Report - ak.sv

Report Overview

Visited public
2024-01-20 21:19:12
Tags
Submit Tags
URL
ak.sv
Finishing URL
ak.sv/
IP / ASN
104.21.20.147
#13335 CLOUDFLARENET
Title
اكوام | موقع التحميل و المشاهدة العربي الاول

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
interbuzznews.com	237501	2018-07-24	2018-08-10 18:24:14	2024-01-20 21:14:36	5.8 kB	63 kB	139.45.197.154
ak.sv	unknown	unknown	2023-07-04 10:56:12	2024-01-05 10:04:12	13 kB	880 kB	172.67.193.35
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-01-20 18:29:54	857 B	160 kB	142.250.74.168
img.akw.onl	unknown	2023-02-13	2023-02-13 17:51:51	2023-12-24 22:58:03	420 B	1.6 kB	104.21.77.114
soocaips.com	unknown	2023-06-06	2023-06-06 12:36:58	2024-01-06 01:43:17	1.9 kB	49 kB	139.45.197.244
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2024-01-20 17:55:51	443 B	734 B	139.45.195.8
cameesse.net	unknown	2023-10-18	2023-10-18 14:31:33	2024-01-19 19:52:06	5.3 kB	482 kB	139.45.197.242

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-01-20	medium	soocaips.com	Sinkholed
2024-01-20	medium	soocaips.com	Sinkholed
2024-01-20	medium	soocaips.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	ak.sv/	ScriptElement	1.3 kB	2023-03-08	2024-08-21
Pretty URL ak.sv/ IP 172.67.193.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 00:20 Last Seen2024-08-21 08:09 Times Seen7 Hash d97c69648971938db8a4559585a68ec7 db1c31e249eb59c8fa2f58b120d965a96f6e756e 4fccc9be5ea1bae4d2f5126b5f5de01dd3ceb97c0d3708cafa7be268cdf28c45 Loading...

	www.googletagmanager.com/gtag/js?id=G-LYBJP286GM	ScriptElement	280 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-LYBJP286GM IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 11:41 Last Seen2024-08-20 11:41 Times Seen1 Hash a3bdfcd79f01343a8e760dc6c67c0d9f 0943ac99460f92757e373fbc7e13e687d227b8c0 aa002f0f1ae4a583ad59d50aef29b1ffda44cda550b614fc0b5f57d569fda2b4 Loading...

	ak.sv/style/assets/js/jquery-3.2.1.min.js	ScriptElement	87 kB	2023-03-07	2025-07-16
Pretty URL ak.sv/style/assets/js/jquery-3.2.1.min.js IP 172.67.193.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 08:25 Times Seen42962 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	ak.sv/	ScriptElement	59 kB	2023-11-05	2025-03-09
Pretty URL ak.sv/ IP 172.67.193.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-05 21:54 Last Seen2025-03-09 04:01 Times Seen30 Hash 1930b44cb7cd1fcdfec4543a63e6e7e0 a58928a471c9a1df21b889791ea00ced9ff25c7f a2809e21dc8b0bdd0d3c066ebc739c725143d8e4a58f295bae2403bb32977995 Loading...

	soocaips.com/tag.min.js	ScriptElement	82 kB	2024-01-20	2024-08-20
Pretty URL soocaips.com/tag.min.js IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 02:44 Last Seen2024-08-20 11:45 Times Seen129 Hash 9f448ef30551cb6b1974328a4d7b6844 ecaeaf11b025fe0250bf6acaaf5447c483b214e4 8c9d849ad3c13d166424b8ad0b8b369aabf0b7e7249af8edc8343c80c33cd390 Loading...

	cameesse.net/1?z=6601120&var=6546154	ScriptElement	43 kB	2024-08-20	2024-08-20
Pretty URL cameesse.net/1?z=6601120&var=6546154 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 11:41 Last Seen2024-08-20 11:41 Times Seen1 Hash 244ba23e1e996caa9f9a48bddc7834c0 5ebacb3c7cbb87cb9ba2ea0fba8e1408fbbae87d fd0c88668eebccbafb2ac5d8cbe7a76c7bffbdc72c2bf968ba34ce86cdbcc139 Loading...

	ak.sv/	ScriptElement	445 B	2023-11-05	2025-03-09
Pretty URL ak.sv/ IP 172.67.193.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-05 21:54 Last Seen2025-03-09 04:01 Times Seen30 Hash 273356fdf49932164b05a8762f03fd56 48684ba6d9b6b7e3a0743b5d8b12584cd208277b 0a4e17b463d6bddd1de6385c9c15e1c8dab7185cca3a4ac85e451f1e0a8af239 Loading...

	ak.sv/	ScriptElement	153 B	2023-03-29	2025-06-10
Pretty URL ak.sv/ IP 172.67.193.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 23:58 Last Seen2025-06-10 10:19 Times Seen51 Hash 7af425a9d74fe98e2a9cc9c2fe1fe45a 1129575e72dc330be7985436e7411487a49b5702 af6eca41735496d542d8bdda9effb59f16a628cc5818b5918b6b92ff34646bbb Loading...

	www.googletagmanager.com/gtag/js?id=UA-262083515-1&l=dataLayer&cx=c	ScriptElement	180 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=UA-262083515-1&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 11:41 Last Seen2024-08-20 11:41 Times Seen1 Hash 7cdfe61d663045dc7fef9992bc1cf140 33c36d5788c50fa435be6cac63417c0db694bb9b 56ccecaebacdf394cef9c9e47a85aaad5de15db5e78f5daa9e9927ceb7f1f682 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-07-16
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-16 08:28 Times Seen409183 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	interbuzznews.com/?l=UkToEoDPfrrKFFi&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3575760352%26z%3D6601120%26b%3D19952494%26c%3D7789698%26var%3D6546154%26varid%3D0%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D1460%2526key%253Dbefa2f138863c1d7c21870c95955c0fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dbq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D622fe3d2-9f93-49c2-a426-8885f35939c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fak.sv%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0	ScriptElement	0 B	0001-01-01	2025-07-16
Pretty URL interbuzznews.com/?l=UkToEoDPfrrKFFi&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3575760352%26z%3D6601120%26b%3D19952494%26c%3D7789698%26var%3D6546154%26varid%3D0%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D1460%2526key%253Dbefa2f138863c1d7c21870c95955c0fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dbq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D622fe3d2-9f93-49c2-a426-8885f35939c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fak.sv%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 IP 139.45.197.154 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-16 08:29 Times Seen5434287 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ak.sv/style/assets/js/plugins/typed.min.js	ScriptElement	12 kB	2023-03-08	2025-07-09
Pretty URL ak.sv/style/assets/js/plugins/typed.min.js IP 172.67.193.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:20 Last Seen2025-07-09 03:11 Times Seen58 Hash 8adfb3a95c5eb23321fc2b40b672fdec 3dbdee38aa38056d8247b6d4ce3b604f9105258d 960d3c7144bd7d1695869610cb719fa0d30c5ca692eb76e1497a96f0c7ee001c Loading...

	ak.sv/	ScriptElement	424 B	2023-03-08	2025-06-10
Pretty URL ak.sv/ IP 172.67.193.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 00:20 Last Seen2025-06-10 10:19 Times Seen51 Hash aa2be028df3709817161d6293405baa6 05fd5debb017d2c3cc6b6b6bad7ca2fb18c37b54 588b3cc9879261d501c6564315e9ffab830a2f16dd634a95dd2847ddc7d65c97 Loading...

	ak.sv/sandbox%20eval%20code		147 B	2023-04-11	2025-07-16
Pretty URL ak.sv/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-16 08:28 Times Seen409590 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	cameesse.net/27/4e75f1b34f01fbdc8712a12f1943297a	ScriptElement	413 kB	2024-01-15	2024-08-20
Pretty URL cameesse.net/27/4e75f1b34f01fbdc8712a12f1943297a IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-15 14:52 Last Seen2024-08-20 12:27 Times Seen49 Hash 8ea6a9ea310dd08d80419a465fe5aa3d 21461737a669990caaea14273239b364e3785213 1b9453b6abbb91a88b95a5f310aab86ad9593da2f8b6a3e02e2cfb3bfe31e3a7 Loading...

HTTP Transactions (35)

URL IP Response Size

GET ak.sv/style/assets/images/AKWAM-APP.png

172.67.193.35

200 OK

7.8 kB

URL GET HTTP/3
ak.sv/style/assets/images/AKWAM-APP.png
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
PNG image data, 117 x 117, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7785 bytes)
Hash
448d304cd83cd2be55b07118bf2b5a2a
cd58d26e91037729558d32a7997dd6201bdd0454
eb42c56279a6ec68229b79b6cfa7309f5f8473c23827488121baabead5a7b56f

HTTP Headers

GET /style/assets/images/AKWAM-APP.png HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:44 GMT
content-type: image/png
content-length: 7785
cache-control: public, max-age=2592000
expires: Wed, 07 Feb 2024 06:51:10 GMT
last-modified: Wed, 19 Apr 2023 05:52:02 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1088854
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPK4TSCjq4hbCLOaf6al6n4ZZeFFOgI%2BUKpgYlOKrp7l0eTp2bYpLH6qTWc5ZdxXFr4afMhPfv%2Bv%2F0fOQWfHN3p1umSA%2FiB2cGACYjI3RDebKKrpCxEQhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0a787356ba-OSL
alt-svc: h3=":443"; ma=86400

GET www.googletagmanager.com/gtag/js?id=G-LYBJP286GM

142.250.74.168

200 OK

93 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-LYBJP286GM
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint8F:9C:3B:A4:59:1A:06:DC:19:DB:A1:30:5D:19:81:20:9E:19:31:AE
ValidityMon, 11 Dec 2023 08:03:30 GMT - Mon, 04 Mar 2024 08:03:29 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
93 kB (93077 bytes)
Hash
a3bdfcd79f01343a8e760dc6c67c0d9f
0943ac99460f92757e373fbc7e13e687d227b8c0
aa002f0f1ae4a583ad59d50aef29b1ffda44cda550b614fc0b5f57d569fda2b4

HTTP Headers

GET /gtag/js?id=G-LYBJP286GM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 Jan 2024 21:18:44 GMT
expires: Sat, 20 Jan 2024 21:18:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93077
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET img.akw.onl/thumb/32x32/default.jpg

104.21.77.114

200 OK

847 B

URL GET HTTP/2
img.akw.onl/thumb/32x32/default.jpg
IP
104.21.77.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectakw.onl
FingerprintE4:04:89:2E:7D:6B:EE:0C:89:F5:B2:37:06:5F:A7:7E:C0:04:A9:AA
ValidityTue, 05 Dec 2023 12:10:17 GMT - Mon, 04 Mar 2024 12:10:16 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 32x32, components 3
Size
847 B (847 bytes)
Hash
29daa8c1ca9e8b4a395301cf7f65dbe3
896c12d3b13b6544a8cd76828daeb8a2d53c1a10
e81e758acf88596341acb214e3ed54231502519cb6acdf5c520a255b90e3cf36

HTTP Headers

GET /thumb/32x32/default.jpg HTTP/1.1
Host: img.akw.onl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: image/jpeg
content-length: 847
last-modified: Fri, 13 Jan 2023 20:20:08 GMT
cache-control: public, max-age=2592000
expires: Thu, 25 Jan 2024 06:16:44 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2214121
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjZXmhzHfjVW6cRG16Ol0tLWeqDTRo8UbAtkNa%2FAban%2BTJLno%2FAeehrBco5RWzwPYyUDyZWwvxXTAzO0IqU6NRT8NnT8446thhuc3OelfdLHTGfhKsTKwiCP69oRTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0b9fa55685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ak.sv/style/assets/images/home-bg.webp

172.67.193.35

200 OK

123 kB

URL GET HTTP/3
ak.sv/style/assets/images/home-bg.webp
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
123 kB (123240 bytes)
Hash
fdd70cb289c529fe02212029ef4d7db9
2948a84d71ac5617f65c75b961e00994e1a1db37
e81a4d369bcb24a256819ff0744653d9f1406350630ce038f58de1dacf491402

HTTP Headers

GET /style/assets/images/home-bg.webp HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: image/webp
content-length: 123240
cache-control: public, max-age=604800
expires: Sat, 27 Jan 2024 12:47:19 GMT
last-modified: Sat, 14 Oct 2023 18:52:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 30686
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1T0upQYFjHk1jBuIQunBN0uNwsYRzQ4KpPqs9%2BC1jWU6xqWZqIvqYEsxv9k1zWerrPJo1n7pJ74SjwZUQoyTYZVM8MwzuvU%2BXJvMM3%2Fho5Ij8rtHHPCDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0ba97756ba-OSL
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/images/site-new.webp

172.67.193.35

200 OK

103 kB

URL GET HTTP/3
ak.sv/style/assets/images/site-new.webp
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
103 kB (103092 bytes)
Hash
00ee7e0c859208f46a41d623c1d64aaa
d991db07f6cb2a8e679ece4dbd4316bdcbe90bc2
708cb7690bfff2d16a1de8f1025ca65138547ea1f34c30b499b1419a3a1d2ea8

HTTP Headers

GET /style/assets/images/site-new.webp HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: image/webp
content-length: 103092
cache-control: public, max-age=604800
expires: Sat, 27 Jan 2024 12:47:19 GMT
last-modified: Thu, 03 Sep 2020 15:24:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 30686
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJ%2BJRFbe%2F%2B2JuxCDuUrXqYCSrfsaNjiB1ae0xrxZf3iVg8sBHskzxpIKc4WRUNcRM%2Ff1s6mkv4eI9i2YaxF9uYQDNP243Bbi1y%2BMlc9asnqkZkSsh2Tu7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0bb98756ba-OSL
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/css/fonts/font/STC-Regular.woff

172.67.193.35

200 OK

58 kB

URL GET HTTP/3
ak.sv/style/assets/css/fonts/font/STC-Regular.woff
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
Web Open Font Format, CFF, length 58212, version 0.0
Size
58 kB (58212 bytes)
Hash
9f91fa3bb23f5a8b3bf02a3f1a301cd8
df0e8c471b029048b68c93969b89fb96c94a5dcc
5be2459e8c73ccaa9010583c7caca8a177f848b047c250a2d4e066a0a19778f2

HTTP Headers

GET /style/assets/css/fonts/font/STC-Regular.woff HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: font/woff
content-length: 58212
cache-control: public, max-age=604800
expires: Sat, 27 Jan 2024 16:25:14 GMT
last-modified: Sun, 13 Oct 2019 08:41:56 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsSEK22n7VLFflftS4ImELvf6fWMU1hbwSdzd8riH4fP70sgAV8qVny%2BJ7kh5q7SB%2B7yOlpY6CncCHEMJ925ZbJ5Vdo7Cv344MCF02HyEMmsFRAqWaNg5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0c09dd56ba-OSL
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/css/fonts/font/STC-Light.woff

172.67.193.35

200 OK

56 kB

URL GET HTTP/3
ak.sv/style/assets/css/fonts/font/STC-Light.woff
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
Web Open Font Format, CFF, length 56032, version 0.0
Size
56 kB (56032 bytes)
Hash
05838181e09400aa3afc3dde89c4fbb2
8e58a477675ffe9d1c226e7b3e533553effb493d
4268923c5463a7b063bc81435ff8f51c09453fc410e42b41ab33f153aea2a93a

HTTP Headers

GET /style/assets/css/fonts/font/STC-Light.woff HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: font/woff
content-length: 56032
cache-control: public, max-age=604800
expires: Sat, 27 Jan 2024 16:25:14 GMT
last-modified: Sun, 13 Oct 2019 08:41:06 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mX6OFzPkPkrhh0fmqUiBfVmzEcoxrSishL1p8U7AJHp8BVzb7RA9Rb5ZRRbJUcY8m8fa4fiPpHMcH%2B17M9pzURDyIgP2fDODbDnc9xUQwY960De%2FeengCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0c09d556ba-OSL
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/css/fonts/font/STC-Bold.woff

172.67.193.35

200 OK

56 kB

URL GET HTTP/3
ak.sv/style/assets/css/fonts/font/STC-Bold.woff
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
Web Open Font Format, CFF, length 55720, version 0.0
Size
56 kB (55720 bytes)
Hash
596d43ed2daa2cb0db8b2198a18a2ae9
8e05ba1c03ff0a0b010ef8101c53b6f10da06c00
ce3a53b8041e20defc77ed59b9dca8b79fb240eff26cf8d0ad0d766e87c268ac

HTTP Headers

GET /style/assets/css/fonts/font/STC-Bold.woff HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: font/woff
content-length: 55720
cache-control: public, max-age=604800
expires: Sat, 27 Jan 2024 16:25:14 GMT
last-modified: Sun, 13 Oct 2019 08:38:46 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBtQii%2FdrWB3roOaz0m3UxWHyKSdD4AivKmEedtZWlLXNoRZ3DXyLr5rEvYPe5BZquCY3BjtAnI4OBrZGdIbuxgnFo2dNPkGXWhrkCGFe1WSW6NFIqbuiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0c19e256ba-OSL
alt-svc: h3=":443"; ma=86400

GET soocaips.com/tag.min.js

139.45.197.244

200 OK

26 kB

URL GET HTTP/2
soocaips.com/tag.min.js
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectsoocaips.com
Fingerprint8A:98:4F:8E:2F:6F:4E:33:52:4B:FE:54:F5:E8:D1:63:AD:12:EB:A3
ValidityMon, 13 Nov 2023 05:13:10 GMT - Sun, 11 Feb 2024 05:13:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25839 bytes)
Hash
9f448ef30551cb6b1974328a4d7b6844
ecaeaf11b025fe0250bf6acaaf5447c483b214e4
8c9d849ad3c13d166424b8ad0b8b369aabf0b7e7249af8edc8343c80c33cd390

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: soocaips.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 25839
content-encoding: br
x-trace-id: 284f831d1b2739a8f24c22dcbf0303a9
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 19 Jan 2024 16:54:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=UA-262083515-1&l=dataLayer&cx=c

142.250.74.168

200 OK

65 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-262083515-1&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint8F:9C:3B:A4:59:1A:06:DC:19:DB:A1:30:5D:19:81:20:9E:19:31:AE
ValidityMon, 11 Dec 2023 08:03:30 GMT - Mon, 04 Mar 2024 08:03:29 GMT

File type
JavaScript source, ASCII text, with very long lines (3035)
Size
65 kB (65188 bytes)
Hash
7cdfe61d663045dc7fef9992bc1cf140
33c36d5788c50fa435be6cac63417c0db694bb9b
56ccecaebacdf394cef9c9e47a85aaad5de15db5e78f5daa9e9927ceb7f1f682

HTTP Headers

GET /gtag/js?id=UA-262083515-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 Jan 2024 21:18:45 GMT
expires: Sat, 20 Jan 2024 21:18:45 GMT
cache-control: private, max-age=900
last-modified: Sat, 20 Jan 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

HEAD ak.sv/

172.67.193.35

200 OK

0 B

URL HEAD HTTP/3
ak.sv/
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IldjbXk2OHRXQnUrYUx1YUNBV0J6WGc9PSIsInZhbHVlIjoiVzNEZGRpM2ZyOHdmSlc5XC9UYnR5dHllc0JxeTByNVlNR2d5eGJaZEVkUDIxb0dkaGtuXC91OGlVXC9zMmtOM00zZyIsIm1hYyI6IjM0MDlkYzQxMTE2ZjNkZGNhMDY1MmQwMWE3MmQyNjM3ZTk4YmNmZWJlYjhlNzdmOTExYTA5N2M2NjcyMTMxOWEifQ%3D%3D; expires=Sun, 21-Jan-2024 03:18:45 GMT; Max-Age=21600; path=/; secure
akwam_session=eyJpdiI6IkFWOCswXC9uM2RkQ2JnOGQ4K0tcL3U4QT09IiwidmFsdWUiOiJabEhHYTY4TTdaeHlyeVdTZHFmZkZJQ0ZVSkZOVUt6TEl3N1ZQbkp3czJhV2pydzdZNDVmUDBwdXBsVEI3SDFnIiwibWFjIjoiNTU0ZWVjODA1N2ViMWUyZjhlYTk1MjA5ZTk0ZTJiYzM5ZGIxYzA0ODFiMTM0ZWY1MTU3ODM4Y2U3NzE4MTNhMCJ9; path=/; httponly; secure
ovT9brLmc0S5XVvuQHoWUTd5gmYcnXOk853YxtFO=eyJpdiI6ImVjMmNvbGdzUms0bTREVHZPbnJLU0E9PSIsInZhbHVlIjoiM2hVekNxRUUyOEJaUFJuaE5IZEhcL0tGTVwvWEFybG9qT2R6MTJ3Z1BWOUxXSHBnSGlySEs2cGNWWDUyKzY2bkMxVkJTdEw4OUhia2syMXZkRXNMMkNBREE2Z2ZlWEpRV1pMRk1BTjNBZWM3dkI3MGdEMWgwXC8wSU8wRVNTTnRcL0F1MUdlMzdva2FvWjZ3dnl5azI4dHJ4dWRLOVVpMThCY1JqaUVtd1wvZWRsc0srbW1yUmQ2S1g2M3g0RnN6V09PRldUQ09UcTJuUUZpcEN1MGRNSEl5Y3BwS2hCMmgwQm1UV1Fzd3BTcmNZeEV3PSIsIm1hYyI6Ijc1YTkzNmZkOTJjODdjYzViNDEyMWU3YmIxYmYwM2UyYmViNjZmOTQ3ZDQxYjZlMGI1NTY0NmJlNGY2ZTUyY2UifQ%3D%3D; expires=Sun, 21-Jan-2024 03:18:45 GMT; Max-Age=21600; path=/; httponly; secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNuurWc3vs8E%2FWrveSPO5arBnVCDT4ux56mDoC1QURjM8WtwQdK0cgdxb9Aij93Loi2LYV%2BypwvBUH%2FlPban3azG%2BkUWwbrG8dIMCmlPMA4LQ0nj3rYYpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0caa5356ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/css/fonts/font/STC-Light.woff

172.67.193.35

200 OK

56 kB

URL GET HTTP/3
ak.sv/style/assets/css/fonts/font/STC-Light.woff
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
Web Open Font Format, CFF, length 56032, version 0.0
Size
56 kB (56032 bytes)
Hash
05838181e09400aa3afc3dde89c4fbb2
8e58a477675ffe9d1c226e7b3e533553effb493d
4268923c5463a7b063bc81435ff8f51c09453fc410e42b41ab33f153aea2a93a

HTTP Headers

GET /style/assets/css/fonts/font/STC-Light.woff HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Cookie: _ga_LYBJP286GM=GS1.1.1705785525.1.0.1705785525.0.0.0; _ga=GA1.1.999793221.1705785525; XSRF-TOKEN=eyJpdiI6IldjbXk2OHRXQnUrYUx1YUNBV0J6WGc9PSIsInZhbHVlIjoiVzNEZGRpM2ZyOHdmSlc5XC9UYnR5dHllc0JxeTByNVlNR2d5eGJaZEVkUDIxb0dkaGtuXC91OGlVXC9zMmtOM00zZyIsIm1hYyI6IjM0MDlkYzQxMTE2ZjNkZGNhMDY1MmQwMWE3MmQyNjM3ZTk4YmNmZWJlYjhlNzdmOTExYTA5N2M2NjcyMTMxOWEifQ%3D%3D; akwam_session=eyJpdiI6IkFWOCswXC9uM2RkQ2JnOGQ4K0tcL3U4QT09IiwidmFsdWUiOiJabEhHYTY4TTdaeHlyeVdTZHFmZkZJQ0ZVSkZOVUt6TEl3N1ZQbkp3czJhV2pydzdZNDVmUDBwdXBsVEI3SDFnIiwibWFjIjoiNTU0ZWVjODA1N2ViMWUyZjhlYTk1MjA5ZTk0ZTJiYzM5ZGIxYzA0ODFiMTM0ZWY1MTU3ODM4Y2U3NzE4MTNhMCJ9; ovT9brLmc0S5XVvuQHoWUTd5gmYcnXOk853YxtFO=eyJpdiI6ImVjMmNvbGdzUms0bTREVHZPbnJLU0E9PSIsInZhbHVlIjoiM2hVekNxRUUyOEJaUFJuaE5IZEhcL0tGTVwvWEFybG9qT2R6MTJ3Z1BWOUxXSHBnSGlySEs2cGNWWDUyKzY2bkMxVkJTdEw4OUhia2syMXZkRXNMMkNBREE2Z2ZlWEpRV1pMRk1BTjNBZWM3dkI3MGdEMWgwXC8wSU8wRVNTTnRcL0F1MUdlMzdva2FvWjZ3dnl5azI4dHJ4dWRLOVVpMThCY1JqaUVtd1wvZWRsc0srbW1yUmQ2S1g2M3g0RnN6V09PRldUQ09UcTJuUUZpcEN1MGRNSEl5Y3BwS2hCMmgwQm1UV1Fzd3BTcmNZeEV3PSIsIm1hYyI6Ijc1YTkzNmZkOTJjODdjYzViNDEyMWU3YmIxYmYwM2UyYmViNjZmOTQ3ZDQxYjZlMGI1NTY0NmJlNGY2ZTUyY2UifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: font/woff
content-length: 56032
cache-control: public, max-age=604800
expires: Sat, 27 Jan 2024 16:25:14 GMT
last-modified: Sun, 13 Oct 2019 08:41:06 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOumatMsluHs2CH5mbvz2Fvj53tCQ2xnWpvC9hfFulWTkf46pgQP1WD5xPgXbG0lPbpoKPshLsZ%2F5QM%2F7adZgvRkfzPUWoNA2s%2FHokOvAhH8gKhQJP5vPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0edc8656ba-OSL
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/css/fonts/font/STC-Regular.woff

172.67.193.35

200 OK

58 kB

URL GET HTTP/3
ak.sv/style/assets/css/fonts/font/STC-Regular.woff
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
Web Open Font Format, CFF, length 58212, version 0.0
Size
58 kB (58212 bytes)
Hash
9f91fa3bb23f5a8b3bf02a3f1a301cd8
df0e8c471b029048b68c93969b89fb96c94a5dcc
5be2459e8c73ccaa9010583c7caca8a177f848b047c250a2d4e066a0a19778f2

HTTP Headers

GET /style/assets/css/fonts/font/STC-Regular.woff HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Cookie: _ga_LYBJP286GM=GS1.1.1705785525.1.0.1705785525.0.0.0; _ga=GA1.1.999793221.1705785525; XSRF-TOKEN=eyJpdiI6IldjbXk2OHRXQnUrYUx1YUNBV0J6WGc9PSIsInZhbHVlIjoiVzNEZGRpM2ZyOHdmSlc5XC9UYnR5dHllc0JxeTByNVlNR2d5eGJaZEVkUDIxb0dkaGtuXC91OGlVXC9zMmtOM00zZyIsIm1hYyI6IjM0MDlkYzQxMTE2ZjNkZGNhMDY1MmQwMWE3MmQyNjM3ZTk4YmNmZWJlYjhlNzdmOTExYTA5N2M2NjcyMTMxOWEifQ%3D%3D; akwam_session=eyJpdiI6IkFWOCswXC9uM2RkQ2JnOGQ4K0tcL3U4QT09IiwidmFsdWUiOiJabEhHYTY4TTdaeHlyeVdTZHFmZkZJQ0ZVSkZOVUt6TEl3N1ZQbkp3czJhV2pydzdZNDVmUDBwdXBsVEI3SDFnIiwibWFjIjoiNTU0ZWVjODA1N2ViMWUyZjhlYTk1MjA5ZTk0ZTJiYzM5ZGIxYzA0ODFiMTM0ZWY1MTU3ODM4Y2U3NzE4MTNhMCJ9; ovT9brLmc0S5XVvuQHoWUTd5gmYcnXOk853YxtFO=eyJpdiI6ImVjMmNvbGdzUms0bTREVHZPbnJLU0E9PSIsInZhbHVlIjoiM2hVekNxRUUyOEJaUFJuaE5IZEhcL0tGTVwvWEFybG9qT2R6MTJ3Z1BWOUxXSHBnSGlySEs2cGNWWDUyKzY2bkMxVkJTdEw4OUhia2syMXZkRXNMMkNBREE2Z2ZlWEpRV1pMRk1BTjNBZWM3dkI3MGdEMWgwXC8wSU8wRVNTTnRcL0F1MUdlMzdva2FvWjZ3dnl5azI4dHJ4dWRLOVVpMThCY1JqaUVtd1wvZWRsc0srbW1yUmQ2S1g2M3g0RnN6V09PRldUQ09UcTJuUUZpcEN1MGRNSEl5Y3BwS2hCMmgwQm1UV1Fzd3BTcmNZeEV3PSIsIm1hYyI6Ijc1YTkzNmZkOTJjODdjYzViNDEyMWU3YmIxYmYwM2UyYmViNjZmOTQ3ZDQxYjZlMGI1NTY0NmJlNGY2ZTUyY2UifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: font/woff
content-length: 58212
cache-control: public, max-age=604800
expires: Sat, 27 Jan 2024 16:25:14 GMT
last-modified: Sun, 13 Oct 2019 08:41:56 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k56U4zD2o52hccR08h0OW2W%2BCFvRwJHak13bcZJ6PGO2zqUNzg5NkYvwGVDYB5baiNH0gW3bRUGSqysEY1Sno%2BTSwYdGVlNQ4kCGZDE%2BqSNcc1%2FN7YOkrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0edc8856ba-OSL
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/css/fonts/font/STC-Bold.woff

172.67.193.35

200 OK

56 kB

URL GET HTTP/3
ak.sv/style/assets/css/fonts/font/STC-Bold.woff
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
Web Open Font Format, CFF, length 55720, version 0.0
Size
56 kB (55720 bytes)
Hash
596d43ed2daa2cb0db8b2198a18a2ae9
8e05ba1c03ff0a0b010ef8101c53b6f10da06c00
ce3a53b8041e20defc77ed59b9dca8b79fb240eff26cf8d0ad0d766e87c268ac

HTTP Headers

GET /style/assets/css/fonts/font/STC-Bold.woff HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Cookie: _ga_LYBJP286GM=GS1.1.1705785525.1.0.1705785525.0.0.0; _ga=GA1.1.999793221.1705785525; XSRF-TOKEN=eyJpdiI6IldjbXk2OHRXQnUrYUx1YUNBV0J6WGc9PSIsInZhbHVlIjoiVzNEZGRpM2ZyOHdmSlc5XC9UYnR5dHllc0JxeTByNVlNR2d5eGJaZEVkUDIxb0dkaGtuXC91OGlVXC9zMmtOM00zZyIsIm1hYyI6IjM0MDlkYzQxMTE2ZjNkZGNhMDY1MmQwMWE3MmQyNjM3ZTk4YmNmZWJlYjhlNzdmOTExYTA5N2M2NjcyMTMxOWEifQ%3D%3D; akwam_session=eyJpdiI6IkFWOCswXC9uM2RkQ2JnOGQ4K0tcL3U4QT09IiwidmFsdWUiOiJabEhHYTY4TTdaeHlyeVdTZHFmZkZJQ0ZVSkZOVUt6TEl3N1ZQbkp3czJhV2pydzdZNDVmUDBwdXBsVEI3SDFnIiwibWFjIjoiNTU0ZWVjODA1N2ViMWUyZjhlYTk1MjA5ZTk0ZTJiYzM5ZGIxYzA0ODFiMTM0ZWY1MTU3ODM4Y2U3NzE4MTNhMCJ9; ovT9brLmc0S5XVvuQHoWUTd5gmYcnXOk853YxtFO=eyJpdiI6ImVjMmNvbGdzUms0bTREVHZPbnJLU0E9PSIsInZhbHVlIjoiM2hVekNxRUUyOEJaUFJuaE5IZEhcL0tGTVwvWEFybG9qT2R6MTJ3Z1BWOUxXSHBnSGlySEs2cGNWWDUyKzY2bkMxVkJTdEw4OUhia2syMXZkRXNMMkNBREE2Z2ZlWEpRV1pMRk1BTjNBZWM3dkI3MGdEMWgwXC8wSU8wRVNTTnRcL0F1MUdlMzdva2FvWjZ3dnl5azI4dHJ4dWRLOVVpMThCY1JqaUVtd1wvZWRsc0srbW1yUmQ2S1g2M3g0RnN6V09PRldUQ09UcTJuUUZpcEN1MGRNSEl5Y3BwS2hCMmgwQm1UV1Fzd3BTcmNZeEV3PSIsIm1hYyI6Ijc1YTkzNmZkOTJjODdjYzViNDEyMWU3YmIxYmYwM2UyYmViNjZmOTQ3ZDQxYjZlMGI1NTY0NmJlNGY2ZTUyY2UifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: font/woff
content-length: 55720
cache-control: public, max-age=604800
expires: Sat, 27 Jan 2024 16:25:14 GMT
last-modified: Sun, 13 Oct 2019 08:38:46 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDRABAx0%2FRUckMyDztpVd9OfveITTt3alptPHjPMERcjhC1M2XIlc53zIHkV2d6nrxqIDTPuIgThuUBYjeBf8HE%2BVQtGKzIUTSqpqqIR00eNu9%2Fz%2FAIP1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0eec9256ba-OSL
alt-svc: h3=":443"; ma=86400

GET my.rtmark.net/gid.js?userId=5c95b0afa1704ca392bba7146dd06853

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=5c95b0afa1704ca392bba7146dd06853
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint41:21:53:7F:A2:C4:68:B1:CA:BC:47:66:5D:3C:CA:96:45:5E:71:15
ValiditySat, 23 Dec 2023 22:43:24 GMT - Fri, 22 Mar 2024 22:43:23 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
e7e886b3978adea9015c6ae80af2ab36
0f6cd8d07ca77c09eceba2bd042debd9c678a163
6d7c2b5b2c579117f3bc212860418505c47005d2dc5ab118afce885ade450a53

HTTP Headers

GET /gid.js?userId=5c95b0afa1704ca392bba7146dd06853 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ak.sv
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ak.sv
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5c95b0afa1704ca392bba7146dd06853; expires=Sun, 19 Jan 2025 21:18:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

POST cameesse.net/9?z=6601120&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&var=6546154&oaid=5c95b0afa1704ca392bba7146dd06853

139.45.197.242

200 OK

0 B

URL POST HTTP/2
cameesse.net/9?z=6601120&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&var=6546154&oaid=5c95b0afa1704ca392bba7146dd06853
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint23:7C:28:2C:97:BE:75:D0:19:66:1F:B0:CB:42:67:FF:F8:B0:3C:A6
ValidityFri, 12 Jan 2024 22:33:49 GMT - Thu, 11 Apr 2024 22:33:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=6601120&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&var=6546154&oaid=5c95b0afa1704ca392bba7146dd06853 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ak.sv/
Origin: https://ak.sv
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 20 Jan 2024 21:18:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ak.sv
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

GET cameesse.net/11?rnd=4093049279&z=6601120&b=19952494&var=6546154&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=bq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ==&ruid=622fe3d2-9f93-49c2-a426-8885f35939c9&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ot=89

139.45.197.242

200 OK

0 B

URL GET HTTP/2
cameesse.net/11?rnd=4093049279&z=6601120&b=19952494&var=6546154&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=bq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ==&ruid=622fe3d2-9f93-49c2-a426-8885f35939c9&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ot=89
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint23:7C:28:2C:97:BE:75:D0:19:66:1F:B0:CB:42:67:FF:F8:B0:3C:A6
ValidityFri, 12 Jan 2024 22:33:49 GMT - Thu, 11 Apr 2024 22:33:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=4093049279&z=6601120&b=19952494&var=6546154&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=bq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ==&ruid=622fe3d2-9f93-49c2-a426-8885f35939c9&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ot=89 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ak.sv
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Cookie: scm=1; OAID=5c95b0afa1704ca392bba7146dd06853; oaidts=1705785525
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:46 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ak.sv
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 5f254e9eab6f38ef76c051f1d5ef7a57
access-control-expose-headers: X-Sc
set-cookie: OAID=5c95b0afa1704ca392bba7146dd06853; expires=Sun, 19 Jan 2025 21:18:46 GMT; secure; SameSite=None
oaidts=1705785525; expires=Sun, 19 Jan 2025 21:18:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

139.45.197.242

200 OK

22 kB

URL POST HTTP/2
cameesse.net/9?z=6601120&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&var=6546154&oaid=5c95b0afa1704ca392bba7146dd06853
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint23:7C:28:2C:97:BE:75:D0:19:66:1F:B0:CB:42:67:FF:F8:B0:3C:A6
ValidityFri, 12 Jan 2024 22:33:49 GMT - Thu, 11 Apr 2024 22:33:48 GMT

File type
gzip compressed data, max speed, from Unix
Size
22 kB (21458 bytes)
Hash
ddb868b31e2c489f6af7cd17b334d4d0
3b7d98b85cee7182c5712766fc05aae22043bf9f
eff8a9c4e4853500f96326f30338f390fd59332e21d891648422e2ab3518141c

HTTP Headers

POST /9?z=6601120&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&var=6546154&oaid=5c95b0afa1704ca392bba7146dd06853 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 768
Origin: https://ak.sv
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Cookie: scm=1; OAID=c1490633813449e7a3a716926ffe04f0; oaidts=1705785525
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:46 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ak.sv
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 580f7bd46342df94a68b9f1cc0e8817c
access-control-expose-headers: X-Sc
set-cookie: OAID=5c95b0afa1704ca392bba7146dd06853; expires=Sun, 19 Jan 2025 21:18:46 GMT; secure; SameSite=None
oaidts=1705785525; expires=Sun, 19 Jan 2025 21:18:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET interbuzznews.com/contents/s/f3/2c/83/45997a9feb332493f5efb35007/013366100832.jpeg

139.45.197.154

200 OK

35 kB

URL GET HTTP/2
interbuzznews.com/contents/s/f3/2c/83/45997a9feb332493f5efb35007/013366100832.jpeg
IP
139.45.197.154:443
ASN
#9002 RETN Limited

Requested by
https://interbuzznews.com/?l=UkToEoDPfrrKFFi&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3575760352%26z%3D6601120%26b%3D19952494%26c%3D7789698%26var%3D6546154%26varid%3D0%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D1460%2526key%253Dbefa2f138863c1d7c21870c95955c0fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dbq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D622fe3d2-9f93-49c2-a426-8885f35939c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fak.sv%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Certificate
IssuerLet's Encrypt
Subjectinterbuzznews.com
Fingerprint6F:EA:DE:99:16:57:B3:EB:00:31:74:C7:1E:99:E6:69:0A:74:EA:D8
ValidityMon, 11 Dec 2023 05:13:19 GMT - Sun, 10 Mar 2024 05:13:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3
Size
35 kB (34908 bytes)
Hash
f32c8345997a9feb332493f5efb35007
55dbea23858581afb2b1ce94b6ccceb2e0820e2f
6fc06b69310c00dbd46644dc8d1dc9498108b553bb1f4423fde7ae0686d9a146

HTTP Headers

GET /contents/s/f3/2c/83/45997a9feb332493f5efb35007/013366100832.jpeg HTTP/1.1
Host: interbuzznews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://interbuzznews.com/?l=UkToEoDPfrrKFFi&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3575760352%26z%3D6601120%26b%3D19952494%26c%3D7789698%26var%3D6546154%26varid%3D0%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D1460%2526key%253Dbefa2f138863c1d7c21870c95955c0fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dbq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D622fe3d2-9f93-49c2-a426-8885f35939c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fak.sv%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:46 GMT
content-type: image/jpeg
content-length: 34908
last-modified: Mon, 25 Dec 2023 07:41:53 GMT
vary: Accept-Encoding
etag: "65893241-885c"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET soocaips.com/?rb=-L3s-j7K4UtiIF1ecb3v2eWnzOf2W4UQF0Pnkx_CZN5dfBHoibr0v8EDfkOzAdeQG9iuvreZjE8mbZHXmm5He3PgK3xJk4TDeGGfckK9-JNxpXRKGu8qoLul8KUWkkKWdEZ5Zp99nwvDIJwMYDls_CplLgAKKa5B815SApbQ5KBa580T8CzHfEbVWO5x6HpeB_R2s7CYb7ikvqo7l7BzbrjrMLS3b8y-sXgu-rYG0NxtLmA-T2X5Nw%3D%3D&request_ab2=0&zoneid=6546154&js_build=iclick-v1.658.1-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fak.sv%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.658.1-auto&bs=9fd15b58-3152-45f8-b428-6a9012d33d4a&userId=5c95b0afa1704ca392bba7146dd06853&m=link

139.45.197.244

200 OK

7.9 kB

URL GET HTTP/2
soocaips.com/?rb=-L3s-j7K4UtiIF1ecb3v2eWnzOf2W4UQF0Pnkx_CZN5dfBHoibr0v8EDfkOzAdeQG9iuvreZjE8mbZHXmm5He3PgK3xJk4TDeGGfckK9-JNxpXRKGu8qoLul8KUWkkKWdEZ5Zp99nwvDIJwMYDls_CplLgAKKa5B815SApbQ5KBa580T8CzHfEbVWO5x6HpeB_R2s7CYb7ikvqo7l7BzbrjrMLS3b8y-sXgu-rYG0NxtLmA-T2X5Nw%3D%3D&request_ab2=0&zoneid=6546154&js_build=iclick-v1.658.1-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fak.sv%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.658.1-auto&bs=9fd15b58-3152-45f8-b428-6a9012d33d4a&userId=5c95b0afa1704ca392bba7146dd06853&m=link
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectsoocaips.com
Fingerprint8A:98:4F:8E:2F:6F:4E:33:52:4B:FE:54:F5:E8:D1:63:AD:12:EB:A3
ValidityMon, 13 Nov 2023 05:13:10 GMT - Sun, 11 Feb 2024 05:13:09 GMT

File type
gzip compressed data, max speed, from Unix
Size
7.9 kB (7897 bytes)
Hash
1dcc605ee3bdd6c0a14205dcd4322abb
cda261747681e638a93545e877e83b3b47a2c887
840c98d08e84a3332187b65d749dfc13422049251671529a499b5675bda76581

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=-L3s-j7K4UtiIF1ecb3v2eWnzOf2W4UQF0Pnkx_CZN5dfBHoibr0v8EDfkOzAdeQG9iuvreZjE8mbZHXmm5He3PgK3xJk4TDeGGfckK9-JNxpXRKGu8qoLul8KUWkkKWdEZ5Zp99nwvDIJwMYDls_CplLgAKKa5B815SApbQ5KBa580T8CzHfEbVWO5x6HpeB_R2s7CYb7ikvqo7l7BzbrjrMLS3b8y-sXgu-rYG0NxtLmA-T2X5Nw%3D%3D&request_ab2=0&zoneid=6546154&js_build=iclick-v1.658.1-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fak.sv%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.658.1-auto&bs=9fd15b58-3152-45f8-b428-6a9012d33d4a&userId=5c95b0afa1704ca392bba7146dd06853&m=link HTTP/1.1
Host: soocaips.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ak.sv/
Origin: https://ak.sv
DNT: 1
Connection: keep-alive
Cookie: OAID=5c95b0afa1704ca392bba7146dd06853; oaidts=1705785525
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:46 GMT
content-type: application/json
x-trace-id: fa08be85cb4406dfde3439d714480d67
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://ak.sv
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5c95b0afa1704ca392bba7146dd06853; expires=Sun, 19 Jan 2025 21:18:46 GMT; path=/; secure; SameSite=None
oaidts=1705785526; expires=Sun, 19 Jan 2025 21:18:46 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 27 Jan 2024 21:18:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET soocaips.com/5/6546154/?oo=1&aab=1

139.45.197.244

200 OK

12 kB

URL GET HTTP/2
soocaips.com/5/6546154/?oo=1&aab=1
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectsoocaips.com
Fingerprint8A:98:4F:8E:2F:6F:4E:33:52:4B:FE:54:F5:E8:D1:63:AD:12:EB:A3
ValidityMon, 13 Nov 2023 05:13:10 GMT - Sun, 11 Feb 2024 05:13:09 GMT

File type
gzip compressed data, max speed, from Unix
Size
12 kB (12171 bytes)
Hash
cd9effb5a928e0d1f6750afef510c405
6143d540fc89f6f2a58db3ef937fc595c7ca99a7
7192e2ad437ddc056aa051d3f8320183e947fcc56a8f3f02033c1038a10766fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6546154/?oo=1&aab=1 HTTP/1.1
Host: soocaips.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ak.sv
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: application/json
x-trace-id: a0798a75eb791b6055faec7366b1c192
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://ak.sv
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=5c95b0afa1704ca392bba7146dd06853; expires=Sun, 19 Jan 2025 21:18:45 GMT; path=/; secure; SameSite=None
oaidts=1705785525; expires=Sun, 19 Jan 2025 21:18:45 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET cameesse.net/11?rnd=4093049279&z=6601120&b=19952494&var=6546154&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=bq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ==&ruid=622fe3d2-9f93-49c2-a426-8885f35939c9&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1

139.45.197.242

200 OK

0 B

URL GET HTTP/2
cameesse.net/11?rnd=4093049279&z=6601120&b=19952494&var=6546154&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=bq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ==&ruid=622fe3d2-9f93-49c2-a426-8885f35939c9&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint23:7C:28:2C:97:BE:75:D0:19:66:1F:B0:CB:42:67:FF:F8:B0:3C:A6
ValidityFri, 12 Jan 2024 22:33:49 GMT - Thu, 11 Apr 2024 22:33:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=4093049279&z=6601120&b=19952494&var=6546154&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=bq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ==&ruid=622fe3d2-9f93-49c2-a426-8885f35939c9&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fak.sv%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ak.sv
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Cookie: scm=1; OAID=5c95b0afa1704ca392bba7146dd06853; oaidts=1705785525
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:46 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ak.sv
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 388bd25200e7e06a0aaa308d8e6fe001
access-control-expose-headers: X-Sc
set-cookie: OAID=5c95b0afa1704ca392bba7146dd06853; expires=Sun, 19 Jan 2025 21:18:46 GMT; secure; SameSite=None
oaidts=1705785525; expires=Sun, 19 Jan 2025 21:18:46 GMT; secure; SameSite=None
oaidvc=1; expires=Sun, 19 Jan 2025 21:18:46 GMT; secure; SameSite=None
CNT=1_v1_bnMwAQEAAAAeTQAA; expires=Sat, 20 Jan 2024 22:18:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

GET ak.sv/style/assets/css/fonts/icons/icons.ttf?4xtr0l

172.67.193.35

200 OK

14 kB

URL GET HTTP/3
ak.sv/style/assets/css/fonts/icons/icons.ttf?4xtr0l
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icons
Size
14 kB (14516 bytes)
Hash
c9f56bfa781bcf987ce7a263e6f9abf5
446c16fc4eb84d299a798871f2ce398352451d35
13f07b30c61171dcc8a09df0f3ea274b61623b6eda2d90ad77e9b91e9d5cdaa7

HTTP Headers

GET /style/assets/css/fonts/icons/icons.ttf?4xtr0l HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/style/assets/css/plugins.css?v=1.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: font/ttf
cache-control: public, max-age=604800
expires: Sat, 27 Jan 2024 13:13:44 GMT
last-modified: Sat, 18 Apr 2020 10:14:08 GMT
vary: Accept-Encoding,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 29101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6j99JGCGH3DO98Ekb12QnVvLK5SG1wBfpmEOUHsGl5gDr3H5o24wl8hR%2B%2BGlid4kNQTjYy3HXLB4rX2JVTZKHJRAqkMXQ5pSh69zs9wotz7jelyLt1f5%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0c19e156ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET cameesse.net/1?z=6601120&var=6546154

139.45.197.242

200 OK

43 kB

URL GET HTTP/2
cameesse.net/1?z=6601120&var=6546154
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint23:7C:28:2C:97:BE:75:D0:19:66:1F:B0:CB:42:67:FF:F8:B0:3C:A6
ValidityFri, 12 Jan 2024 22:33:49 GMT - Thu, 11 Apr 2024 22:33:48 GMT

File type
JavaScript source, ASCII text, with very long lines (41975)
Size
43 kB (42971 bytes)
Hash
244ba23e1e996caa9f9a48bddc7834c0
5ebacb3c7cbb87cb9ba2ea0fba8e1408fbbae87d
fd0c88668eebccbafb2ac5d8cbe7a76c7bffbdc72c2bf968ba34ce86cdbcc139

HTTP Headers

GET /1?z=6601120&var=6546154 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: a5b292992da429a013481e455d2908ad
access-control-expose-headers: X-Sc
x-sc: lS76WjIB2Te8w_zqbHbRexZBy8R6332u9j1qJc-Lk3hv3NE3uM2JXHpHCtWzQ3-OEE48_N2nJBx7xFbS5nI7l5NYtwo=
set-cookie: scm=1; expires=Sun, 19 Jan 2025 21:18:45 GMT; secure; SameSite=None
OAID=c1490633813449e7a3a716926ffe04f0; expires=Sun, 19 Jan 2025 21:18:45 GMT; secure; SameSite=None
oaidts=1705785525; expires=Sun, 19 Jan 2025 21:18:45 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET ak.sv/favicon.ico

172.67.193.35

200 OK

1.2 kB

URL GET HTTP/3
ak.sv/favicon.ico
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
2376a12969d0686921f40c910479afd1
3df3decbd8de3db9bda4702e7595272e3d33f64a
71b49f01b9e5a4b36e787135b77f40f92ca23a49e04fd47aa8c6ad1073b67692

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Cookie: _ga_LYBJP286GM=GS1.1.1705785525.1.0.1705785525.0.0.0; _ga=GA1.1.999793221.1705785525; XSRF-TOKEN=eyJpdiI6IldjbXk2OHRXQnUrYUx1YUNBV0J6WGc9PSIsInZhbHVlIjoiVzNEZGRpM2ZyOHdmSlc5XC9UYnR5dHllc0JxeTByNVlNR2d5eGJaZEVkUDIxb0dkaGtuXC91OGlVXC9zMmtOM00zZyIsIm1hYyI6IjM0MDlkYzQxMTE2ZjNkZGNhMDY1MmQwMWE3MmQyNjM3ZTk4YmNmZWJlYjhlNzdmOTExYTA5N2M2NjcyMTMxOWEifQ%3D%3D; akwam_session=eyJpdiI6IkFWOCswXC9uM2RkQ2JnOGQ4K0tcL3U4QT09IiwidmFsdWUiOiJabEhHYTY4TTdaeHlyeVdTZHFmZkZJQ0ZVSkZOVUt6TEl3N1ZQbkp3czJhV2pydzdZNDVmUDBwdXBsVEI3SDFnIiwibWFjIjoiNTU0ZWVjODA1N2ViMWUyZjhlYTk1MjA5ZTk0ZTJiYzM5ZGIxYzA0ODFiMTM0ZWY1MTU3ODM4Y2U3NzE4MTNhMCJ9; ovT9brLmc0S5XVvuQHoWUTd5gmYcnXOk853YxtFO=eyJpdiI6ImVjMmNvbGdzUms0bTREVHZPbnJLU0E9PSIsInZhbHVlIjoiM2hVekNxRUUyOEJaUFJuaE5IZEhcL0tGTVwvWEFybG9qT2R6MTJ3Z1BWOUxXSHBnSGlySEs2cGNWWDUyKzY2bkMxVkJTdEw4OUhia2syMXZkRXNMMkNBREE2Z2ZlWEpRV1pMRk1BTjNBZWM3dkI3MGdEMWgwXC8wSU8wRVNTTnRcL0F1MUdlMzdva2FvWjZ3dnl5azI4dHJ4dWRLOVVpMThCY1JqaUVtd1wvZWRsc0srbW1yUmQ2S1g2M3g0RnN6V09PRldUQ09UcTJuUUZpcEN1MGRNSEl5Y3BwS2hCMmgwQm1UV1Fzd3BTcmNZeEV3PSIsIm1hYyI6Ijc1YTkzNmZkOTJjODdjYzViNDEyMWU3YmIxYmYwM2UyYmViNjZmOTQ3ZDQxYjZlMGI1NTY0NmJlNGY2ZTUyY2UifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Sat, 27 Jan 2024 09:39:06 GMT
last-modified: Sun, 24 Nov 2019 10:12:28 GMT
vary: Accept-Encoding,Accept-Encoding
cf-cache-status: HIT
age: 41979
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yS2gPR25rzbIGepJW77VczRSgjzjES9sJWD%2FFi0gv7bONzbuVGVZUobEZEpO75VWncKLrN8c9qNCCb4fVyGrfAH2U9%2BZrCsfR7k8yXH6F7%2FMf0vW4HeF2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0fcd6156ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET interbuzznews.com/contents/s/e3/d5/a8/ee7309db34d6c63067a9cdaa45/01574443520987.jpeg

139.45.197.154

200 OK

16 kB

URL GET HTTP/2
interbuzznews.com/contents/s/e3/d5/a8/ee7309db34d6c63067a9cdaa45/01574443520987.jpeg
IP
139.45.197.154:443
ASN
#9002 RETN Limited

Requested by
https://interbuzznews.com/?l=UkToEoDPfrrKFFi&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3575760352%26z%3D6601120%26b%3D19952494%26c%3D7789698%26var%3D6546154%26varid%3D0%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D1460%2526key%253Dbefa2f138863c1d7c21870c95955c0fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dbq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D622fe3d2-9f93-49c2-a426-8885f35939c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fak.sv%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Certificate
IssuerLet's Encrypt
Subjectinterbuzznews.com
Fingerprint6F:EA:DE:99:16:57:B3:EB:00:31:74:C7:1E:99:E6:69:0A:74:EA:D8
ValidityMon, 11 Dec 2023 05:13:19 GMT - Sun, 10 Mar 2024 05:13:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3
Size
16 kB (16265 bytes)
Hash
e3d5a8ee7309db34d6c63067a9cdaa45
3b8fac72ccecf38e1b5e109ee7fce1c383917f82
9ac50ac619f85ed431ff4669ec641f5c24793f549da2ac7cb29df658cb168501

HTTP Headers

GET /contents/s/e3/d5/a8/ee7309db34d6c63067a9cdaa45/01574443520987.jpeg HTTP/1.1
Host: interbuzznews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://interbuzznews.com/?l=UkToEoDPfrrKFFi&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3575760352%26z%3D6601120%26b%3D19952494%26c%3D7789698%26var%3D6546154%26varid%3D0%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D1460%2526key%253Dbefa2f138863c1d7c21870c95955c0fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dbq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D622fe3d2-9f93-49c2-a426-8885f35939c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fak.sv%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:46 GMT
content-type: image/jpeg
content-length: 16265
last-modified: Mon, 25 Dec 2023 07:41:53 GMT
vary: Accept-Encoding
etag: "65893241-3f89"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cameesse.net/27/4e75f1b34f01fbdc8712a12f1943297a

139.45.197.242

200 OK

413 kB

URL GET HTTP/2
cameesse.net/27/4e75f1b34f01fbdc8712a12f1943297a
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint23:7C:28:2C:97:BE:75:D0:19:66:1F:B0:CB:42:67:FF:F8:B0:3C:A6
ValidityFri, 12 Jan 2024 22:33:49 GMT - Thu, 11 Apr 2024 22:33:48 GMT

File type
JavaScript source, ASCII text, with very long lines (65523)
Size
413 kB (412861 bytes)
Hash
8ea6a9ea310dd08d80419a465fe5aa3d
21461737a669990caaea14273239b364e3785213
1b9453b6abbb91a88b95a5f310aab86ad9593da2f8b6a3e02e2cfb3bfe31e3a7

HTTP Headers

GET /27/4e75f1b34f01fbdc8712a12f1943297a HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Cookie: scm=1; OAID=c1490633813449e7a3a716926ffe04f0; oaidts=1705785525
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 7861428d79c5861099933e740c55a764
cache-control: max-age:290304000, public
last-modified: Mon, 15 Jan 2024 08:07:28 GMT
expires: Mon, 14 Feb 2084 08:07:28 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

GET interbuzznews.com/?l=UkToEoDPfrrKFFi&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3575760352%26z%3D6601120%26b%3D19952494%26c%3D7789698%26var%3D6546154%26varid%3D0%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D1460%2526key%253Dbefa2f138863c1d7c21870c95955c0fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dbq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D622fe3d2-9f93-49c2-a426-8885f35939c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fak.sv%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0

139.45.197.154

200 OK

9.6 kB

URL GET HTTP/2
interbuzznews.com/?l=UkToEoDPfrrKFFi&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3575760352%26z%3D6601120%26b%3D19952494%26c%3D7789698%26var%3D6546154%26varid%3D0%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D1460%2526key%253Dbefa2f138863c1d7c21870c95955c0fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dbq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D622fe3d2-9f93-49c2-a426-8885f35939c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fak.sv%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP
139.45.197.154:443
ASN
#9002 RETN Limited

Requested by
https://ak.sv/
Certificate
IssuerLet's Encrypt
Subjectinterbuzznews.com
Fingerprint6F:EA:DE:99:16:57:B3:EB:00:31:74:C7:1E:99:E6:69:0A:74:EA:D8
ValidityMon, 11 Dec 2023 05:13:19 GMT - Sun, 10 Mar 2024 05:13:18 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (9969), with no line terminators
Size
9.6 kB (9649 bytes)
Hash
a6734fd326e37d6f27275c2db6c64448
1b21ddeb8f1f55faec1d01fc5ab441b4d5ebefd7
aa666661e0b5dcc2bdbc1f1598eb9aefc769a0359816b42be180f388a03a93bb

HTTP Headers

GET /?l=UkToEoDPfrrKFFi&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3575760352%26z%3D6601120%26b%3D19952494%26c%3D7789698%26var%3D6546154%26varid%3D0%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D1460%2526key%253Dbefa2f138863c1d7c21870c95955c0fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dbq66fF4d8pD_k9rkwud5b8__4DuFodJeqdadn4u5NYxp9TEfUVvnleFqVQNVFS4uPrCpV-PwkfQU3aZDUfswZTGLL7UeV7v3DRrA9M2GjMiZN6B6D1Fa7dqx_VW2mpp65kJKOMI3gFkBu4SJkKEirZ2mI2BCKj1rwXXq_o1_bf4qYo7tTulXUE_u8LDQz5M6MsTZ8Uojw6u5ZHjccUe6dZJss0bIvHwMkLy9N7Pf_eEpKeEPSIVWXaQw0G34X1Lh0_AjzvsU0tVHbfI1WJDjUiTlsBjVXQERvq-CxIF__iobH_G2-EdjYTYPS5La4xu63tQcK9spUi3hWjjOqANC42MmaMI7dvWbWuJI2KHIpdfYWF3TrWXXN8BAzvlB00czi9TmeZz8j3HKBv0PFiExlky18Uz8NPcT5BX2t3AIWS4LEl72q4dBQ0ibedriLJ1QF1a6rmEauNrXb1R9z7WHoAlhkm8mA3Wy4hKzjb7bSbGELfBXSBH3VxunLi-DJLRLYrlfVYjCXcaqV9KFcSH8wwy6cKK_HDHgLMXTqVKZmSm2Z85Ag3AH8G8oWxRb-Jp7sxOgrmATwE7LSMdoTyCL3u6Yta79oM3DHSrvaz9fh3UlTsgmvJFdxVadOobPP-UdeayPCpMdFVLfXmnDxwv-g-da_0QxhuH7_uptOQ%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D622fe3d2-9f93-49c2-a426-8885f35939c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fak.sv%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interbuzznews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Jan 2024 21:18:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: reverse=K4uthOcOuiSLPn4cwTSKq9oAikVRaXtJaAL8-t8FUYI; expires=Sat, 20-Jan-2024 22:18:46 GMT; Max-Age=3600; path=/
OAID=ff27c3f6be9d7dda3d40b945bac7ad19; expires=Thu, 09-Feb-2079 18:37:32 GMT; Max-Age=1737407926; path=/
oaidts=1705785526; expires=Thu, 09-Feb-2079 18:37:32 GMT; Max-Age=1737407926; path=/
syncedCookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

GET ak.sv/style/assets/css/akwam.css?v=1.3

172.67.193.35

200 OK

551 B

URL GET HTTP/3
ak.sv/style/assets/css/akwam.css?v=1.3
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
ASCII text, with very long lines (605), with no line terminators
Size
551 B (551 bytes)
Hash
8c8f928f498ec135c84d05f6287f655d
edc60193c8d554ac0424fe6ae5c3000dcb5cef20
9befe0c50e5ee54954aa6eef9cb5ba1f022ee831c20762ce7e85716577110d44

HTTP Headers

GET /style/assets/css/akwam.css?v=1.3 HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:44 GMT
content-type: text/css
cache-control: max-age=0, no-cache, no-store, must-revalidate,public
expires: Wed, 11 Jan 1984 05:00:00 GMT
last-modified: Sun, 28 Jun 2020 13:32:34 GMT
vary: Accept-Encoding,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoBj4sSIVfYEPQHSgCE%2BpcNOWSb6RmjKYIQRDZ7e%2B0KHjqy%2BgV17Hzcw9AfsQXmwk6ryC6UpAwnifl1k3BbGP693mrOYeKSaQ%2FjcPgWJuBtQ%2Bwxdj5AKTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0a686056ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/images/logo-white.svg

172.67.193.35

200 OK

2.2 kB

URL GET HTTP/3
ak.sv/style/assets/images/logo-white.svg
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
SVG Scalable Vector Graphics image
Size
2.2 kB (2238 bytes)
Hash
3d31bc5c7b2c0178e974e5ce1e7cb708
84b84c12da7c0c8f5d57b72211de106280d86e8a
fcfc109913a69869a47dba7f6e2057acde39aa4faf6fa917aed5c4387966aef8

HTTP Headers

GET /style/assets/images/logo-white.svg HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:44 GMT
content-type: image/svg+xml
cache-control: public, max-age=2592000
expires: Wed, 07 Feb 2024 06:51:06 GMT
last-modified: Sun, 24 Nov 2019 13:38:54 GMT
vary: Accept-Encoding,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1088858
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWoCBVRNmzzDizREmof2fBys2HA7DtJOVWmFdl1xrWObDwIQGAKkpA2QlxY0azVvaDsReUD8Jou%2BvscXVdPqmahZqku6Ov9p%2Fu3xXqKZLUywWplte1YkgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0a686c56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/js/jquery-3.2.1.min.js

172.67.193.35

200 OK

87 kB

URL GET HTTP/3
ak.sv/style/assets/js/jquery-3.2.1.min.js
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /style/assets/js/jquery-3.2.1.min.js HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate,public
expires: Wed, 11 Jan 1984 05:00:00 GMT
last-modified: Thu, 07 Dec 2017 21:31:12 GMT
vary: Accept-Encoding,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAOyeeGEmXEaGGfvne%2FrZQu8xzzjsqNLEEtp9JfMJtN%2B7%2F5O%2F0XvUtLxdjUwm1hCsqCQzRFbEhH3eUPmWe8LOZ2HUQxYRNOe83wSaKIyB%2FE5hezqMLN0lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0a687056ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/js/plugins/typed.min.js

172.67.193.35

200 OK

12 kB

URL GET HTTP/3
ak.sv/style/assets/js/plugins/typed.min.js
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
JavaScript source, ASCII text, with very long lines (11219)
Size
12 kB (11461 bytes)
Hash
8adfb3a95c5eb23321fc2b40b672fdec
3dbdee38aa38056d8247b6d4ce3b604f9105258d
960d3c7144bd7d1695869610cb719fa0d30c5ca692eb76e1497a96f0c7ee001c

HTTP Headers

GET /style/assets/js/plugins/typed.min.js HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:44 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate,public
expires: Wed, 11 Jan 1984 05:00:00 GMT
last-modified: Wed, 26 Aug 2020 09:24:44 GMT
vary: Accept-Encoding,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od%2FGI10qld6hoKcLl%2B0c9YipNnyIb5ZU6M%2FVdv4Zzc1TJbnWMiLOAhAX8tYKapEMMXs9yGZYMy4XU%2BHgXW9Mocihf8ruA92az6mUvM%2BJpdvSkCUq6bv6wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0a787256ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/css/home.css

172.67.193.35

200 OK

2.5 kB

URL GET HTTP/3
ak.sv/style/assets/css/home.css
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
ASCII text, with very long lines (2633), with no line terminators
Size
2.5 kB (2524 bytes)
Hash
0f16ed5f9480a4a5caaac7f0dc00d66f
b98c5e3afc848e14c27a11a4d33f5f85a9309be6
adc5f2165d9b6d2d49c6055c6e2432535612ad7626f670d00d163f25db197c99

HTTP Headers

GET /style/assets/css/home.css HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:44 GMT
content-type: text/css
cache-control: max-age=0, no-cache, no-store, must-revalidate,public
expires: Wed, 11 Jan 1984 05:00:00 GMT
last-modified: Wed, 26 Aug 2020 09:24:42 GMT
vary: Accept-Encoding,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbwKI4vf6fYAd6m66LgS%2FfeWfw2Ir2k0k%2BebTL%2F2y75UbPOdcr1tOVaR4GunKESiungc0EEp%2F2UVe6pt%2FUTr0B0mdobFV9XdkgklaExjyvRq0vKyojRNOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0a686b56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/css/plugins.css?v=1.2

172.67.193.35

200 OK

135 kB

URL GET HTTP/3
ak.sv/style/assets/css/plugins.css?v=1.2
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type

Size
135 kB (134885 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /style/assets/css/plugins.css?v=1.2 HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:45 GMT
content-type: text/css
cache-control: max-age=0, no-cache, no-store, must-revalidate,public
expires: Wed, 11 Jan 1984 05:00:00 GMT
last-modified: Sun, 21 Feb 2021 17:30:01 GMT
vary: Accept-Encoding,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezq3VbwItu5nmt3QDg6Gj%2B47iERAITunmZyDyJLzvoxxOliggtBXe%2BgwV%2BljnnKTh89xpumEsa46ULrhqLGRQbEYWFoW6ACIj9COUxGwZGAqPlMH%2B1S%2FAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0a585656ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET ak.sv/style/assets/css/style.css?v=1.3

172.67.193.35

200 OK

37 kB

URL GET HTTP/3
ak.sv/style/assets/css/style.css?v=1.3
IP
172.67.193.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ak.sv/
Certificate
IssuerGoogle Trust Services LLC
Subjectak.sv
Fingerprint74:EF:0B:4F:72:83:2F:A6:1E:EC:7C:DB:AD:1E:92:2C:B4:A0:A0:B3
ValidityThu, 28 Dec 2023 09:04:23 GMT - Wed, 27 Mar 2024 09:04:22 GMT

File type
ASCII text, with very long lines (36554), with no line terminators
Size
37 kB (36554 bytes)
Hash
ca490bd90bfaf7dc0daed916a35b15a6
dde07ed71aea87f499125b6d003fc7d2401c702a
1e56b14556b379f7fd1ab23925d1879559b8a6003ebf77d60a0f0ea57dd1a68a

HTTP Headers

GET /style/assets/css/style.css?v=1.3 HTTP/1.1
Host: ak.sv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.sv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 Jan 2024 21:18:44 GMT
content-type: text/css
cache-control: max-age=0, no-cache, no-store, must-revalidate,public
expires: Wed, 11 Jan 1984 05:00:00 GMT
last-modified: Thu, 24 Nov 2022 18:21:24 GMT
vary: Accept-Encoding,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6286EbOorRys3IKki7uIJvrtQN%2F44B%2FqzuyAvZwxCtLsqQfIVg17VKlGlWB3JTqmkb02XNRCMRtoaOqUYIRNcrztuiZOs9St4FZCz4R2t8ZGQiYLfTH0PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 848a5a0a685b56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by