Report - bitchesgirls.org/tag/rae-lil-black/

Report Overview

Submitted URL
bitchesgirls.org/tag/rae-lil-black/
IP
104.21.2.200
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-24 21:02:42
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
bitchesgirls.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	830 B	1.6 kB	172.67.129.156
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.249
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
limurol.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	4.6 kB	62.122.171.6
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.187.71.185
hpmarzhnny.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	486 kB	62.122.171.6
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	9.8 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	44 kB	142.250.74.168
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	970 B	59 kB	216.58.207.195
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	21 kB	142.250.74.174
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	60 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483 B	746 B	142.250.74.10
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	hpmarzhnny.com/t/9/fret/meow4/1944619/68638fff.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	hpmarzhnny.com	Sinkholed
2022-11-24	medium	limurol.com	Sinkholed
2022-11-24	medium	limurol.com	Sinkholed
2022-11-24	medium	hpmarzhnny.com	Sinkholed
2022-11-24	medium	limurol.com	Sinkholed
2022-11-24	medium	hpmarzhnny.com	Sinkholed

JavaScript (37)

	URL	Size	First Seen	Last Seen
	bitchesgirls.org/tag/rae-lil-black/	263 B	2023-03-07	2024-04-18
Pretty URL bitchesgirls.org/tag/rae-lil-black/ IP 172.67.129.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:28 Last Seen2024-04-18 09:40:54 Times Seen2570 Hash 6f35b6645bb854163663bd445d10a947 0ed94701f3b2f1e0312ad8f86c041658f23dce3b f70b1a7e02d635c75235a4a8351bb4bb3b4ba6e3a51acb1b1b231b3c230541b9 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js?ver=4.0.0	8.8 kB	2023-03-07	2024-04-18
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js?ver=4.0.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2024-04-18 00:06:43 Times Seen1857 Hash 43b1aa1ea2d73e79e9d45980c7920446 1bef149aedeafff7a797e799cfba168bed0d6dc6 9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35 Loading...

	bitchesgirls.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-18
Pretty URL bitchesgirls.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-18 13:42:00 Times Seen9796 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	bitchesgirls.org/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	10 kB	2023-03-08	2024-04-18
Pretty URL bitchesgirls.org/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-18 19:01:10 Times Seen25595 Hash 8cd696505481e74ffee89b4995f37379 ee9aad199ef2bc60a3460f4c52f37d22907b2ec9 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/enquire/enquire.min.js?ver=2.1.2	2.3 kB	2023-03-07	2024-04-16
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/enquire/enquire.min.js?ver=2.1.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:52 Last Seen2024-04-16 10:56:57 Times Seen611 Hash c22ea088390ceeb51ae5da21901b9df4 2cb0ed3c356a9a2f41cf3b7c95e702c1856f5819 324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489 Loading...

	bitchesgirls.org/tag/rae-lil-black/	503 B	2023-03-11	2023-03-11
Pretty URL bitchesgirls.org/tag/rae-lil-black/ IP 172.67.129.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:53 Last Seen2023-03-11 19:20:53 Times Seen1 Hash fb1e556e40a2fa772011c0c3ce1be88e 6217e7ec5832f8f4b1fa6542e3b1d063a7c8e864 8c30bcbe586c9292264b0715c8150b141937eba29b7068673d64cb690fa7180e Loading...

	hpmarzhnny.com/t/9/fret/meow4/1944619/68638fff.js	69 kB	2023-03-11	2023-03-11
Pretty URL hpmarzhnny.com/t/9/fret/meow4/1944619/68638fff.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:53 Last Seen2023-03-11 19:20:53 Times Seen1 Hash 861745efd3cecfdd7eef51f6390160db ed85c4aed5553449f195c1b7e755cb75fcbd9f4d 2ed81bde93b35f760278dc1c3364b71d074f2b7d30441bcc4b0e39d9593bb85b Loading...

	bitchesgirls.org/tag/rae-lil-black/	493 B	2023-03-07	2024-04-16
Pretty URL bitchesgirls.org/tag/rae-lil-black/ IP 172.67.129.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:53 Last Seen2024-04-16 10:56:55 Times Seen340 Hash 032a0b987f8e2bd0f56563703153a19f 4b3294fa5bbcd8c186e176e1fe600d742ad73b85 f5581dd6262ad4f7ef338c976a24f2e861004d4360d9d316899e781b7c8c714e Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/matchmedia/matchmedia.js	1.7 kB	2023-03-07	2024-04-16
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/matchmedia/matchmedia.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:51 Last Seen2024-04-16 10:56:56 Times Seen1244 Hash 89f369588d629240d6a8d4f8788490c8 fb014487044fe7f608fa3e19e868ed5f9c41aa00 76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js?ver=3.3.0	7.0 kB	2023-03-07	2024-04-16
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js?ver=3.3.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:52 Last Seen2024-04-16 10:56:55 Times Seen404 Hash be867eb3c95205f143aecc1fff7d4df6 31c16e5fdb15452c67a8044798f6380be681888d 2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/picturefill/picturefill.min.js?ver=2.3.1	7.7 kB	2023-03-07	2024-04-19
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/picturefill/picturefill.min.js?ver=2.3.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:53 Last Seen2024-04-19 06:39:41 Times Seen645 Hash d3325bc1d59dae5aedda1c5ead0cd1d6 f4b1fea0baec4ab9b6bff45bdea81d8883357e35 d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52 Loading...

	bitchesgirls.org/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2	10 kB	2023-03-08	2024-04-12
Pretty URL bitchesgirls.org/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-12 09:25:28 Times Seen1110 Hash 087a7b1f3a0e6e458e47752247dea77f b50dc9b67f2440a0f7fd6369c0d0da9eb35f8f77 03a76dde100a17b38d2eaf65bd9d75ca09369d5d601e4262db5696778e930657 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/jquery.timeago/locales/jquery.timeago.en.js	455 B	2023-03-07	2024-04-16
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/jquery.timeago/locales/jquery.timeago.en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:52 Last Seen2024-04-16 10:56:58 Times Seen342 Hash 09ce1b88cf9cdc1bc8377780ef0fe0a5 a07f6a4fdc9b39d5652449015ff018b51b6e1d92 0284d42b43b431163138ad07c2e26fee046b82609761b503949c054fe67cf38a Loading...

	bitchesgirls.org/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664	2.5 kB	2023-03-07	2024-04-18
Pretty URL bitchesgirls.org/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:58 Last Seen2024-04-18 19:01:08 Times Seen6197 Hash 496baa8dab0a9861cd85d4e329f5aa77 5a036d58aecc5c5c471237d6dc719333cfe225e6 5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689 Loading...

	hpmarzhnny.com/get/1944619?zoneid=1944619&jp=_clzmufcgd3hfe0okn8ublx&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990700149244564	3.4 kB	2023-03-11	2023-03-11
Pretty URL hpmarzhnny.com/get/1944619?zoneid=1944619&jp=_clzmufcgd3hfe0okn8ublx&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990700149244564 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:53 Last Seen2023-03-11 19:20:53 Times Seen1 Hash 47d1147291712e1e04d2b434fb0dc792 ab0ef108b769c45eccb508a7ae616cccad928417 6329949783a63c13605870c379e6b04e974a5c7418469bf866b4c6d69f7c7644 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 07:47:47 Times Seen1515 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/stickyfill/stickyfill.min.js?ver=2.0.3	6.3 kB	2023-03-07	2024-04-16
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/stickyfill/stickyfill.min.js?ver=2.0.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:53 Last Seen2024-04-16 10:56:56 Times Seen413 Hash 593e9b79f6e7ce55f18e215cee71c97b 05c1dd24e4e71352f7ec69cbeec0dfe8dea721eb 77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/jquery.timeago/jquery.timeago.js?ver=1.5.2	7.2 kB	2023-03-07	2024-03-18
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/jquery.timeago/jquery.timeago.js?ver=1.5.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:53 Last Seen2024-03-18 05:59:59 Times Seen407 Hash 80c1ddcdf84ae2b0d3a833fc079a0981 a44488a43f08ec4068c62a2cae036527788112c8 c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js?ver=4.0.1	5.5 kB	2023-03-07	2024-04-16
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js?ver=4.0.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:52 Last Seen2024-04-16 10:56:56 Times Seen428 Hash a174a677ef7798a1adbda44b740996f5 1a3587ed5f71778c68adfb80bf3e4b2419ff2b97 aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468 Loading...

	bitchesgirls.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-18
Pretty URL bitchesgirls.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 13:32:29 Times Seen37992 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/matchmedia/matchmedia.addlistener.js	2.8 kB	2023-03-07	2024-04-16
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/matchmedia/matchmedia.addlistener.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:51 Last Seen2024-04-16 10:56:55 Times Seen1124 Hash 6f47448212550bd3157c4265e3ebf085 5949f358ba1f69bdf5442cd0c88b86934d254e6b 4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456 Loading...

	bitchesgirls.org/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5	4.9 kB	2023-03-07	2024-04-18
Pretty URL bitchesgirls.org/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 19:01:08 Times Seen24369 Hash b33ab4d5dcf02436276a717e9d1b7c18 f47b9a9c41b3b11c9dffabca22945727c3ec6566 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Loading...

	bitchesgirls.org/tag/rae-lil-black/	68 B	2023-03-07	2024-04-19
Pretty URL bitchesgirls.org/tag/rae-lil-black/ IP 172.67.129.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 11:35:05 Times Seen22394 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	bitchesgirls.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL bitchesgirls.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 10:16:10 Times Seen68491 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/global.js?ver=9.2	47 kB	2023-03-07	2024-03-09
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/global.js?ver=9.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:40 Last Seen2024-03-09 20:13:52 Times Seen253 Hash 8b5cca173e2d12b1d577e1ce80202e07 8cf07aa4aaf5e4affefb8a202110a8811da669f2 f6abddbe5d6b87ebdfc3ef94d51cb72b139804c2ad38ee3ed1aeb591012b5076 Loading...

	bitchesgirls.org/tag/rae-lil-black/	155 B	2023-03-11	2023-03-11
Pretty URL bitchesgirls.org/tag/rae-lil-black/ IP 172.67.129.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:53 Last Seen2023-03-11 19:20:53 Times Seen1 Hash 574c73b74478da234b08f1c650cf74f7 e73cb598a8d061b6109d455d9584fbfd16b4f8f9 fc0b76ab7357f809a05ef98837d9b7b2a3aaf5cd577ae1636dff2bdd8df44c5c Loading...

	www.googletagmanager.com/gtag/js?id=UA-237402972-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-237402972-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:53 Last Seen2023-03-11 19:20:53 Times Seen1 Hash 7f7b6f0723ff8a89999e838f98a59645 78474f452ce1b7ebe226bf155ab1b1bb505a3cf1 cbef2950bf006e03021483a48c7e72bae4904517d8c67981f0c87312c18822f9 Loading...

	bitchesgirls.org/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca	498 B	2023-03-07	2024-04-18
Pretty URL bitchesgirls.org/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-18 19:01:08 Times Seen11691 Hash b0b80b0256874e70acdc820b52bbf1aa 9aace9a7989736bf535d65f229d0c10e9acea41b 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0 Loading...

	limurol.com/ssp/req/1944619/?pb=58ab5ed73762f489a334998dc82eff711669330952&psp=wH_gcxVhaQLoolCzxSUYrQ36iLJLxOr5ToLWEcIFLD10gNcbgBrIdrhugE9hl5hbN77X_9343AsUVhAf1JhZGASmpVu136qRGx8jCCBq0MnEez-RsSOROWw51Yr5R5S1ci0Ie-LaBBn6uSvvv8tF5HPGpsokv6HhMpXxfN1wedBYXaY6iKpCtSCIlUR-syb37PM06fGcN9Z3hLR4nQBBm2bYubF-8i4XAKSnaXhRqMxfyJXfPAfyiHQ0Brd5kgxkzdjTVjHWbJeL0npxW0SPQnf1uOsEFhDtIwGya73ihghaV0Ap_FpD9jaJLZrcCFaFfpdUzJCLud7AhP7zj6Kz3eBOHvdIERBAZUNb7vobFy5kmjU8CIkN44kkgMlRGnvrtveDOBMsLihIJX0WTCM6lfPTNlBSftuGV5bd0xrvZoLVu-7o4Yn8hA1pzTuFPfY7ZGa8NRrqz_xcWIbWn09KhjUbZk9QGubevCPUxGMytAdCtpjNVC13mBMWmdhw9Rc9CzbbPfZcrpjibA_8DnY1woJurxRTJ7Ke166ePDqR4fSJOOYrO7-jGmexy9fE694KAt559Zh_9mz0AGzPOuTUbz_LiLPe9hXi2qrvI4rvbaCfOu5TFxlxgNPMe5bVrqL5Cg==&cb=_clbrk4sw7fqc8xlwyfvgfj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24	7 B	2023-03-07	2024-04-17
Pretty URL limurol.com/ssp/req/1944619/?pb=58ab5ed73762f489a334998dc82eff711669330952&psp=wH_gcxVhaQLoolCzxSUYrQ36iLJLxOr5ToLWEcIFLD10gNcbgBrIdrhugE9hl5hbN77X_9343AsUVhAf1JhZGASmpVu136qRGx8jCCBq0MnEez-RsSOROWw51Yr5R5S1ci0Ie-LaBBn6uSvvv8tF5HPGpsokv6HhMpXxfN1wedBYXaY6iKpCtSCIlUR-syb37PM06fGcN9Z3hLR4nQBBm2bYubF-8i4XAKSnaXhRqMxfyJXfPAfyiHQ0Brd5kgxkzdjTVjHWbJeL0npxW0SPQnf1uOsEFhDtIwGya73ihghaV0Ap_FpD9jaJLZrcCFaFfpdUzJCLud7AhP7zj6Kz3eBOHvdIERBAZUNb7vobFy5kmjU8CIkN44kkgMlRGnvrtveDOBMsLihIJX0WTCM6lfPTNlBSftuGV5bd0xrvZoLVu-7o4Yn8hA1pzTuFPfY7ZGa8NRrqz_xcWIbWn09KhjUbZk9QGubevCPUxGMytAdCtpjNVC13mBMWmdhw9Rc9CzbbPfZcrpjibA_8DnY1woJurxRTJ7Ke166ePDqR4fSJOOYrO7-jGmexy9fE694KAt559Zh_9mz0AGzPOuTUbz_LiLPe9hXi2qrvI4rvbaCfOu5TFxlxgNPMe5bVrqL5Cg==&cb=_clbrk4sw7fqc8xlwyfvgfj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-04-17 16:44:22 Times Seen16320 Hash a97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Loading...

	bitchesgirls.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-18
Pretty URL bitchesgirls.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 13:42:00 Times Seen15473 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	bitchesgirls.org/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2	8.5 kB	2023-03-08	2024-04-12
Pretty URL bitchesgirls.org/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-12 09:25:28 Times Seen850 Hash 99017cd1ae098d1e3ad215171ca48290 2c4c8affe6e8deee8bd8b89c0d44d456b9438c63 3c891891a2abfdb8f5ef8f4b1e4e3c25013d934ca396fe8149e6626cc4ea1888 Loading...

	bitchesgirls.org/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.0	3.0 kB	2023-03-07	2024-04-12
Pretty URL bitchesgirls.org/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:33 Last Seen2024-04-12 21:28:15 Times Seen1268 Hash 9e7d73d0e3b6c3e2a00ca8110ea3e771 e7841aee943e2dd70b6cdc1f353c77df69836065 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/ajax-search.js?ver=9.2	2.1 kB	2023-03-07	2024-03-18
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/ajax-search.js?ver=9.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:03 Last Seen2024-03-18 05:59:57 Times Seen279 Hash 346dfc33d02645d41fb1b3e0eccf1e28 e12b9884e047f6b4d077f58be7a40859c1965ac9 1c045fd18778d6cb007565f471c7d6f442aef231cd65359b0fbcef666b432155 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/back-to-top.js?ver=9.2	1.5 kB	2023-03-07	2024-03-18
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/back-to-top.js?ver=9.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:52 Last Seen2024-03-18 05:59:58 Times Seen292 Hash d674481513d4b30efad67303812f94f9 f44bc8e490088e3d56137f2d0cbcf7eb3bf52921 b044d89f7a88e52da5ba2345438abc81c7fdf33eefbdb8e458bd5ce102bbba7c Loading...

	bitchesgirls.org/tag/rae-lil-black/	2.2 kB	2023-03-11	2023-03-11
Pretty URL bitchesgirls.org/tag/rae-lil-black/ IP 172.67.129.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:20:53 Last Seen2023-03-11 19:20:53 Times Seen1 Hash 820842b47782e71e75bc49cd7869ad74 02514789721bf9e3fdd195d29b2480261fda6db8 82ef8b3b8230528324e9c1f229f235ee37fd8e5741e2f195f0c925b10197b60f Loading...

	bitchesgirls.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-18
Pretty URL bitchesgirls.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-18 13:42:00 Times Seen31778 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	bitchesgirls.org/wp-content/themes/bimber/js/archive-filters.js?ver=9.2	517 B	2023-03-07	2023-12-20
Pretty URL bitchesgirls.org/wp-content/themes/bimber/js/archive-filters.js?ver=9.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:31:58 Last Seen2023-12-20 23:52:49 Times Seen7 Hash d8818f7914dca2c830369f2dee913996 f62b5b02f448ed41b22631b1a47ed72c6822aab5 a8e74586981d9c560c80df04ea96f44ec6a28f816b3fa74d32d762f676580ce3 Loading...

HTTP Transactions (41)

URL IP Response Size

bitchesgirls.org/tag/rae-lil-black/

172.67.129.156

301 Moved Permanently

0 B

URL HTTP/1.1
bitchesgirls.org/tag/rae-lil-black/
IP
172.67.129.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tag/rae-lil-black/ HTTP/1.1
Host: bitchesgirls.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 21:02:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 24 Nov 2022 22:02:30 GMT
Location: https://bitchesgirls.org/tag/rae-lil-black/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0Jrg1IF2jmtrqSD0OCkUDqmczoZXBhBpFbJoUoF%2B4S4A45zClIEWIMXlCimkJz4qigZqKexIYi2q3CVKhK2XhntqwjRmGSmiWjg7xJjeMc0ndBegh9uCqL4wOaJ20YpSCsx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f516017d66b4f4-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16303
Expires: Fri, 25 Nov 2022 01:34:13 GMT
Date: Thu, 24 Nov 2022 21:02:30 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3642
Cache-Control: max-age=138563
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:02:30 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:31:53 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 20:19:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2610
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8756
Expires: Thu, 24 Nov 2022 23:28:26 GMT
Date: Thu, 24 Nov 2022 21:02:30 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: GVMUI9idOBhbcSSCZ0yrqqNKbhCNiRabWJ53E2AIJjaFM0/ZjuVHqC3F4kECRueHxtC2JoMflaE=
x-amz-request-id: PA6S2PMDVWQG6TSD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 20:43:32 GMT
age: 1138
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 21:02:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 20:08:53 GMT
cache-control: public,max-age=3600
age: 3218
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2465
Cache-Control: max-age=132323
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:02:31 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:47:54 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.187.71.185

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.71.185:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: afn4+IykgqMjDod83pyxaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C+tXUj2CFD9ZCaEBRzOO4A1EDpQ=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-237402972-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-237402972-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43683 bytes)
Hash
577c716a4739022f3f33eade51634a96
df33bb23bfd91cdfee008cfa7c01dd06876f652b
d212fbf5a8c08eec9b4f1cd5a36270a39307c3cc8c70ab3ec5cfbea44ef1ae4f

HTTP Headers

GET /gtag/js?id=UA-237402972-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitchesgirls.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 21:02:32 GMT
expires: Thu, 24 Nov 2022 21:02:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43683
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

5.3 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
5.3 kB (5347 bytes)
Hash
375b9673c930739b5b95a14ff0893986
195c8e037ff5dfd023e0e17d9435916867cc9e19
6639bbbf6684f971710bba2e32781c081ff93cee7a25b60147198027e954db1b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

hpmarzhnny.com/solid.gif?z=1944619&abvar=0

62.122.171.6

200 OK

43 B

URL HTTP/2
hpmarzhnny.com/solid.gif?z=1944619&abvar=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /solid.gif?z=1944619&abvar=0 HTTP/1.1
Host: hpmarzhnny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bitchesgirls.org
Connection: keep-alive
Referer: https://bitchesgirls.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 21:02:32 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/amethysta/v16/rP2Fp2K15kgb_F3ibfW4Hz-D.woff2

216.58.207.195

200 OK

25 kB

URL HTTP/2
fonts.gstatic.com/s/amethysta/v16/rP2Fp2K15kgb_F3ibfW4Hz-D.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25244, version 1.0\012- data
Size
25 kB (25244 bytes)
Hash
09dbc14638a200b1898a948a37e2a41f
f43b1734dd19c0e22d071cbd11f5ca79d0171764
e56bc2b2b0c70b4648c80988888eb73ea12c12c441cce3db745300a4c2eff114

HTTP Headers

GET /s/amethysta/v16/rP2Fp2K15kgb_F3ibfW4Hz-D.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bitchesgirls.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 06:47:30 GMT
expires: Thu, 23 Nov 2023 06:47:30 GMT
cache-control: public, max-age=31536000
age: 137702
last-modified: Tue, 19 Apr 2022 20:08:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/spartan/v14/l7gfbjR61M69yt8Z2QKtlA.woff2

216.58.207.195

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/spartan/v14/l7gfbjR61M69yt8Z2QKtlA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31928, version 1.0\012- data
Size
32 kB (31928 bytes)
Hash
3b3351368e211c09efa0c97b48c8ed66
40da6bbeb1918801457ad57d0e7fd362ee1a6acb
f59cc23a049db17ddf37d28c7d4f296442fe7dd8679660af0234664df1a38272

HTTP Headers

GET /s/spartan/v14/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bitchesgirls.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 21:13:32 GMT
expires: Wed, 22 Nov 2023 21:13:32 GMT
cache-control: public, max-age=31536000
age: 172140
last-modified: Tue, 23 Aug 2022 17:58:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 21:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

limurol.com/ssp/req/1944619/?pb=58ab5ed73762f489a334998dc82eff711669330952&psp=wH_gcxVhaQLoolCzxSUYrQ36iLJLxOr5ToLWEcIFLD10gNcbgBrIdrhugE9hl5hbN77X_9343AsUVhAf1JhZGASmpVu136qRGx8jCCBq0MnEez-RsSOROWw51Yr5R5S1ci0Ie-LaBBn6uSvvv8tF5HPGpsokv6HhMpXxfN1wedBYXaY6iKpCtSCIlUR-syb37PM06fGcN9Z3hLR4nQBBm2bYubF-8i4XAKSnaXhRqMxfyJXfPAfyiHQ0Brd5kgxkzdjTVjHWbJeL0npxW0SPQnf1uOsEFhDtIwGya73ihghaV0Ap_FpD9jaJLZrcCFaFfpdUzJCLud7AhP7zj6Kz3eBOHvdIERBAZUNb7vobFy5kmjU8CIkN44kkgMlRGnvrtveDOBMsLihIJX0WTCM6lfPTNlBSftuGV5bd0xrvZoLVu-7o4Yn8hA1pzTuFPfY7ZGa8NRrqz_xcWIbWn09KhjUbZk9QGubevCPUxGMytAdCtpjNVC13mBMWmdhw9Rc9CzbbPfZcrpjibA_8DnY1woJurxRTJ7Ke166ePDqR4fSJOOYrO7-jGmexy9fE694KAt559Zh_9mz0AGzPOuTUbz_LiLPe9hXi2qrvI4rvbaCfOu5TFxlxgNPMe5bVrqL5Cg==&cb=_clbrk4sw7fqc8xlwyfvgfj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24

62.122.171.6

200 OK

1.8 kB

URL HTTP/2
limurol.com/ssp/req/1944619/?pb=58ab5ed73762f489a334998dc82eff711669330952&psp=wH_gcxVhaQLoolCzxSUYrQ36iLJLxOr5ToLWEcIFLD10gNcbgBrIdrhugE9hl5hbN77X_9343AsUVhAf1JhZGASmpVu136qRGx8jCCBq0MnEez-RsSOROWw51Yr5R5S1ci0Ie-LaBBn6uSvvv8tF5HPGpsokv6HhMpXxfN1wedBYXaY6iKpCtSCIlUR-syb37PM06fGcN9Z3hLR4nQBBm2bYubF-8i4XAKSnaXhRqMxfyJXfPAfyiHQ0Brd5kgxkzdjTVjHWbJeL0npxW0SPQnf1uOsEFhDtIwGya73ihghaV0Ap_FpD9jaJLZrcCFaFfpdUzJCLud7AhP7zj6Kz3eBOHvdIERBAZUNb7vobFy5kmjU8CIkN44kkgMlRGnvrtveDOBMsLihIJX0WTCM6lfPTNlBSftuGV5bd0xrvZoLVu-7o4Yn8hA1pzTuFPfY7ZGa8NRrqz_xcWIbWn09KhjUbZk9QGubevCPUxGMytAdCtpjNVC13mBMWmdhw9Rc9CzbbPfZcrpjibA_8DnY1woJurxRTJ7Ke166ePDqR4fSJOOYrO7-jGmexy9fE694KAt559Zh_9mz0AGzPOuTUbz_LiLPe9hXi2qrvI4rvbaCfOu5TFxlxgNPMe5bVrqL5Cg==&cb=_clbrk4sw7fqc8xlwyfvgfj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
1.8 kB (1769 bytes)
Hash
08a7fd018f433a9e937873172d0fc502
78e26c5744518d6bf879f516a4d081f996e6356b
e803f77914f6ff3012dd2979174c2fa1eff4d74d38e96f55e25d6836c37cc664

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ssp/req/1944619/?pb=58ab5ed73762f489a334998dc82eff711669330952&psp=wH_gcxVhaQLoolCzxSUYrQ36iLJLxOr5ToLWEcIFLD10gNcbgBrIdrhugE9hl5hbN77X_9343AsUVhAf1JhZGASmpVu136qRGx8jCCBq0MnEez-RsSOROWw51Yr5R5S1ci0Ie-LaBBn6uSvvv8tF5HPGpsokv6HhMpXxfN1wedBYXaY6iKpCtSCIlUR-syb37PM06fGcN9Z3hLR4nQBBm2bYubF-8i4XAKSnaXhRqMxfyJXfPAfyiHQ0Brd5kgxkzdjTVjHWbJeL0npxW0SPQnf1uOsEFhDtIwGya73ihghaV0Ap_FpD9jaJLZrcCFaFfpdUzJCLud7AhP7zj6Kz3eBOHvdIERBAZUNb7vobFy5kmjU8CIkN44kkgMlRGnvrtveDOBMsLihIJX0WTCM6lfPTNlBSftuGV5bd0xrvZoLVu-7o4Yn8hA1pzTuFPfY7ZGa8NRrqz_xcWIbWn09KhjUbZk9QGubevCPUxGMytAdCtpjNVC13mBMWmdhw9Rc9CzbbPfZcrpjibA_8DnY1woJurxRTJ7Ke166ePDqR4fSJOOYrO7-jGmexy9fE694KAt559Zh_9mz0AGzPOuTUbz_LiLPe9hXi2qrvI4rvbaCfOu5TFxlxgNPMe5bVrqL5Cg==&cb=_clbrk4sw7fqc8xlwyfvgfj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitchesgirls.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 21:02:32 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2211241602da67b5762b1c46abab6829e023; Path=/; Expires=Fri, 24 Nov 2023 21:02:32 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1944619/?pb=58ab5ed73762f489a334998dc82eff711669330952&psp=wH_gcxVhaQLoolCzxSUYrQ36iLJLxOr5ToLWEcIFLD10gNcbgBrIdrhugE9hl5hbN77X_9343AsUVhAf1JhZGASmpVu136qRGx8jCCBq0MnEez-RsSOROWw51Yr5R5S1ci0Ie-LaBBn6uSvvv8tF5HPGpsokv6HhMpXxfN1wedBYXaY6iKpCtSCIlUR-syb37PM06fGcN9Z3hLR4nQBBm2bYubF-8i4XAKSnaXhRqMxfyJXfPAfyiHQ0Brd5kgxkzdjTVjHWbJeL0npxW0SPQnf1uOsEFhDtIwGya73ihghaV0Ap_FpD9jaJLZrcCFaFfpdUzJCLud7AhP7zj6Kz3eBOHvdIERBAZUNb7vobFy5kmjU8CIkN44kkgMlRGnvrtveDOBMsLihIJX0WTCM6lfPTNlBSftuGV5bd0xrvZoLVu-7o4Yn8hA1pzTuFPfY7ZGa8NRrqz_xcWIbWn09KhjUbZk9QGubevCPUxGMytAdCtpjNVC13mBMWmdhw9Rc9CzbbPfZcrpjibA_8DnY1woJurxRTJ7Ke166ePDqR4fSJOOYrO7-jGmexy9fE694KAt559Zh_9mz0AGzPOuTUbz_LiLPe9hXi2qrvI4rvbaCfOu5TFxlxgNPMe5bVrqL5Cg==&cb=_clbrk4sw7fqc8xlwyfvgfj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ssp/req/1944619/?pb=58ab5ed73762f489a334998dc82eff711669330952&psp=wH_gcxVhaQLoolCzxSUYrQ36iLJLxOr5ToLWEcIFLD10gNcbgBrIdrhugE9hl5hbN77X_9343AsUVhAf1JhZGASmpVu136qRGx8jCCBq0MnEez-RsSOROWw51Yr5R5S1ci0Ie-LaBBn6uSvvv8tF5HPGpsokv6HhMpXxfN1wedBYXaY6iKpCtSCIlUR-syb37PM06fGcN9Z3hLR4nQBBm2bYubF-8i4XAKSnaXhRqMxfyJXfPAfyiHQ0Brd5kgxkzdjTVjHWbJeL0npxW0SPQnf1uOsEFhDtIwGya73ihghaV0Ap_FpD9jaJLZrcCFaFfpdUzJCLud7AhP7zj6Kz3eBOHvdIERBAZUNb7vobFy5kmjU8CIkN44kkgMlRGnvrtveDOBMsLihIJX0WTCM6lfPTNlBSftuGV5bd0xrvZoLVu-7o4Yn8hA1pzTuFPfY7ZGa8NRrqz_xcWIbWn09KhjUbZk9QGubevCPUxGMytAdCtpjNVC13mBMWmdhw9Rc9CzbbPfZcrpjibA_8DnY1woJurxRTJ7Ke166ePDqR4fSJOOYrO7-jGmexy9fE694KAt559Zh_9mz0AGzPOuTUbz_LiLPe9hXi2qrvI4rvbaCfOu5TFxlxgNPMe5bVrqL5Cg==&cb=_clbrk4sw7fqc8xlwyfvgfj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitchesgirls.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 21:02:32 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2211241602198b0295e0d04406b49455fb79; Path=/; Expires=Fri, 24 Nov 2023 21:02:32 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

hpmarzhnny.com/t/9/fret/meow4/1944619/68638fff.js

62.122.171.6

200 OK

483 kB

URL HTTP/2
hpmarzhnny.com/t/9/fret/meow4/1944619/68638fff.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
483 kB (483023 bytes)
Hash
55c9404f25a5a95a5dc8eb77ce7b6ed4
199bbab3c30976b6aed7292aeca686b639af7844
553cae88e4dc1627a2a071d499ea43245d77a07ea4aec1482a12ff6db3e02719

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /t/9/fret/meow4/1944619/68638fff.js HTTP/1.1
Host: hpmarzhnny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitchesgirls.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 21:02:32 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-10f52"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1944619/?pb=58ab5ed73762f489a334998dc82eff711669330952&psp=wH_gcxVhaQLoolCzxSUYrQ36iLJLxOr5ToLWEcIFLD10gNcbgBrIdrhugE9hl5hbN77X_9343AsUVhAf1JhZGASmpVu136qRGx8jCCBq0MnEez-RsSOROWw51Yr5R5S1ci0Ie-LaBBn6uSvvv8tF5HPGpsokv6HhMpXxfN1wedBYXaY6iKpCtSCIlUR-syb37PM06fGcN9Z3hLR4nQBBm2bYubF-8i4XAKSnaXhRqMxfyJXfPAfyiHQ0Brd5kgxkzdjTVjHWbJeL0npxW0SPQnf1uOsEFhDtIwGya73ihghaV0Ap_FpD9jaJLZrcCFaFfpdUzJCLud7AhP7zj6Kz3eBOHvdIERBAZUNb7vobFy5kmjU8CIkN44kkgMlRGnvrtveDOBMsLihIJX0WTCM6lfPTNlBSftuGV5bd0xrvZoLVu-7o4Yn8hA1pzTuFPfY7ZGa8NRrqz_xcWIbWn09KhjUbZk9QGubevCPUxGMytAdCtpjNVC13mBMWmdhw9Rc9CzbbPfZcrpjibA_8DnY1woJurxRTJ7Ke166ePDqR4fSJOOYrO7-jGmexy9fE694KAt559Zh_9mz0AGzPOuTUbz_LiLPe9hXi2qrvI4rvbaCfOu5TFxlxgNPMe5bVrqL5Cg==&cb=_clbrk4sw7fqc8xlwyfvgfj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ssp/req/1944619/?pb=58ab5ed73762f489a334998dc82eff711669330952&psp=wH_gcxVhaQLoolCzxSUYrQ36iLJLxOr5ToLWEcIFLD10gNcbgBrIdrhugE9hl5hbN77X_9343AsUVhAf1JhZGASmpVu136qRGx8jCCBq0MnEez-RsSOROWw51Yr5R5S1ci0Ie-LaBBn6uSvvv8tF5HPGpsokv6HhMpXxfN1wedBYXaY6iKpCtSCIlUR-syb37PM06fGcN9Z3hLR4nQBBm2bYubF-8i4XAKSnaXhRqMxfyJXfPAfyiHQ0Brd5kgxkzdjTVjHWbJeL0npxW0SPQnf1uOsEFhDtIwGya73ihghaV0Ap_FpD9jaJLZrcCFaFfpdUzJCLud7AhP7zj6Kz3eBOHvdIERBAZUNb7vobFy5kmjU8CIkN44kkgMlRGnvrtveDOBMsLihIJX0WTCM6lfPTNlBSftuGV5bd0xrvZoLVu-7o4Yn8hA1pzTuFPfY7ZGa8NRrqz_xcWIbWn09KhjUbZk9QGubevCPUxGMytAdCtpjNVC13mBMWmdhw9Rc9CzbbPfZcrpjibA_8DnY1woJurxRTJ7Ke166ePDqR4fSJOOYrO7-jGmexy9fE694KAt559Zh_9mz0AGzPOuTUbz_LiLPe9hXi2qrvI4rvbaCfOu5TFxlxgNPMe5bVrqL5Cg==&cb=_clbrk4sw7fqc8xlwyfvgfj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitchesgirls.org/
Cookie: UID=2211241602da67b5762b1c46abab6829e023
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 21:02:32 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitchesgirls.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 20:41:08 GMT
expires: Thu, 24 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 1284
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10740
Expires: Fri, 25 Nov 2022 00:01:33 GMT
Date: Thu, 24 Nov 2022 21:02:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10740
Expires: Fri, 25 Nov 2022 00:01:33 GMT
Date: Thu, 24 Nov 2022 21:02:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10740
Expires: Fri, 25 Nov 2022 00:01:33 GMT
Date: Thu, 24 Nov 2022 21:02:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10740
Expires: Fri, 25 Nov 2022 00:01:33 GMT
Date: Thu, 24 Nov 2022 21:02:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10740
Expires: Fri, 25 Nov 2022 00:01:33 GMT
Date: Thu, 24 Nov 2022 21:02:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 57485
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13882 bytes)
Hash
64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 82995
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6789 bytes)
Hash
d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 49929
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6426 bytes)
Hash
eeac5ead5ce62f0d9e2d4bcefa946208
c2430d901f2b4e4a463e90c540294f334553a246
850a89160f840d7509806c5becd6b074a92613920474195f63d7e7a9cf18d908

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6426
x-amzn-requestid: 6f27f360-dd76-4aee-a9bc-cbd52cd80def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx8GtpIAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-69fa8ba571cc62036406e6bf;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wm_pBVCoReupun-_glC47ejuxaRJ6ViGPKClLnWkDrmT-SewUOXexw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:01 GMT
age: 82592
etag: "c2430d901f2b4e4a463e90c540294f334553a246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5070 bytes)
Hash
0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 83606
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
9.0 kB (8950 bytes)
Hash
bcacfc45c6d1e9b7412cb6cee808fcd3
6beb9f5a505cc1a2953b53e2a5485f1f2ccf8e2a
38fe960d734e78b541a2769306820b873d408fc9abbd46b981e15e5c7f92501e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 83681
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7462 bytes)
Hash
b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 82463
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bitchesgirls.org/tag/rae-lil-black/

172.67.129.156

200 OK

0 B

URL HTTP/2
bitchesgirls.org/tag/rae-lil-black/
IP
172.67.129.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/rae-lil-black/ HTTP/1.1
Host: bitchesgirls.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 24 Nov 2022 21:02:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-distributor: yes
link: <https://bitchesgirls.org/wp-json/>; rel="https://api.w.org/", <https://bitchesgirls.org/wp-json/wp/v2/tags/1289>; rel="alternate"; type="application/json"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOMPrX39SwtZKqeyEnXTzftqh9WPSf4jyVZYCYhbkHl81X0px6LSx1ForLTa7BWwgtaQQ5XxX9HzYs6Jp4s%2FLQjsGpIzopqDh%2BcCDpyMCWYe1ULBRfgrbz40Fwf3IbHJ3dlf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5160368edfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Amethysta%3A400%7CSpartan%3A400%2C300%2C600%2C700%2C800&subset=latin%2Clatin-ext&display=swap&ver=9.2

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Amethysta%3A400%7CSpartan%3A400%2C300%2C600%2C700%2C800&subset=latin%2Clatin-ext&display=swap&ver=9.2
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Amethysta%3A400%7CSpartan%3A400%2C300%2C600%2C700%2C800&subset=latin%2Clatin-ext&display=swap&ver=9.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitchesgirls.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 21:02:32 GMT
date: Thu, 24 Nov 2022 21:02:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hpmarzhnny.com/get/1944619?zoneid=1944619&jp=_clzmufcgd3hfe0okn8ublx&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990700149244564

62.122.171.6

200 OK

0 B

URL HTTP/2
hpmarzhnny.com/get/1944619?zoneid=1944619&jp=_clzmufcgd3hfe0okn8ublx&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990700149244564
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1944619?zoneid=1944619&jp=_clzmufcgd3hfe0okn8ublx&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990700149244564 HTTP/1.1
Host: hpmarzhnny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitchesgirls.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 21:02:32 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2211241602747991b778be4c8389f7a579ec; Path=/; Expires=Fri, 24 Nov 2023 21:02:32 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (37)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations