Report - 7332.groovinews.com/common-player-arrow/index.html?ymid=2g0dodfccvfu8&mrc=2&rc=0&fsc=1&var=xxxx&zoneid=1967037&tbz=1967039

Report Overview

Submitted URL
7332.groovinews.com/common-player-arrow/index.html?ymid=2g0dodfccvfu8&mrc=2&rc=0&fsc=1&var=xxxx&zoneid=1967037&tbz=1967039
IP
45.133.44.21
ASN
#39572 DataWeb Global Group B.V.
Submitted
2023-02-25 19:23:58
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-14T05:09:04Z	3.4 kB	8.9 kB	23.33.119.27
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-14T05:09:37Z	333 B	391 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	42 kB	34.120.237.76
7332.groovinews.com	unknown	2023-02-06T20:26:37Z	2023-03-13T08:16:39Z	453 B	7.4 kB	45.133.44.20
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-14T05:09:37Z	413 B	5.9 kB	34.160.144.191
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-14T03:07:50Z	2.0 kB	5.8 kB	172.64.155.188
7.groovinews.com	unknown	2022-12-22T14:47:09Z	2023-03-13T08:16:40Z	7.1 kB	102 kB	45.133.44.21
6915.groovinews.com	unknown			1.1 kB	8.2 kB	45.133.44.21
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-14T05:09:38Z	606 B	127 B	35.155.255.170
ocsp.buypass.com	157566	2017-01-30T05:59:29Z	2023-03-14T04:23:33Z	340 B	2.2 kB	23.36.76.200
forlumineoner.com	298831	2020-04-27T15:07:45Z	2023-03-14T09:36:40Z	3.3 kB	3.7 kB	139.45.197.229
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T18:13:28Z	782 B	2.4 kB	35.241.9.150
afcnuchxgo.com	unknown	2022-10-24T15:36:39Z	2023-03-11T11:33:15Z	416 B	1.0 kB	62.122.171.6

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-25	medium	afcnuchxgo.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	6915.groovinews.com/common-player-arrow/index.html?var=xxxx&ymid=2g0dodfccvfu8&rc=1&mrc=2&fsc=1&zoneid=1967037&tburl=null&tbz=1967039	102 kB	2023-03-14	2023-03-14
Pretty URL 6915.groovinews.com/common-player-arrow/index.html?var=xxxx&ymid=2g0dodfccvfu8&rc=1&mrc=2&fsc=1&zoneid=1967037&tburl=null&tbz=1967039 IP 45.133.44.21 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 05:57:22 Last Seen2023-03-14 19:43:06 Times Seen1 Hash c470009e7d4f60d4882541cd0b63d995 a8b821c37b0477e520c85bedc73532eae436b041 4fae4f9e4a1f3625a9a91ee7d7176a837cc81f1048be43dda2701d349e1d729f Loading...

	6915.groovinews.com/common-player-arrow/index.html?var=xxxx&ymid=2g0dodfccvfu8&rc=1&mrc=2&fsc=1&zoneid=1967037&tburl=null&tbz=1967039	102 B	2023-03-14	2023-03-14
Pretty URL 6915.groovinews.com/common-player-arrow/index.html?var=xxxx&ymid=2g0dodfccvfu8&rc=1&mrc=2&fsc=1&zoneid=1967037&tburl=null&tbz=1967039 IP 45.133.44.21 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:14:57 Last Seen2023-03-14 11:14:57 Times Seen1 Hash 35cab3734953d186bb2b039273ac86b8 208b54f6524b1ac9bf1785b4c24b296311ce6ddd c5ad0ccdf8f80e9abb0a6c31284fded8746d26566218f45224b4de83d6f6e6e1 Loading...

	7332.groovinews.com/common-player-arrow/index.html?ymid=2g0dodfccvfu8&mrc=2&rc=0&fsc=1&var=xxxx&zoneid=1967037&tbz=1967039	140 B	2023-03-07	2023-04-05
Pretty URL 7332.groovinews.com/common-player-arrow/index.html?ymid=2g0dodfccvfu8&mrc=2&rc=0&fsc=1&var=xxxx&zoneid=1967037&tbz=1967039 IP 45.133.44.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:24 Last Seen2023-04-05 02:09:06 Times Seen26 Hash d5247a46d4b777cbdcd2b91d90b89d43 bf30f153f4ff2ad88dfc01edf9c11d164c85ac37 cce915a5cb317f8728c3ba508110aa72ddfc8f0104ba0507696515937b6ed5a4 Loading...

	7.groovinews.com/script.js?slug=common-player-arrow	6.4 kB	2023-03-14	2023-03-26
Pretty URL 7.groovinews.com/script.js?slug=common-player-arrow IP 45.133.44.21 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:03:08 Last Seen2023-03-26 00:33:13 Times Seen9 Hash 8ec06229262da77bf71632aa5ed5c4a9 b9ef7e0f871d4d30876cf52aa12e4b6e46738abd 632ddc4b2b273993dd737dcf363bac6f5a68c0f8e2863aaa51489d4187490f35 Loading...

	7332.groovinews.com/common-player-arrow/index.html?ymid=2g0dodfccvfu8&mrc=2&rc=0&fsc=1&var=xxxx&zoneid=1967037&tbz=1967039	2.6 kB	2023-03-07	2023-04-05
Pretty URL 7332.groovinews.com/common-player-arrow/index.html?ymid=2g0dodfccvfu8&mrc=2&rc=0&fsc=1&var=xxxx&zoneid=1967037&tbz=1967039 IP 45.133.44.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:51 Last Seen2023-04-05 02:09:05 Times Seen5 Hash ac28ac1de186d16c281bb77aabc9d22e 218622fa2f528f6f4fcf3fdc6d51a72e22d0bc3c 87a238a1600c1af75d2b603796998bf9ed96cf5736345e523839e2b5b7aff409 Loading...

	afcnuchxgo.com/pn21ywqw/z/sc/scssx/1967037/lib.js?ymid=2g0dodfccvfu8&var=xxxx	26 kB	2023-03-14	2023-03-14
Pretty URL afcnuchxgo.com/pn21ywqw/z/sc/scssx/1967037/lib.js?ymid=2g0dodfccvfu8&var=xxxx IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:14:57 Last Seen2023-03-14 11:14:57 Times Seen1 Hash b6003f05fecc85795719bd9e57ca5131 f44fa73e3a70b2f1f4afb4e556f322a8ccf6855e aabdc2595521bfd9ff1ddf3238a2fd8dfe8e2a738e18f2ba9e17882a9d1158dc Loading...

	forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1967038&var=xxxx\|2g0dodfccvfu8\|1967037	15 kB	2023-03-14	2023-03-14
Pretty URL forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1967038&var=xxxx\|2g0dodfccvfu8\|1967037 IP 139.45.197.229 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 05:57:22 Last Seen2023-03-14 19:43:06 Times Seen1 Hash 9937046254ee6054919cd1cb89637d03 8d31a5018bcb715dfa4490d45d030b9225c238d0 02844ede027746abacfaf8da7722140d6a28fa6cca621204d8a1c8e2ba189e4e Loading...

		Size	First Seen	Last Seen
	#1 Eval - d211c1ec2437e70118dc9be10991b78d	426 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 20:10:02 Last Seen2023-03-14 11:14:57 Times Seen1 Hash d211c1ec2437e70118dc9be10991b78d e7b1129963a6c67f41c28c62602d82a161082313 b30edca4bb2c135fcadbc18714cb8ee698feefdc5ac7c0ec8d33c7cfb8d00294 Loading...

	#2 Eval - 7be0d3b1e7acbe62d741fa6b3f107d60	79 B	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 11:14:57 Last Seen2023-03-14 11:14:57 Times Seen1 Hash 7be0d3b1e7acbe62d741fa6b3f107d60 76e71a1e79084c475cd322aab3a11ba475d77fca 3f86d7ba11aad367a474fc47b5f7be6d85c3df9f614bbd3a3c64938801230d7f Loading...

HTTP Transactions (56)

URL IP Response Size

7332.groovinews.com/common-player-arrow/index.html?ymid=2g0dodfccvfu8&mrc=2&rc=0&fsc=1&var=xxxx&zoneid=1967037&tbz=1967039

45.133.44.20

200 OK

6.5 kB

URL HTTP/1.1
7332.groovinews.com/common-player-arrow/index.html?ymid=2g0dodfccvfu8&mrc=2&rc=0&fsc=1&var=xxxx&zoneid=1967037&tbz=1967039
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1913)
Size
6.5 kB (6539 bytes)
Hash
aa80206977d81ce0976ce168ca8b8328
12ef96a6ae488bb6ee1cb94b80ecd17cba8e39f2
278036e70b87a8718a79e43b7e3b187be57065702861536af09ae7bcd2bd5d75

HTTP Headers

GET /common-player-arrow/index.html?ymid=2g0dodfccvfu8&mrc=2&rc=0&fsc=1&var=xxxx&zoneid=1967037&tbz=1967039 HTTP/1.1
Host: 7332.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 25 Feb 2023 19:23:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6539
Connection: keep-alive
Server: nginx/1.22.0
Cache-Control: max-age=172800
Etag: aa80206977d81ce0976ce168ca8b8328
Last-Modified: Thu, 22 Dec 2022 13:10:43 GMT
X-Timestamp: 1671714642.24009
X-Trans-Id: tx83e9108434e44526a87ac-0063a457ca
X-Openstack-Request-Id: tx83e9108434e44526a87ac-0063a457ca
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
Access-Control-Expose-Headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
Expires: Mon, 27 Feb 2023 19:23:47 GMT
Vary: Accept-Encoding
X-Proxy-Cache: HIT
Accept-Ranges: bytes

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8083775b7a6637d27672cc4a2581fa2d
023420d026fbf2cd0f69d5606524094011375202
66664ed1d36948fe99498950e3525d03c1797689c9186c4cd0bd5ded531b3bac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66664ED1D36948FE99498950E3525D03C1797689C9186C4CD0BD5DED531B3BAC"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4452
Expires: Sat, 25 Feb 2023 20:37:59 GMT
Date: Sat, 25 Feb 2023 19:23:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc3cacbc6c565bf2955b507302b8fb41
7b773e19aff1d4904cec328c456513e80f917ba4
b45c582b42efef5e8bd5744333a137f13e94a93cafbaace39b36cfa1eeb041bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B45C582B42EFEF5E8BD5744333A137F13E94A93CAFBAACE39B36CFA1EEB041BD"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19871
Expires: Sun, 26 Feb 2023 00:54:58 GMT
Date: Sat, 25 Feb 2023 19:23:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Feb 2023 19:07:48 GMT
content-type: application/json
age: 959
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
955732a866f4168dcaaa1dbcfb06e776
24161b6d53bbf84abc87c943f67daadd7fbcc9f4
ac3d306cc00fcafe5d6fadd5bc1c4398ca87dec499fd0e4ffe60d0e1c3535578

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC3D306CC00FCAFE5D6FADD5BC1C4398CA87DEC499FD0E4FFE60D0E1C3535578"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16054
Expires: Sat, 25 Feb 2023 23:51:21 GMT
Date: Sat, 25 Feb 2023 19:23:47 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: G2KDMKRynxyBZrnZMI7Y7qIlXqQbShmvAma/NC52LHLV6/6pjBra2w95GmQCZ2CT1LxgnqZEImo=
x-amz-request-id: 7GX2MF99B0YDASVQ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Feb 2023 19:13:24 GMT
age: 623
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 19:23:47 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f8df5b0f7a6de67e225d211319af55b1
606c25e3b80701eff8013d5b70a7f49aa8559f15
089676fb43e77573cd18406a90f7ab9b9f0fb6155b9ba9858fb2e1ea9274474e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Feb 2023 19:23:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 15:45:30 GMT
Expires: Wed, 01 Mar 2023 15:45:29 GMT
Etag: "606c25e3b80701eff8013d5b70a7f49aa8559f15"
Cache-Control: max-age=331901,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79f2d1463ca11c06-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f8df5b0f7a6de67e225d211319af55b1
606c25e3b80701eff8013d5b70a7f49aa8559f15
089676fb43e77573cd18406a90f7ab9b9f0fb6155b9ba9858fb2e1ea9274474e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Feb 2023 19:23:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 15:45:30 GMT
Expires: Wed, 01 Mar 2023 15:45:29 GMT
Etag: "606c25e3b80701eff8013d5b70a7f49aa8559f15"
Cache-Control: max-age=331901,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79f2d1463c79b515-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f8df5b0f7a6de67e225d211319af55b1
606c25e3b80701eff8013d5b70a7f49aa8559f15
089676fb43e77573cd18406a90f7ab9b9f0fb6155b9ba9858fb2e1ea9274474e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Feb 2023 19:23:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 15:45:30 GMT
Expires: Wed, 01 Mar 2023 15:45:29 GMT
Etag: "606c25e3b80701eff8013d5b70a7f49aa8559f15"
Cache-Control: max-age=331901,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79f2d1463c7ab515-OSL

7.groovinews.com/common-player-arrow/img/icon4.png

45.133.44.21

200 OK

7.0 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon4.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

HTTP Headers

GET /common-player-arrow/img/icon4.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://7332.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:47 GMT
content-type: image/png
content-length: 7032
server: nginx/1.22.0
etag: 7ad7f32c1c0df7b4975cc41bda4ac435
last-modified: Fri, 06 Aug 2021 11:29:28 GMT
x-timestamp: 1628249367.30688
x-trans-id: tx279925a6e8914aceb071e-0063a457cb
x-openstack-request-id: tx279925a6e8914aceb071e-0063a457cb
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:47 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon5.png

45.133.44.21

200 OK

3.3 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon5.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /common-player-arrow/img/icon5.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://7332.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:47 GMT
content-type: image/png
content-length: 3264
server: nginx/1.22.0
etag: 1e1a7582b5da63e10485d63f97abc9a0
last-modified: Fri, 06 Aug 2021 11:29:30 GMT
x-timestamp: 1628249369.40449
x-trans-id: tx1144185dfb0d44cab6891-0063a457cb
x-openstack-request-id: tx1144185dfb0d44cab6891-0063a457cb
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:47 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon7.png

45.133.44.21

200 OK

3.3 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon7.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /common-player-arrow/img/icon7.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://7332.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:47 GMT
content-type: image/png
content-length: 3283
server: nginx/1.22.0
etag: b512735542cb07b3b2dcf153a7dfe456
last-modified: Fri, 06 Aug 2021 11:29:31 GMT
x-timestamp: 1628249370.44693
x-trans-id: txee3503fdd6a34b6d8aec9-0063a457ca
x-openstack-request-id: txee3503fdd6a34b6d8aec9-0063a457ca
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:47 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon8.png

45.133.44.21

200 OK

4.1 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon8.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

HTTP Headers

GET /common-player-arrow/img/icon8.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://7332.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:47 GMT
content-type: image/png
content-length: 4064
server: nginx/1.22.0
etag: f92d6474ebc6a3a0b576749cfb4afe98
last-modified: Fri, 06 Aug 2021 11:29:32 GMT
x-timestamp: 1628249371.44432
x-trans-id: txdd878ecdb29d4a59ae42c-0063a457ca
x-openstack-request-id: txdd878ecdb29d4a59ae42c-0063a457ca
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:47 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon1.png

45.133.44.21

200 OK

7.3 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon1.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /common-player-arrow/img/icon1.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://7332.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:47 GMT
content-type: image/png
content-length: 7252
server: nginx/1.22.0
etag: 3d0ab5834c8bf7134e4d21fa3288317f
last-modified: Fri, 06 Aug 2021 11:29:27 GMT
x-timestamp: 1628249366.13107
x-trans-id: tx4ed98444b0e8491592b07-0063a457cb
x-openstack-request-id: tx4ed98444b0e8491592b07-0063a457cb
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:47 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon2.png

45.133.44.21

200 OK

4.6 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon2.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /common-player-arrow/img/icon2.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://7332.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:47 GMT
content-type: image/png
content-length: 4576
server: nginx/1.22.0
etag: c947d439eb93367f1af5b2a3d222f057
last-modified: Fri, 06 Aug 2021 11:29:29 GMT
x-timestamp: 1628249368.22101
x-trans-id: txb9d5cc1808a34394806bb-0063a457cb
x-openstack-request-id: txb9d5cc1808a34394806bb-0063a457cb
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:47 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon3.png

45.133.44.21

200 OK

7.8 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon3.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /common-player-arrow/img/icon3.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://7332.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:47 GMT
content-type: image/png
content-length: 7847
server: nginx/1.22.0
etag: 8f3cc830da0b1fdf66bda7d1d734747b
last-modified: Fri, 06 Aug 2021 11:29:33 GMT
x-timestamp: 1628249372.47629
x-trans-id: tx7e92a4197bc24ee48e9e5-0063a457cb
x-openstack-request-id: tx7e92a4197bc24ee48e9e5-0063a457cb
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:47 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f8df5b0f7a6de67e225d211319af55b1
606c25e3b80701eff8013d5b70a7f49aa8559f15
089676fb43e77573cd18406a90f7ab9b9f0fb6155b9ba9858fb2e1ea9274474e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Feb 2023 19:23:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 15:45:30 GMT
Expires: Wed, 01 Mar 2023 15:45:29 GMT
Etag: "606c25e3b80701eff8013d5b70a7f49aa8559f15"
Cache-Control: max-age=331901,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79f2d1463cfcb4f1-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f8df5b0f7a6de67e225d211319af55b1
606c25e3b80701eff8013d5b70a7f49aa8559f15
089676fb43e77573cd18406a90f7ab9b9f0fb6155b9ba9858fb2e1ea9274474e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Feb 2023 19:23:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 15:45:30 GMT
Expires: Wed, 01 Mar 2023 15:45:29 GMT
Etag: "606c25e3b80701eff8013d5b70a7f49aa8559f15"
Cache-Control: max-age=331901,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79f2d1463f24b505-OSL

7.groovinews.com/script.js?slug=common-player-arrow

45.133.44.21

200 OK

6.4 kB

URL HTTP/2
7.groovinews.com/script.js?slug=common-player-arrow
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
C source, ASCII text, with very long lines (349)
Size
6.4 kB (6399 bytes)
Hash
8ec06229262da77bf71632aa5ed5c4a9
b9ef7e0f871d4d30876cf52aa12e4b6e46738abd
632ddc4b2b273993dd737dcf363bac6f5a68c0f8e2863aaa51489d4187490f35

HTTP Headers

GET /script.js?slug=common-player-arrow HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://7332.groovinews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 6399
server: nginx/1.22.1
cache-control: max-age=172800
etag: 8ec06229262da77bf71632aa5ed5c4a9
last-modified: Thu, 23 Feb 2023 10:20:19 GMT
x-timestamp: 1677147618.10316
x-trans-id: tx47010ff1cbbc43599523f-0063f73e27
x-openstack-request-id: tx47010ff1cbbc43599523f-0063f73e27
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:47 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Feb 2023 19:12:23 GMT
age: 685
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b1d73c7d1e3e594a7be10b7ac62176ac
46105f3b581c409f00524674825c08343e4d71d1
7b31674705946d30e1822ddca8008520258d81a32cb11fadeded012dac2b0d13

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B31674705946D30E1822DDCA8008520258D81A32CB11FADEDED012DAC2B0D13"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5786
Expires: Sat, 25 Feb 2023 21:00:14 GMT
Date: Sat, 25 Feb 2023 19:23:48 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f8df5b0f7a6de67e225d211319af55b1
606c25e3b80701eff8013d5b70a7f49aa8559f15
089676fb43e77573cd18406a90f7ab9b9f0fb6155b9ba9858fb2e1ea9274474e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Feb 2023 19:23:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 15:45:30 GMT
Expires: Wed, 01 Mar 2023 15:45:29 GMT
Etag: "606c25e3b80701eff8013d5b70a7f49aa8559f15"
Cache-Control: max-age=331900,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79f2d14988731c06-OSL

6915.groovinews.com/common-player-arrow/index.html?var=xxxx&ymid=2g0dodfccvfu8&rc=1&mrc=2&fsc=1&zoneid=1967037&tburl=null&tbz=1967039

45.133.44.21

200 OK

6.5 kB

URL HTTP/2
6915.groovinews.com/common-player-arrow/index.html?var=xxxx&ymid=2g0dodfccvfu8&rc=1&mrc=2&fsc=1&zoneid=1967037&tburl=null&tbz=1967039
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1913)
Size
6.5 kB (6539 bytes)
Hash
aa80206977d81ce0976ce168ca8b8328
12ef96a6ae488bb6ee1cb94b80ecd17cba8e39f2
278036e70b87a8718a79e43b7e3b187be57065702861536af09ae7bcd2bd5d75

HTTP Headers

GET /common-player-arrow/index.html?var=xxxx&ymid=2g0dodfccvfu8&rc=1&mrc=2&fsc=1&zoneid=1967037&tburl=null&tbz=1967039 HTTP/1.1
Host: 6915.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://7332.groovinews.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: text/html; charset=utf-8
content-length: 6539
server: nginx/1.22.0
cache-control: max-age=172800
etag: aa80206977d81ce0976ce168ca8b8328
last-modified: Thu, 22 Dec 2022 13:10:43 GMT
x-timestamp: 1671714642.24009
x-trans-id: tx83e9108434e44526a87ac-0063a457ca
x-openstack-request-id: tx83e9108434e44526a87ac-0063a457ca
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:48 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/script.js?slug=common-player-arrow

45.133.44.21

200 OK

6.4 kB

URL HTTP/2
7.groovinews.com/script.js?slug=common-player-arrow
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
C source, ASCII text, with very long lines (349)
Size
6.4 kB (6399 bytes)
Hash
8ec06229262da77bf71632aa5ed5c4a9
b9ef7e0f871d4d30876cf52aa12e4b6e46738abd
632ddc4b2b273993dd737dcf363bac6f5a68c0f8e2863aaa51489d4187490f35

HTTP Headers

GET /script.js?slug=common-player-arrow HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 6399
server: nginx/1.22.1
cache-control: max-age=172800
etag: 8ec06229262da77bf71632aa5ed5c4a9
last-modified: Thu, 23 Feb 2023 10:20:19 GMT
x-timestamp: 1677147618.10316
x-trans-id: tx47010ff1cbbc43599523f-0063f73e27
x-openstack-request-id: tx47010ff1cbbc43599523f-0063f73e27
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:48 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon1.png

45.133.44.21

200 OK

7.3 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon1.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /common-player-arrow/img/icon1.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: image/png
content-length: 7252
server: nginx/1.22.0
etag: 3d0ab5834c8bf7134e4d21fa3288317f
last-modified: Fri, 06 Aug 2021 11:29:27 GMT
x-timestamp: 1628249366.13107
x-trans-id: tx4ed98444b0e8491592b07-0063a457cb
x-openstack-request-id: tx4ed98444b0e8491592b07-0063a457cb
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:48 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon2.png

45.133.44.21

200 OK

4.6 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon2.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /common-player-arrow/img/icon2.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: image/png
content-length: 4576
server: nginx/1.22.0
etag: c947d439eb93367f1af5b2a3d222f057
last-modified: Fri, 06 Aug 2021 11:29:29 GMT
x-timestamp: 1628249368.22101
x-trans-id: txb9d5cc1808a34394806bb-0063a457cb
x-openstack-request-id: txb9d5cc1808a34394806bb-0063a457cb
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:48 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon3.png

45.133.44.21

200 OK

7.8 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon3.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /common-player-arrow/img/icon3.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: image/png
content-length: 7847
server: nginx/1.22.0
etag: 8f3cc830da0b1fdf66bda7d1d734747b
last-modified: Fri, 06 Aug 2021 11:29:33 GMT
x-timestamp: 1628249372.47629
x-trans-id: tx7e92a4197bc24ee48e9e5-0063a457cb
x-openstack-request-id: tx7e92a4197bc24ee48e9e5-0063a457cb
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:48 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon4.png

45.133.44.21

200 OK

7.0 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon4.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

HTTP Headers

GET /common-player-arrow/img/icon4.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: image/png
content-length: 7032
server: nginx/1.22.0
etag: 7ad7f32c1c0df7b4975cc41bda4ac435
last-modified: Fri, 06 Aug 2021 11:29:28 GMT
x-timestamp: 1628249367.30688
x-trans-id: tx279925a6e8914aceb071e-0063a457cb
x-openstack-request-id: tx279925a6e8914aceb071e-0063a457cb
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:48 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon5.png

45.133.44.21

200 OK

3.3 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon5.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /common-player-arrow/img/icon5.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: image/png
content-length: 3264
server: nginx/1.22.0
etag: 1e1a7582b5da63e10485d63f97abc9a0
last-modified: Fri, 06 Aug 2021 11:29:30 GMT
x-timestamp: 1628249369.40449
x-trans-id: tx1144185dfb0d44cab6891-0063a457cb
x-openstack-request-id: tx1144185dfb0d44cab6891-0063a457cb
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:48 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon7.png

45.133.44.21

200 OK

3.3 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon7.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /common-player-arrow/img/icon7.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: image/png
content-length: 3283
server: nginx/1.22.0
etag: b512735542cb07b3b2dcf153a7dfe456
last-modified: Fri, 06 Aug 2021 11:29:31 GMT
x-timestamp: 1628249370.44693
x-trans-id: txee3503fdd6a34b6d8aec9-0063a457ca
x-openstack-request-id: txee3503fdd6a34b6d8aec9-0063a457ca
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:48 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/icon8.png

45.133.44.21

200 OK

4.1 kB

URL HTTP/2
7.groovinews.com/common-player-arrow/img/icon8.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

HTTP Headers

GET /common-player-arrow/img/icon8.png HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: image/png
content-length: 4064
server: nginx/1.22.0
etag: f92d6474ebc6a3a0b576749cfb4afe98
last-modified: Fri, 06 Aug 2021 11:29:32 GMT
x-timestamp: 1628249371.44432
x-trans-id: txdd878ecdb29d4a59ae42c-0063a457ca
x-openstack-request-id: txdd878ecdb29d4a59ae42c-0063a457ca
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 27 Feb 2023 19:23:48 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.155.255.170

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.155.255.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M4CupdLxjPqw5i6gyXKvxQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: E4isxGCc05xdglenjZmAt6ZKO0A=

6915.groovinews.com/favicon.ico

45.133.44.21

404 Not Found

70 B

URL HTTP/2
6915.groovinews.com/favicon.ico
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with no line terminators
Size
70 B (70 bytes)
Hash
cb75a4a5436bc5f23fd500aed9ab3ad4
270ba1020384007ebcd50e4985b6a3bbe63f194b
cd08cc3cd7dbd890951754b1e187e2fbe4d68d6a77b2618eb00740a8281c9b56

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 6915.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/common-player-arrow/index.html?var=xxxx&ymid=2g0dodfccvfu8&rc=1&mrc=2&fsc=1&zoneid=1967037&tburl=null&tbz=1967039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: text/html; charset=UTF-8
content-length: 70
server: nginx/1.22.1
x-trans-id: tx3036cc5ab4ee41aabf63c-0063fa600f
x-openstack-request-id: tx3036cc5ab4ee41aabf63c-0063fa600f
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
x-proxy-cache: HIT
X-Firefox-Spdy: h2

7.groovinews.com/common-player-arrow/img/v_F.ico

45.133.44.21

404 Not Found

70 B

URL HTTP/2
7.groovinews.com/common-player-arrow/img/v_F.ico
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with no line terminators
Size
70 B (70 bytes)
Hash
cb75a4a5436bc5f23fd500aed9ab3ad4
270ba1020384007ebcd50e4985b6a3bbe63f194b
cd08cc3cd7dbd890951754b1e187e2fbe4d68d6a77b2618eb00740a8281c9b56

HTTP Headers

GET /common-player-arrow/img/v_F.ico HTTP/1.1
Host: 7.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 404 Not Found
date: Sat, 25 Feb 2023 19:23:48 GMT
content-type: text/html; charset=UTF-8
content-length: 70
server: nginx/1.22.1
x-trans-id: tx8d6afc91426143f39df2e-0063fa6016
x-openstack-request-id: tx8d6afc91426143f39df2e-0063fa6016
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
x-proxy-cache: HIT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3920
Expires: Sat, 25 Feb 2023 20:29:09 GMT
Date: Sat, 25 Feb 2023 19:23:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3920
Expires: Sat, 25 Feb 2023 20:29:09 GMT
Date: Sat, 25 Feb 2023 19:23:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3920
Expires: Sat, 25 Feb 2023 20:29:09 GMT
Date: Sat, 25 Feb 2023 19:23:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3920
Expires: Sat, 25 Feb 2023 20:29:09 GMT
Date: Sat, 25 Feb 2023 19:23:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3920
Expires: Sat, 25 Feb 2023 20:29:09 GMT
Date: Sat, 25 Feb 2023 19:23:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363345a7-425e-4498-8aa7-e16250bedd66.jpeg

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363345a7-425e-4498-8aa7-e16250bedd66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5269 bytes)
Hash
f5c457f02a50b085b748b7e806f166f7
a7b75438ba91b71e023e2e6e355563ac2635bf25
7607c112a56f9893b0c491cad54d7d83be0fa414e69dd44c251e074e15877f6a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363345a7-425e-4498-8aa7-e16250bedd66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5269
x-amzn-requestid: e6460273-d038-41fa-9915-5f5762feecab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A3QiUFqhIAMF5sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f92e0e-6c3baead0e2b8845557bf7e9;Sampled=0
x-amzn-remapped-date: Fri, 24 Feb 2023 21:37:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 07pNAHZlG7fP3dgG0eb-onMglfj9-wP2RAFShvr3b-MkOECPQZaSdA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 21:40:19 GMT
age: 78210
etag: "a7b75438ba91b71e023e2e6e355563ac2635bf25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9093 bytes)
Hash
2a5f3d376fe6a3a78a5d1fe136f962fb
3e9b03cc296e954d63526a4e7e75beea3130fc3b
c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S8s54RJtScNtsl6uEFtBEHnTj4lb3l5xIWR96Kvr_SdwQQQMgSKNxA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 21:34:57 GMT
age: 78532
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa41846-2966-47c9-ac1f-845e6507fe21.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6979 bytes)
Hash
d434142b05e07062707138da8999445e
d4796a582b28b1afcb1d7c8d06d78664a62bc880
0baf0e2b4c5975bac7d8543156bdb412cb8a703a768c765a90eedb95fb8ab1ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa41846-2966-47c9-ac1f-845e6507fe21.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6979
x-amzn-requestid: 19ffbbf5-7950-405e-b558-43c6c011785c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9M7FrMIAMFzCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbec-7c65361d479d30c129f9d1d0;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uAlLA8M3mpkJ6q6lSztfNbhSpQu3pFgjZ53BjU-jkLAVX3DoTHH2vA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 00:10:20 GMT
age: 69209
etag: "d4796a582b28b1afcb1d7c8d06d78664a62bc880"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F58e71ab7-6d45-4fe0-96bb-7faa4a54fe6a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9610 bytes)
Hash
a1598be3f85d30c5999ee301f974603a
f74df5e6145c1a10d64dd1f5a09bd90363a8eb59
57f179081f7cf17e985b0628cd07bacc744fcea97131594bb03b11c2a8b52d7c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F58e71ab7-6d45-4fe0-96bb-7faa4a54fe6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9610
x-amzn-requestid: defacc06-ccad-4190-9442-9b603acbe6d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9M6EnsoAMFx4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbeb-651f70531153842f6f431d69;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0rbTTBo65VZcX_9i1P_tu4xfDdGhauiJMBxtxLJ2QBnpmegxn85N2A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 21:34:57 GMT
age: 78532
etag: "f74df5e6145c1a10d64dd1f5a09bd90363a8eb59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8705a5a8-62bf-44bc-8c05-31c8b6c31694.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.5 kB (2472 bytes)
Hash
07de4b2f670ddb3d7188529f2a663e32
6eb14318c585598c0ee9e7e5d694eb190f2cfbbc
6f6c649e01b654856df8a17db50787b7888dc063a4d68a337ce8bfad275bcadd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8705a5a8-62bf-44bc-8c05-31c8b6c31694.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2472
x-amzn-requestid: 8666c3f8-25a1-4204-8a9e-717f95bc6f60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AqYMpF96IAMFRcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f4071d-3e4dce5a5b119a44096124ff;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 23:49:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s0lEI3Louq5N7FwRFgTmXEChzb0SHOvk2nSKDp_xIHeTuvxGL1CVwQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 18:00:26 GMT
age: 5003
etag: "6eb14318c585598c0ee9e7e5d694eb190f2cfbbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5651651c-e7cc-4a7b-ae8a-9fb1e88379d3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.4 kB (2433 bytes)
Hash
94622f58aa91b60efcab072bbfc1b8fc
481c511819075f80bacc5cca0b50c3650b5789d1
767c220ed09fbb28216023785c3609993185463dea0fcdc6cb355d6d00acd6b0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5651651c-e7cc-4a7b-ae8a-9fb1e88379d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2433
x-amzn-requestid: 1eb77631-515a-41f7-ac18-59c8cd22c4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ax_KCHgAoAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7123f-051da60474344e58658cc980;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 07:14:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KStkU8id8VhC4s3kYYvxctpem7798i9K7jNQUVNahm_mycuGOaE72g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 07:44:04 GMT
age: 41985
etag: "481c511819075f80bacc5cca0b50c3650b5789d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.buypass.com/

23.36.76.200

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.200:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1701 bytes)
Hash
e3dc5f3343b067bc8eec6593f650b7b8
8a9e758e1a0b1680779d7eccb3d94b53d15fe985
af4abdf0137563af47fa458b6f90261f6d1c0b19757d9ae0a9a4c51c1b8fc5ad

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 51efa2db-a881-4a9a-b6e4-b612df0cc1cb
Content-Length: 1701
Date: Sat, 25 Feb 2023 19:23:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ef6e25e32a45ad8637c18c2368ab25a
346731eaf634625b6106f65f4658566c097669d4
fa46a2e1ba79db5db6c0f1700be6dcfc2e6bcd8a1238e5c1c348d8a7600be74b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA46A2E1BA79DB5DB6C0F1700BE6DCFC2E6BCD8A1238E5C1C348D8A7600BE74B"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9554
Expires: Sat, 25 Feb 2023 22:03:03 GMT
Date: Sat, 25 Feb 2023 19:23:49 GMT
Connection: keep-alive

forlumineoner.com/zone?pub=1&zone_id=1967038&is_mobile=false&domain=6915.groovinews.com&var=xxxx%7C2g0dodfccvfu8%7C1967037&ymid=&var_3=

139.45.197.229

200 OK

619 B

URL HTTP/2
forlumineoner.com/zone?pub=1&zone_id=1967038&is_mobile=false&domain=6915.groovinews.com&var=xxxx%7C2g0dodfccvfu8%7C1967037&ymid=&var_3=
IP
139.45.197.229:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (618)
Size
619 B (619 bytes)
Hash
c3a78bbfa8e1216989e68433c66e1f51
11c6128c90dd080d14200c000f1e46486a9c0b2c
18ee0d4e24b394770f900a5e19100b1acae12f54e6999d0a913b44aaf73f907c

HTTP Headers

GET /zone?pub=1&zone_id=1967038&is_mobile=false&domain=6915.groovinews.com&var=xxxx%7C2g0dodfccvfu8%7C1967037&ymid=&var_3= HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6915.groovinews.com/
Origin: https://6915.groovinews.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 19:23:50 GMT
content-type: application/json; charset=utf-8
content-length: 619
x-trace-id: d1d4988b269db7de344fc17d9ba10ae8
access-control-allow-origin: https://6915.groovinews.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

forlumineoner.com/custom

139.45.197.229

200 OK

0 B

URL HTTP/2
forlumineoner.com/custom
IP
139.45.197.229:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://6915.groovinews.com/
Origin: https://6915.groovinews.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 19:23:50 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://6915.groovinews.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

forlumineoner.com/custom

139.45.197.229

200 OK

0 B

URL HTTP/2
forlumineoner.com/custom
IP
139.45.197.229:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://6915.groovinews.com/
Origin: https://6915.groovinews.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 19:23:50 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://6915.groovinews.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

forlumineoner.com/custom

139.45.197.229

200 OK

39 B

URL HTTP/2
forlumineoner.com/custom
IP
139.45.197.229:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6915.groovinews.com/
Content-Type: application/json
Origin: https://6915.groovinews.com
Content-Length: 531
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 19:23:50 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 96dc21fc51c6d4567aac5043a18ffd93
access-control-allow-origin: https://6915.groovinews.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

forlumineoner.com/custom

139.45.197.229

200 OK

39 B

URL HTTP/2
forlumineoner.com/custom
IP
139.45.197.229:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6915.groovinews.com/
Content-Type: application/json
Origin: https://6915.groovinews.com
Content-Length: 886
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 19:23:50 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2f8a51c9719cc11097d333790e54ef2d
access-control-allow-origin: https://6915.groovinews.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

afcnuchxgo.com/pn21ywqw/z/sc/scssx/1967037/lib.js?ymid=2g0dodfccvfu8&var=xxxx

62.122.171.6

200 OK

0 B

URL HTTP/2
afcnuchxgo.com/pn21ywqw/z/sc/scssx/1967037/lib.js?ymid=2g0dodfccvfu8&var=xxxx
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pn21ywqw/z/sc/scssx/1967037/lib.js?ymid=2g0dodfccvfu8&var=xxxx HTTP/1.1
Host: afcnuchxgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 19:23:49 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: script
set-cookie: UID=23022514235b7fba8d338143989a4a408d7f; Path=/; Expires=Sun, 25 Feb 2024 19:23:49 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1967038&var=xxxx|2g0dodfccvfu8|1967037

139.45.197.229

200 OK

0 B

URL HTTP/2
forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1967038&var=xxxx|2g0dodfccvfu8|1967037
IP
139.45.197.229:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/tag.min.js?pub=1&z=1967038&var=xxxx|2g0dodfccvfu8|1967037 HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6915.groovinews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 19:23:50 GMT
content-type: application/javascript
last-modified: Mon, 20 Feb 2023 17:09:24 GMT
etag: W/"63f3a944-392b"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

forlumineoner.com/pfe/current/universal.min.js?v=3.1.421

139.45.197.229

200 OK

0 B

URL HTTP/2
forlumineoner.com/pfe/current/universal.min.js?v=3.1.421
IP
139.45.197.229:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.421 HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6915.groovinews.com/
Origin: https://6915.groovinews.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 19:23:50 GMT
content-type: application/javascript
last-modified: Mon, 20 Feb 2023 17:09:24 GMT
etag: W/"63f3a944-19090"
access-control-allow-origin: https://6915.groovinews.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (56)