194.87.208.13:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (531), with CRLF line terminators
Size
3.2 kB (3161 bytes)
Hash
2ef058d7d17df3ddcf7cf55933902f64
c0ea8da56b08212093a12bc5f1c32fe3c8a62c3a
b845c5791cacf89bd98e8984acbf5660183f362379e3d8fb858a3d86680e2628

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dipaka-ead.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:12 GMT
Content-Type: text/html
Content-Length: 3161
Connection: keep-alive
set-cookie: sid=t1~i1sy4bybc2lslkpa2ryucddg; path=/
cache-control: private, no-transform

adult-games.life/media/adult-games/dirtygames/css/style.css

194.87.208.13

200 OK

24 kB

URL HTTP/1.1
adult-games.life/media/adult-games/dirtygames/css/style.css
IP
194.87.208.13:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (492), with CRLF line terminators
Size
24 kB (24398 bytes)
Hash
18553dca1a77aaacea9cfbba635a1b9d
fab1275546e98ad843af492cb02b16856ecdbf97
1cd5aeeb0f197ba7ce7de97000bd6f3e612a258ed9acab7320c45d507cc98761

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/adult-games/dirtygames/css/style.css HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci
Cookie: sid=t1~i1sy4bybc2lslkpa2ryucddg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:12 GMT
Content-Type: text/css
Content-Length: 24398
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "18553dca1a77aaacea9cfbba635a1b9d"
Last-Modified: Wed, 31 Aug 2022 09:32:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172B2A4DEB8D85A8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 26 Nov 2023 15:12:12 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/cookie/js.cookie14.js

194.87.208.13

200 OK

4.1 kB

URL HTTP/1.1
adult-games.life/cookie/js.cookie14.js
IP
194.87.208.13:0
ASN
#0

File type
ASCII text, with very long lines (1709), with CRLF line terminators
Size
4.1 kB (4132 bytes)
Hash
1db175e4bfc69fb748a1133be837df3a
438fb8aa10a650dcca4311cbad1340a10a7751b7
5805ab67adcb8c0420cba70ca8c75edc82ba6af03cfe7eff2a9f65ce95241ee7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cookie/js.cookie14.js HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci
Cookie: sid=t1~i1sy4bybc2lslkpa2ryucddg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:13 GMT
Content-Type: application/javascript
Content-Length: 4132
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "1db175e4bfc69fb748a1133be837df3a"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172B29FD887BFC28
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 26 Nov 2023 15:12:13 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/util/utils.js

194.87.208.13

200 OK

7.5 kB

URL HTTP/1.1
adult-games.life/util/utils.js
IP
194.87.208.13:0
ASN
#0

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /util/utils.js HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci
Cookie: sid=t1~i1sy4bybc2lslkpa2ryucddg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:13 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172B2A1D9F5005A2
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 26 Nov 2023 15:12:13 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/media/adult-games/dirtygames/js/main.js

194.87.208.13

200 OK

1.8 kB

URL HTTP/1.1
adult-games.life/media/adult-games/dirtygames/js/main.js
IP
194.87.208.13:0
ASN
#0

File type
ASCII text
Size
1.8 kB (1768 bytes)
Hash
bc3f94d8ba7376335e6f01cd1d7e9035
6d7e6f1fc40bdd715adb7c92c1741078d3ee2ea8
343e3acd3192e96a2919af7f5e870e4f2c2a1e36be8a69e53d4fe426fa429ba3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/adult-games/dirtygames/js/main.js HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci
Cookie: sid=t1~i1sy4bybc2lslkpa2ryucddg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:13 GMT
Content-Type: application/javascript
Content-Length: 1768
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "bc3f94d8ba7376335e6f01cd1d7e9035"
Last-Modified: Wed, 31 Aug 2022 09:32:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172B2A4E2C481C76
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 26 Nov 2023 15:12:13 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/media/bbag.js

194.87.208.13

200 OK

1.1 kB

URL HTTP/1.1
adult-games.life/media/bbag.js
IP
194.87.208.13:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1132 bytes)
Hash
d5c49a896c44f3275333d95fb87e560a
12facada7ce68f6008df5cfbcff1c8cf7156b766
4f2ae318d39611ff8511b96bccb64f0ca07f0707eeefbfa1127d99a4fe560187

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/bbag.js HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci
Cookie: sid=t1~i1sy4bybc2lslkpa2ryucddg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:13 GMT
Content-Type: application/javascript
Content-Length: 1132
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "d5c49a896c44f3275333d95fb87e560a"
Last-Modified: Wed, 31 Aug 2022 09:32:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172B29F6E5ADBF07
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 26 Nov 2023 15:12:13 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/media/adult-games/dirtygames/js/jquery.min.js

194.87.208.13

200 OK

88 kB

URL HTTP/1.1
adult-games.life/media/adult-games/dirtygames/js/jquery.min.js
IP
194.87.208.13:0
ASN
#0

File type
ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/adult-games/dirtygames/js/jquery.min.js HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci
Cookie: sid=t1~i1sy4bybc2lslkpa2ryucddg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:13 GMT
Content-Type: application/javascript
Content-Length: 88145
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "220afd743d9e9643852e31a135a9f3ae"
Last-Modified: Wed, 31 Aug 2022 09:32:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172B2A4E372F59D0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 26 Nov 2023 15:12:13 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/media/adult-games/dirtygames/images/style_alt/1-landscape.jpg

194.87.208.13

200 OK

38 kB

URL HTTP/1.1
adult-games.life/media/adult-games/dirtygames/images/style_alt/1-landscape.jpg
IP
194.87.208.13:0
ASN
#0

File type
JPEG image data, progressive, precision 8, 1200x675, components 3\012- data
Size
38 kB (38361 bytes)
Hash
de5fc167f9a8dc2d1ef6a4dbc30bf466
c4f3f62f0c4d62ea731005f462816038174a64f0
7dbf3c33fb19a55cd71f8897cb7388de8f536dfb40cf5e6f6e804cfafd15cb34

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/adult-games/dirtygames/images/style_alt/1-landscape.jpg HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/media/adult-games/dirtygames/css/style.css
Cookie: sid=t1~i1sy4bybc2lslkpa2ryucddg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:13 GMT
Content-Type: image/jpeg
Content-Length: 38361
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "de5fc167f9a8dc2d1ef6a4dbc30bf466"
Last-Modified: Wed, 31 Aug 2022 09:32:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172B29E6F4723384
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 26 Nov 2023 15:12:13 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

adult-games.life/favicon.ico

194.87.208.13

204 No Content

0 B

URL HTTP/1.1
adult-games.life/favicon.ico
IP
194.87.208.13:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wd6h7coigrbo5fok214jltci
Cookie: sid=t1~i1sy4bybc2lslkpa2ryucddg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 26 Nov 2022 15:12:13 GMT
Connection: keep-alive
Cache-Control: no-transform

adult-games.life/media/adult-games/dirtygames/images/style_alt/2-landscape.jpg

194.87.208.13

200 OK

103 kB

URL HTTP/1.1
adult-games.life/media/adult-games/dirtygames/images/style_alt/2-landscape.jpg
IP
194.87.208.13:0
ASN
#0

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x675, components 3\012- data
Size
103 kB (103381 bytes)
Hash
4ef7d0bec4089847650e38ff8f3c6631
b4e7dc0e4683ac90efc6557f4fecbee954c28c81
86f92a0dbd5b0249405ece0abf85e4ce663fe9a44e3921811939c143e1c6ad52

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /media/adult-games/dirtygames/images/style_alt/2-landscape.jpg HTTP/1.1
Host: adult-games.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/media/adult-games/dirtygames/css/style.css
Cookie: sid=t1~i1sy4bybc2lslkpa2ryucddg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:13 GMT
Content-Type: image/jpeg
Content-Length: 103381
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "4ef7d0bec4089847650e38ff8f3c6631"
Last-Modified: Wed, 31 Aug 2022 09:32:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172B29E731534EB8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 26 Nov 2023 15:12:13 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations