Report - ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=EA%20Sports%20UFC%204%20PC%20Download%20Free&s1=3530

Report Overview

Submitted URL
ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=EA%20Sports%20UFC%204%20PC%20Download%20Free&s1=3530_959433&s3=6353ff6387f8990001db9496
IP
188.72.236.34
ASN
#35415 Webzilla B.V.
Submitted
2022-10-23 22:27:44
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.9 kB	8.0 kB	23.36.76.226
c.srvpcn.com	35194	2021-11-04T09:37:05Z	2023-03-09T13:15:12Z	441 B	268 B	54.144.72.99
go.money616.xyz	unknown	2022-07-29T07:26:08Z	2023-02-11T07:58:41Z	482 B	1.8 kB	18.184.197.212
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	44.238.202.79
adverster.g2afse.com	200149	2021-05-26T13:36:17Z	2023-03-04T16:23:11Z	547 B	531 B	34.91.145.202
adspredictiv.com	160243	2015-04-30T23:27:53Z	2023-03-09T07:33:45Z	1.4 kB	14 kB	35.190.38.40
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	67 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.36
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	486 B	32 kB	216.58.207.195
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	406 B	746 B	142.250.74.10
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	1.3 kB	2.8 kB	142.250.74.3
ti-files.org	unknown			467 B	858 B	188.72.236.34
bilqi-omv.com	unknown	2022-10-17T15:55:17Z	2022-12-22T22:34:10Z	464 B	694 B	35.174.150.83
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	658 B	1.4 kB	93.184.220.29
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-09T11:25:06Z	656 B	1.9 kB	104.18.32.68
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-09T05:11:35Z	330 B	1.0 kB	172.64.155.188
topsolutions.rdtk.io	308069	2020-04-27T11:12:54Z	2023-03-04T16:23:09Z	628 B	1.0 kB	85.17.54.17
free3dgame.xyz	unknown	2021-03-11T14:07:41Z	2023-03-09T20:18:00Z	5.3 kB	957 kB	146.190.28.107
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.9 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-23	medium	free3dgame.xyz	Sinkholed
2022-10-23	medium	free3dgame.xyz	Sinkholed
2022-10-23	medium	free3dgame.xyz	Sinkholed
2022-10-23	medium	free3dgame.xyz	Sinkholed
2022-10-23	medium	free3dgame.xyz	Sinkholed
2022-10-23	medium	free3dgame.xyz	Sinkholed
2022-10-23	medium	free3dgame.xyz	Sinkholed
2022-10-23	medium	free3dgame.xyz	Sinkholed
2022-10-23	medium	free3dgame.xyz	Sinkholed
2022-10-23	medium	free3dgame.xyz	Sinkholed

JavaScript (9)

	URL	Size	First Seen	Last Seen
	adspredictiv.com/jump/next.php?r=6359262&sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j	6.8 kB	2023-03-10	2023-03-10
Pretty URL adspredictiv.com/jump/next.php?r=6359262&sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j IP 35.190.38.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:05:19 Last Seen2023-03-10 14:05:19 Times Seen1 Hash 1b5dd6ce0e4d6d5e82e9eb80daa6dc16 7d675ded158b678e1865238fe77e2ed620415306 cca44ffff6f6c7dabfeeb1e6414e071938ef24e8a6d711e9fdb5169486d3dbce Loading...

	free3dgame.xyz/files/jquery.min.js	88 kB	2023-03-07	2024-04-19
Pretty URL free3dgame.xyz/files/jquery.min.js IP 146.190.28.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-19 20:57:43 Times Seen95065 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	free3dgame.xyz/files/lang.js	8.0 kB	2023-03-07	2023-04-16
Pretty URL free3dgame.xyz/files/lang.js IP 146.190.28.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:55 Last Seen2023-04-16 16:57:52 Times Seen2 Hash 0e2dc8ac9fdfd903c9203e349acddd2e 181c12848afc8b434b57841de2198df03321e522 ab8a6ecd933190ba9899ec8a18386cab4de96f8ab74e9b8884bdc1963a34c938 Loading...

	free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364	59 B	2023-03-07	2023-03-11
Pretty URL free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364 IP 146.190.28.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:55 Last Seen2023-03-11 11:33:41 Times Seen1 Hash 94c9790c83e7d66a55ec2f8d453705b6 a6e0e091038c42e08aafda94e02e7c98550fa774 265bdb8b880d0badbc6f10623b17bc6329536a0dbbfcb5bd22abe96b3ed5e12a Loading...

	free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364	63 B	2023-03-07	2023-05-18
Pretty URL free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364 IP 146.190.28.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:55 Last Seen2023-05-18 05:53:27 Times Seen3 Hash 1eeaee32d7ccd06fdd9d09f92c83fcfc d33200f757a75fcc9d7216c2e29bc620f38ecc69 00f8a44fa20901e0b6437027cbd74815d9cd70c6fedbdecce1647a9847afe88c Loading...

	free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364	183 B	2023-03-07	2023-03-11
Pretty URL free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364 IP 146.190.28.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:55 Last Seen2023-03-11 11:33:41 Times Seen1 Hash 3021debdb3a8269f54d162a9ea34187f 53c110199cf7fd52e2f4ea57f68f8bf3715279d4 9dc51ebac0e8dfb74a6729d034ab8678112dc631b80cc391994cd5c811013f4b Loading...

	go.money616.xyz/s4?sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j	303 B	2023-03-07	2023-03-29
Pretty URL go.money616.xyz/s4?sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j IP 18.184.197.212 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:00 Last Seen2023-03-29 22:02:34 Times Seen2 Hash 31a347fbfc2dd44f703fbb699f9d625a 8d6506621dc9a3ca94de1c9308e01a73cf995a0f d37f8d9576b0cdb4b7894427834c30ebfb08f5856c45f00b2cf1b12154cd9a4b Loading...

		Size	First Seen	Last Seen
	#1 Write - b771763a75e71e492aa8bb0d3a767222	52 B	2023-03-07	2023-05-18
Pretty Observations First Seen2023-03-07 13:17:55 Last Seen2023-05-18 05:53:28 Times Seen6 Hash b771763a75e71e492aa8bb0d3a767222 87ae2798daad2ff86d276d909397d482b9f0825d 0deedc1abfc3b275016994191944c57799852bae497d3a06461ac07e741712b9 Loading...

	#2 Write - 1b0793fab33f3fe17a1da6c6f085b123	10 B	2023-03-07	2023-05-29
Pretty Observations First Seen2023-03-07 13:17:55 Last Seen2023-05-29 01:56:03 Times Seen10 Hash 1b0793fab33f3fe17a1da6c6f085b123 365f992a0a10615ba2ae06d707bb66c9e6c66bbe 62e0df134d7e80abb976d863e3602a9a240fe509ac17654521ac4ac6bffda44d Loading...

HTTP Transactions (49)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 21:52:52 GMT
Expires: Sun, 23 Oct 2022 22:33:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XUt9AJ-DrH6InCbNnDKRG4y9jaQVtLgWKN1iOXmP7TfYsTJcVcgPBg==
Age: 2080

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4480
Expires: Sun, 23 Oct 2022 23:42:12 GMT
Date: Sun, 23 Oct 2022 22:27:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11860
Expires: Mon, 24 Oct 2022 01:45:12 GMT
Date: Sun, 23 Oct 2022 22:27:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MWSb4R4sykCzF/k7QZp+Xit3VNsMBZNsRHSNSZ4C68Hk0uSUE0nP1Ie8RghQPqUqjwV4np7ODUInrel4T+RWuw==
x-amz-request-id: R2PBRT6ZSXJH1Z7T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 22:08:15 GMT
age: 1157
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=EA%20Sports%20UFC%204%20PC%20Download%20Free&s1=3530_959433&s3=6353ff6387f8990001db9496

188.72.236.34

302 Found

164 B

URL HTTP/1.1
ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=EA%20Sports%20UFC%204%20PC%20Download%20Free&s1=3530_959433&s3=6353ff6387f8990001db9496
IP
188.72.236.34:0
ASN
#35415 Webzilla B.V.

File type
HTML document, ASCII text
Size
164 B (164 bytes)
Hash
b35139a2ee8987939291520bf4678579
22385bb3b9046913837399d9f9c736b75bf72e38
0c1a3abac70182bffcdcc9e7a2816b52609a11fa1b3a756cdb22d1bbccaf0d50

HTTP Headers

GET /GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=EA%20Sports%20UFC%204%20PC%20Download%20Free&s1=3530_959433&s3=6353ff6387f8990001db9496 HTTP/1.1
Host: ti-files.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Sun, 23 Oct 2022 22:27:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 164
Connection: keep-alive
Location: http://c.srvpcn.com/click?id=cdarvl056phk510fegng&e=7de94241-6cb2-4f4d-96d3-bf871b24b8bf&px=34&c=ANS_VWMPKgUAFDgCAE5PFgAMAMXZJNgA
Set-Cookie: bd_context=/NrCQNpmDdTA9NVwnJ6jsKwOIgduVixfpk4w2lHzTZWPdT7ufmitM5lnst/taAatnQG527Jpoy1TR7pynYPKGkIEgczuHi6ICGsky/hbGDgS/w8RnZBoRgZJj/gVVQBjZ/C1sZHe6V//aJfV2Rsv8ndZ3b2BB7I3bezj7wQ32XJvHGytnzkTsh+bv1cCSwZBH6lvNfQrYvH8MKMZ7CrMMRo8LK6PZvp0tDTYllfATVRoI7hErCDhfY2m30JUWG/gpNbDIWffUBGluGNTJOBPmXsPa2rRAKt6IwGK+7F2uOdHF68IPBc4jfI/yPYQVhe6FfsNCb1hick=; Expires=Mon, 23 Oct 2023 22:27:32 GMT

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

c.srvpcn.com/click?id=cdarvl056phk510fegng&e=7de94241-6cb2-4f4d-96d3-bf871b24b8bf&px=34&c=ANS_VWMPKgUAFDgCAE5PFgAMAMXZJNgA

54.144.72.99

303 See Other

0 B

URL HTTP/1.1
c.srvpcn.com/click?id=cdarvl056phk510fegng&e=7de94241-6cb2-4f4d-96d3-bf871b24b8bf&px=34&c=ANS_VWMPKgUAFDgCAE5PFgAMAMXZJNgA
IP
54.144.72.99:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?id=cdarvl056phk510fegng&e=7de94241-6cb2-4f4d-96d3-bf871b24b8bf&px=34&c=ANS_VWMPKgUAFDgCAE5PFgAMAMXZJNgA HTTP/1.1
Host: c.srvpcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 303 See Other
Date: Sun, 23 Oct 2022 22:27:32 GMT
Content-Length: 0
Connection: keep-alive
Location: http://bilqi-omv.com/zcvisitor/e2dfb013-5321-11ed-af8e-0a858640f087/e3e39f70-3459-11e9-9a51-0a15cb739170?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 23 Oct 2022 21:43:40 GMT
Cache-Control: max-age=3600
Expires: Sun, 23 Oct 2022 21:46:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0eGj66VeWANMqx7hH0mB73nkIRLgMN0QdT3FRf_ZvcZD3LbkPHUk7w==
Age: 2632

bilqi-omv.com/zcvisitor/e2dfb013-5321-11ed-af8e-0a858640f087/e3e39f70-3459-11e9-9a51-0a15cb739170?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97

35.174.150.83

302

0 B

URL HTTP/1.1
bilqi-omv.com/zcvisitor/e2dfb013-5321-11ed-af8e-0a858640f087/e3e39f70-3459-11e9-9a51-0a15cb739170?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97
IP
35.174.150.83:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zcvisitor/e2dfb013-5321-11ed-af8e-0a858640f087/e3e39f70-3459-11e9-9a51-0a15cb739170?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97 HTTP/1.1
Host: bilqi-omv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Date: Sun, 23 Oct 2022 22:27:33 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://go.money616.xyz/s4?sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j
Server: JGXmwQMK

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60d5d7cce6c32a6bdaf0d4c92ec93a1a
cd29edee660366b41749cfd206bdc08fb421449c
fb90c4cc44b32e4ca4a7d1533bbf4a2fd5c482dda5d232f1be2334f3cefbbb0e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5786
Cache-Control: max-age=126936
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 22:27:33 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 09:43:09 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5a2ff9998cb0167da6b6614ed884f55
f0b89b07731946d33d9100e29026e539f1135586
b0d31a82c4bf805dbe6a6cd27221f847ec39c095895d63ba2f9738a5b65149eb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0D31A82C4BF805DBE6A6CD27221F847EC39C095895D63BA2F9738A5B65149EB"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10404
Expires: Mon, 24 Oct 2022 01:20:57 GMT
Date: Sun, 23 Oct 2022 22:27:33 GMT
Connection: keep-alive

go.money616.xyz/s4?sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j

18.184.197.212

200 OK

1.6 kB

URL HTTP/1.1
go.money616.xyz/s4?sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j
IP
18.184.197.212:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (364)
Size
1.6 kB (1554 bytes)
Hash
4bad0572fbbb36410804df400067167b
2592cda88d6580e57d35a1f93b1870afbf4a06d3
4eb3784785dd4e0db4e86972a8a51bdb2d0d054e78615fb460b28a9885fa0a3b

HTTP Headers

GET /s4?sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j HTTP/1.1
Host: go.money616.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
connection: close
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
x-powered-by: Short.io link shortener
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
content-length: 1554
Date: Sun, 23 Oct 2022 22:27:33 GMT

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
4b4947263357a5cf383a519dcca40228
cfacf43717b7f1d77314dae8390737274d913315
3edf03c09f18dfb6c8677c751e99f9ab6e26890c438338338dcfb218b8d7162a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 22:27:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 22:25:06 GMT
Expires: Sat, 29 Oct 2022 22:25:05 GMT
Etag: "cfacf43717b7f1d77314dae8390737274d913315"
Cache-Control: max-age=517651,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75ede695dc9ab527-OSL

push.services.mozilla.com/

44.238.202.79

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.238.202.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wVKIiI0rb62vrwU+yw4bhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6KzCG6ie/Bj8KjrQZnxMmBArB68=

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
4b4947263357a5cf383a519dcca40228
cfacf43717b7f1d77314dae8390737274d913315
3edf03c09f18dfb6c8677c751e99f9ab6e26890c438338338dcfb218b8d7162a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 22:27:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 22:25:06 GMT
Expires: Sat, 29 Oct 2022 22:25:05 GMT
Etag: "cfacf43717b7f1d77314dae8390737274d913315"
Cache-Control: max-age=517651,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75ede6974df7b527-OSL

ocsp.usertrust.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
fc1c377eeb1159d1d0455b77614ee35d
30ebba642437c03f70010f15b7022eda505116a3
6e3476237e3a4048c1249b56344bc5eedf3f72f7aab2b2a8a09db4d4275a17a2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 22:27:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 10:07:29 GMT
Expires: Fri, 28 Oct 2022 10:07:28 GMT
Etag: "30ebba642437c03f70010f15b7022eda505116a3"
Cache-Control: max-age=601079,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ede699faa3b529-OSL

topsolutions.rdtk.io/631d71ca60776e00012e0e8f?sub1=6359262-1264786048-2966871915&sub2=&sub3=309529620&sub4=126766&sub5=1666564053&sub6=6359262&sub7=NO&sub8=1000&sub9=Blix%20Solutions&ref_id=166656405310000TNOTV415326358024V20

85.17.54.17

302 Found

191 B

URL HTTP/1.1
topsolutions.rdtk.io/631d71ca60776e00012e0e8f?sub1=6359262-1264786048-2966871915&sub2=&sub3=309529620&sub4=126766&sub5=1666564053&sub6=6359262&sub7=NO&sub8=1000&sub9=Blix%20Solutions&ref_id=166656405310000TNOTV415326358024V20
IP
85.17.54.17:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document, ASCII text
Size
191 B (191 bytes)
Hash
f332f5e097972df7b5fc2036da607401
79c9413abbdb38f61697b88016a3a8eeb19ffc2a
a02c109092f4d04489a40703d93d544f626f68a7da92d1e73a01f67fd3946a1f

HTTP Headers

GET /631d71ca60776e00012e0e8f?sub1=6359262-1264786048-2966871915&sub2=&sub3=309529620&sub4=126766&sub5=1666564053&sub6=6359262&sub7=NO&sub8=1000&sub9=Blix%20Solutions&ref_id=166656405310000TNOTV415326358024V20 HTTP/1.1
Host: topsolutions.rdtk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 23 Oct 2022 22:27:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 191
Connection: keep-alive
Location: https://adverster.g2afse.com/click?pid=364&offer_id=140&sub4=6359262-1264786048-2966871915&ref_id=6355bfd6d715a30001696cbd&sub2=5cc839de65115c0001015b85
Referer: 
Referrer-Policy: no-referrer
Set-Cookie: redhash=NjM1NWJmZDZkNzE1YTMwMDAxNjk2Y2JkfDB8NjMxZDcxY2E2MDc3NmUwMDAxMmUwZThmfHw0ZWU5YmFhOC02NmJjLTRhMTctODdkYi05YWYxYzJhZGNhZDR8MTY2NjU2NDA1NA==; Path=/; Domain=topsolutions.rdtk.io; Expires=Mon, 23 Oct 2023 22:27:34 GMT; Secure; SameSite=None
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
3d3f3a662afd3821be45bd398d574c17
d75d094bf1cd9d98f87b5bcb551b44811b703381
2514fedb43587bc8610923fde64b2da4090bfc08e7ac103aad15d7fd4a7f385c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5473
Cache-Control: max-age=93182
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 22:27:34 GMT
Etag: "63547373-13a"
Expires: Tue, 25 Oct 2022 00:20:36 GMT
Last-Modified: Sat, 22 Oct 2022 22:49:23 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314

adverster.g2afse.com/click?pid=364&offer_id=140&sub4=6359262-1264786048-2966871915&ref_id=6355bfd6d715a30001696cbd&sub2=5cc839de65115c0001015b85

34.91.145.202

302 Found

0 B

URL HTTP/2
adverster.g2afse.com/click?pid=364&offer_id=140&sub4=6359262-1264786048-2966871915&ref_id=6355bfd6d715a30001696cbd&sub2=5cc839de65115c0001015b85
IP
34.91.145.202:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=364&offer_id=140&sub4=6359262-1264786048-2966871915&ref_id=6355bfd6d715a30001696cbd&sub2=5cc839de65115c0001015b85 HTTP/1.1
Host: adverster.g2afse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sun, 23 Oct 2022 22:27:34 GMT
content-length: 0
location: https://free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364
set-cookie: afclick=6355bfd64579870001344a07; expires=Mon, 23 Oct 2023 22:27:34 GMT; secure; SameSite=None
afoffers={"140":1666564054}; expires=Mon, 23 Oct 2023 22:27:34 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5f8d8d9c70bde85be51daec5f6620d6b
1be3d0199bfb8f26c4697046ce42dd51ada54ffb
b1b091940959ff0fe1ada347156e6c703b42a9f1f9bdd4b5adaa38826b895c17

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B1B091940959FF0FE1ADA347156E6C703B42A9F1F9BDD4B5ADAA38826B895C17"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4212
Expires: Sun, 23 Oct 2022 23:37:46 GMT
Date: Sun, 23 Oct 2022 22:27:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10909
Expires: Mon, 24 Oct 2022 01:29:23 GMT
Date: Sun, 23 Oct 2022 22:27:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10909
Expires: Mon, 24 Oct 2022 01:29:23 GMT
Date: Sun, 23 Oct 2022 22:27:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10909
Expires: Mon, 24 Oct 2022 01:29:23 GMT
Date: Sun, 23 Oct 2022 22:27:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10909
Expires: Mon, 24 Oct 2022 01:29:23 GMT
Date: Sun, 23 Oct 2022 22:27:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10909
Expires: Mon, 24 Oct 2022 01:29:23 GMT
Date: Sun, 23 Oct 2022 22:27:34 GMT
Connection: keep-alive

adspredictiv.com/jump/next.php?r=6359262&sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j

35.190.38.40

200 OK

13 kB

URL HTTP/2
adspredictiv.com/jump/next.php?r=6359262&sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j
IP
35.190.38.40:0
ASN
#15169 GOOGLE

File type
data
Size
13 kB (13159 bytes)
Hash
9f50205e9b5c697b94e714b4465417aa
c02a63ef8dda244f56d976b5e4ef1a7a0d434583
7d89f032452bcb5d02e5af1517bd4d48761a36d8158e9288ed3b916992cc0834

HTTP Headers

GET /jump/next.php?r=6359262&sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j HTTP/1.1
Host: adspredictiv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.money616.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Sun, 23 Oct 2022 22:27:33 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7185 bytes)
Hash
c16ee3c480c8ee5b51b7dd88375649ae
885e2070d3ea7973fd978e1e9c247ce248afdbbb
4086d5476b9f3b6c06535fc588784c19a52008178cbdeccbff4c98497bd8e428

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: 5bbcd9f1-fa0a-4591-a38c-b472e2ef148f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelC7EZ4oAMFmvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b545-754aa64e1249811f2c019641;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qkk3lDqVtpedvxCxGrNyJVjGIW6-VJqpMgBxHjaRatILglKJ96Tfvg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:36 GMT
age: 2458
etag: "885e2070d3ea7973fd978e1e9c247ce248afdbbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4612fa-9557-465f-8ec2-dc7a447daaac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9495 bytes)
Hash
6b24b0e9eeeecd44eafc5957dc5450db
e071eb9837a242f41035da077dc6c9b0178d8f9f
33e9c9c03180d2855606be0605c894180d81e151e2f4b4b2bacf5325c11152d4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4612fa-9557-465f-8ec2-dc7a447daaac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9495
x-amzn-requestid: f9246128-d6a3-49e0-982d-9f75d110aa2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelztGlqoAMFs8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b67d-7f04a07955c3c9a8644475a0;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:47:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FDwmWmTCnCZt2aCUx9Tb3r4RJ4co-0A1dAbABurYrJNcyGa6ZMmONw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:56:13 GMT
age: 1881
etag: "e071eb9837a242f41035da077dc6c9b0178d8f9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3257320-582a-498d-9e0c-531ea65fbbe0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 772-513, spot sensor temperature 0.000000, unit celsius, color scheme 1, calibration: offset 0.000000, slope 241254190455726276608.000000\012- data
Size
14 kB (13962 bytes)
Hash
88436497b6fe5e22155afc45e9e8fe3e
5004575548d76d878a7f27bb3fc4a9a10e8f6909
304c2388dd96c82582d490cd473174b11eac53bf408a29ed78e23d77139ef243

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3257320-582a-498d-9e0c-531ea65fbbe0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13962
x-amzn-requestid: 84f8b505-da9d-421c-b00a-3d6407aac332
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDQETqoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b547-566c7abb12b09a565be85833;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N-R8_VOQSIhikiT-qqPi0ABMoZnr234hdcdinyzBath9A8M6aUZ37A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:54:05 GMT
age: 2009
etag: "5004575548d76d878a7f27bb3fc4a9a10e8f6909"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9782993-f413-4e6d-95c2-333fbe657f63.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10565 bytes)
Hash
a2e664fa8596d38b4f74c45198a1d034
71daf3c8a99c89c8437645e97c7f14dd10d02d30
8f2cba60d7770cdfb781bfb95c33d9da1b03cab9ed5354b8a79d86e22b489663

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9782993-f413-4e6d-95c2-333fbe657f63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10565
x-amzn-requestid: 77d1f33a-cf70-44b9-a589-0cdadbea8d82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FDBoAMFvFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-2a30ebbb731766f675647a98;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MAguR4SfghsNzQUE6EIpLZ2bnc8yu8-YToIKS9mUCW6NhLLXtBjNew==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:56:14 GMT
age: 1880
etag: "71daf3c8a99c89c8437645e97c7f14dd10d02d30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f5d706-03b5-40c4-9fef-abddcb255f99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10420 bytes)
Hash
1974529bf378941c1b76662e2b283988
cdde9ea46af873e3f838bdb35d69cc0844016311
7c39112dbb1088fe09e010fcd5d85b63a34ac40c7b93e0e9873715ccdf0ac579

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f5d706-03b5-40c4-9fef-abddcb255f99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10420
x-amzn-requestid: 9fbc5930-f615-4548-a683-061be9a67bb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDFGPhoAMFVzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b546-0563eb5f6ba62af65182fc3c;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DQSSMaj6KDZSErVdSgL7O7J_LUeBmrsI5lZ3xrI_RcyGH3OYApJVmw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:59:37 GMT
age: 1677
etag: "cdde9ea46af873e3f838bdb35d69cc0844016311"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 22:27:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

free3dgame.xyz/files/1.png

146.190.28.107

200 OK

91 kB

URL HTTP/2
free3dgame.xyz/files/1.png
IP
146.190.28.107:0
ASN
#0

File type
PNG image data, 268 x 341, 8-bit/color RGBA, non-interlaced\012- data
Size
91 kB (91434 bytes)
Hash
b1ca79a348b74c1f02654dcdc06fbd7a
015f9320975c34adbacd595681605c79797c0880
19ddba2395038bfe50d196bd2313219bcace3ebf24837e50c700d1f8f5e63a87

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/1.png HTTP/1.1
Host: free3dgame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:34 GMT
content-type: image/png
content-length: 91434
last-modified: Tue, 24 May 2022 10:25:50 GMT
etag: "628cb2ae-1652a"
expires: Tue, 22 Nov 2022 22:27:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

free3dgame.xyz/files/desc.jpg

146.190.28.107

200 OK

517 kB

URL HTTP/2
free3dgame.xyz/files/desc.jpg
IP
146.190.28.107:0
ASN
#0

File type
JPEG image data, progressive, precision 8, 3360x1882, components 3\012- data
Size
517 kB (517070 bytes)
Hash
abd6f700139d33406e689ae523063675
6fa1dd814d4c2d6a770e644c5aa0a0d7facdeba0
99f3f7d43320f66092019658c89c57d8a0bb5b748b9841384c4324acab71cc52

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/desc.jpg HTTP/1.1
Host: free3dgame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:34 GMT
content-type: image/jpeg
content-length: 517070
last-modified: Tue, 24 May 2022 11:29:05 GMT
etag: "628cc181-7e3ce"
expires: Tue, 22 Nov 2022 22:27:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 22:27:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

free3dgame.xyz/files/mob.jpg

146.190.28.107

200 OK

294 kB

URL HTTP/2
free3dgame.xyz/files/mob.jpg
IP
146.190.28.107:0
ASN
#0

File type
JPEG image data, progressive, precision 8, 1182x2100, components 3\012- data
Size
294 kB (294511 bytes)
Hash
6293f6397f0fc4f54cdee9f1016aa620
e1fe2d942487529eef53fc77e5eae9b518ec2944
657405356cbcd646c8090fdb0dbc62755bea4b1b2b0fae0fdade66a4af776f2b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/mob.jpg HTTP/1.1
Host: free3dgame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:34 GMT
content-type: image/jpeg
content-length: 294511
last-modified: Tue, 24 May 2022 11:28:39 GMT
etag: "628cc167-47e6f"
expires: Tue, 22 Nov 2022 22:27:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

free3dgame.xyz/files/bg-box.png

146.190.28.107

200 OK

37 kB

URL HTTP/2
free3dgame.xyz/files/bg-box.png
IP
146.190.28.107:0
ASN
#0

File type
PNG image data, 823 x 424, 8-bit/color RGBA, non-interlaced\012- data
Size
37 kB (37399 bytes)
Hash
d9aab159517209305f0ae6ae43af0c2e
77763dcbe0c4223da8eba455022c7d41d21fe434
158ebf4b5f0045d2235408626133e56e8acef48a5b2cc4d69fd005d951954a63

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/bg-box.png HTTP/1.1
Host: free3dgame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dgame.xyz/files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:34 GMT
content-type: image/png
content-length: 37399
last-modified: Tue, 24 May 2022 10:25:14 GMT
etag: "628cb28a-9217"
expires: Tue, 22 Nov 2022 22:27:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 22:27:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 22:27:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

216.58.207.195

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31516, version 1.0\012- data
Size
32 kB (31516 bytes)
Hash
9e4726d312080161871f0472659ecf14
e0231f21da02732e9ef19c2280ea5a7aa25f04de
68c831b3324ca6fea43d48681ac2b9338b794ecdb60ff7fa7059a997d4007604

HTTP Headers

GET /s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://free3dgame.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 02:24:20 GMT
expires: Sun, 22 Oct 2023 02:24:20 GMT
cache-control: public, max-age=31536000
age: 158594
last-modified: Fri, 24 Jun 2022 19:34:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

free3dgame.xyz/files/apple-touch-icon.png

146.190.28.107

200 OK

9.4 kB

URL HTTP/2
free3dgame.xyz/files/apple-touch-icon.png
IP
146.190.28.107:0
ASN
#0

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
9.4 kB (9390 bytes)
Hash
049ac8181fb1c147054e1ec9ae763d70
565397e7f0a82d7c31abccddbd9a310fddb3591d
6812893aafb0fdffa269b19ed588193637747a850b3d20ac51c38d09ccffdc95

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/apple-touch-icon.png HTTP/1.1
Host: free3dgame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:35 GMT
content-type: image/png
content-length: 9390
last-modified: Tue, 24 May 2022 10:25:37 GMT
etag: "628cb2a1-24ae"
expires: Tue, 22 Nov 2022 22:27:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

free3dgame.xyz/files/lang.js

146.190.28.107

200 OK

3.4 kB

URL HTTP/2
free3dgame.xyz/files/lang.js
IP
146.190.28.107:0
ASN
#0

File type
data
Size
3.4 kB (3353 bytes)
Hash
2278caa9b2a4748968951088405819ed
acfe0dfba926e481f21fd3eb33d0425b4d064e4d
fc118db09973cc994d91a5053e9247af773bfc94c404dfe355124f07d6ef36ff

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/lang.js HTTP/1.1
Host: free3dgame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:34 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 12:43:28 GMT
vary: Accept-Encoding
etag: W/"628cd2f0-1f66"
expires: Mon, 24 Oct 2022 10:27:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

free3dgame.xyz/files/favicon-16x16.png

146.190.28.107

200 OK

493 B

URL HTTP/2
free3dgame.xyz/files/favicon-16x16.png
IP
146.190.28.107:0
ASN
#0

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
493 B (493 bytes)
Hash
a2a4b5d7c260fd7b81ea7daa0922c45c
736f12c449c0d7b8809bd0efc96a041b2dd0b377
80a2bb3256c6169c7b0784d69b3f199510a9e345bbff1f7480ac209fcd985b78

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/favicon-16x16.png HTTP/1.1
Host: free3dgame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:35 GMT
content-type: image/png
content-length: 493
last-modified: Tue, 24 May 2022 10:22:25 GMT
etag: "628cb1e1-1ed"
expires: Tue, 22 Nov 2022 22:27:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be00a57-fe20-4b17-bbdf-88b9daf542a7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9340 bytes)
Hash
4352d6f8e696e348db1207f9b911582c
9806f4179ac2ee4ead5e04dfbdd6c563af6caa6f
3a763dd67f5e89a0e2b3f11b2ddcb73e9526dd4657e0b1df79f9e8fdab53c96a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be00a57-fe20-4b17-bbdf-88b9daf542a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: 01d2c959-06a2-48b5-bac3-4136c0578487
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelH3GnGoAMF5zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b565-6bc5d32d1bc2a3a9651bee67;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: leFh8aw0FVcdghUHhSrAsgNSURA29BxP0z0FMnUGN3LbQujdh3B49w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:16:07 GMT
etag: "9806f4179ac2ee4ead5e04dfbdd6c563af6caa6f"
content-type: image/jpeg
age: 694
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

adspredictiv.com/jump/next.php?stamat=m%257CKyYjKSIhaQdHkAH0dEdHP3xP.b28%252C7H0PozvLiGV-YkDx825CHq_5mNyzZhovkYDfyjWLDI0Sb21IYsIWB7DkTq9zqOvWcXBWw_8ugBqX7bJIEHCX0Lk5_HW8zgTv-eAzzBol2OiMAXmfOZ-OHOE4qv5LIpDjHfYKIHs9PlXBWS8-MkSkUw%252C%252C&cbpage=https://adspredictiv.com/jump/next.php?r=6359262&sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j&cbur=0.01755083990857398&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fgo.money616.xyz%2F

35.190.38.40

302 Found

0 B

URL HTTP/2
adspredictiv.com/jump/next.php?stamat=m%257CKyYjKSIhaQdHkAH0dEdHP3xP.b28%252C7H0PozvLiGV-YkDx825CHq_5mNyzZhovkYDfyjWLDI0Sb21IYsIWB7DkTq9zqOvWcXBWw_8ugBqX7bJIEHCX0Lk5_HW8zgTv-eAzzBol2OiMAXmfOZ-OHOE4qv5LIpDjHfYKIHs9PlXBWS8-MkSkUw%252C%252C&cbpage=https://adspredictiv.com/jump/next.php?r=6359262&sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j&cbur=0.01755083990857398&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fgo.money616.xyz%2F
IP
35.190.38.40:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jump/next.php?stamat=m%257CKyYjKSIhaQdHkAH0dEdHP3xP.b28%252C7H0PozvLiGV-YkDx825CHq_5mNyzZhovkYDfyjWLDI0Sb21IYsIWB7DkTq9zqOvWcXBWw_8ugBqX7bJIEHCX0Lk5_HW8zgTv-eAzzBol2OiMAXmfOZ-OHOE4qv5LIpDjHfYKIHs9PlXBWS8-MkSkUw%252C%252C&cbpage=https://adspredictiv.com/jump/next.php?r=6359262&sub1=pyrrhous-marten&sub2=bravo-pur-k8en3qj53j&cbur=0.01755083990857398&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fgo.money616.xyz%2F HTTP/1.1
Host: adspredictiv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sun, 23 Oct 2022 22:27:33 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://adspredictiv.com/script/i.php?stamat=m%257C%252C%252CAjPqNhESoGU3B0-GH0dEdHP3xP.57c%252CGu_EOatakJHqLWNSKE87ED3F8UTUBEoPKycems87gLxY3hPI07dBB7EyvgzdLZxOB3IDcerwyg_sAk5P0Yz2p5ZgjSffuL_hqe2Jv1YEWMha1_WnpY721rWDTzSlUqSzU9T5VOuJPwkcb3IhKrub7nwRnbrKRnGWNuci8S7QRLKssV_V8hidElDlw2UXr0JhHJfA4K7XpUfHAJlFdsAO1Jk3sGJE_GGFa301JHUmqMdoPxaERrNkj2gl50Vm6gjYQYj55xEvrjbUmo9gSh-AikVZcfOShPB705A_zvpjIHoMOMNJfd68_mugxIYKgPD5CX91J74_9i8bA-TQim5sYghXn1HCI82TnLxBAUuvl0iOb2rP84QYgclIdkTSxBcHlSB7urJeg3sPGMof2uQeJGb2MOTj48zOrjLv1SYNIBw-8TyISmZZ8ENiUKTYDYQfmwPXdXp-c8GAwZRfhYTklFfQmIoGjB1mp1JgZgfCzNWa7yM7vxqddA61_pOO5MmUtgN3DGe5QMirhAyBc9HxscTZakgSruazaa-VeWw3Tl--WilQ8jen1T-13zrOKaPi2q0ZD7KfHr76s7y_UxR6PLAQLu3YCLxeRR44Kvs_UqA%252C
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Archivo:wght@400;600&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Archivo:wght@400;600&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Archivo:wght@400;600&amp;display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dgame.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 22:27:34 GMT
date: Sun, 23 Oct 2022 22:27:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

free3dgame.xyz/files/main.css

146.190.28.107

200 OK

0 B

URL HTTP/2
free3dgame.xyz/files/main.css
IP
146.190.28.107:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/main.css HTTP/1.1
Host: free3dgame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:34 GMT
content-type: text/css
last-modified: Wed, 25 May 2022 07:54:53 GMT
vary: Accept-Encoding
etag: W/"628de0cd-11de"
expires: Mon, 24 Oct 2022 10:27:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364

146.190.28.107

200 OK

0 B

URL HTTP/2
free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364
IP
146.190.28.107:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364 HTTP/1.1
Host: free3dgame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:34 GMT
content-type: text/html
last-modified: Tue, 24 May 2022 17:49:19 GMT
vary: Accept-Encoding
etag: W/"628d1a9f-730"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

free3dgame.xyz/files/jquery.min.js

146.190.28.107

200 OK

0 B

URL HTTP/2
free3dgame.xyz/files/jquery.min.js
IP
146.190.28.107:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/jquery.min.js HTTP/1.1
Host: free3dgame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dgame.xyz/?key=byq8yz76skm800fc6ylf&code=6355bfd64579870001344a07&sub1=&sub2=Sexually+Submission+low&sub3=topsolutionsmedia&sub4=6359262-1264786048-2966871915&sub5=364
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 22:27:34 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 10:25:01 GMT
vary: Accept-Encoding
etag: W/"628cb27d-15851"
expires: Mon, 24 Oct 2022 10:27:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (49)

URL HTTP/1.1