Report - za.gl/0iFJf

Report Overview

Submitted URL
za.gl/0iFJf
IP
104.26.5.66
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-03 18:01:04
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
za.gl	404755	2017-10-31T01:17:51Z	2023-03-09T20:17:05Z	782 B	33 kB	104.26.5.66
cdn.cloudimagesb.com	23099	2021-02-12T17:15:41Z	2023-03-13T05:15:48Z	401 B	77 kB	45.133.44.9
openfpcdn.io	238589	2021-11-11T14:02:44Z	2023-03-13T08:06:18Z	374 B	696 B	54.230.111.116
static.cloudflareinsights.com	1294	2019-09-24T16:34:56Z	2023-03-13T05:15:33Z	435 B	393 B	104.16.57.101
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.4 kB	14 kB	142.250.74.163
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	33 kB	104.18.21.226
metredesculic.com	unknown	2022-12-04T10:39:20Z	2023-01-19T01:17:49Z	354 B	1.1 kB	23.109.248.169
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	70 kB	34.120.237.76
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	386 B	5.3 kB	104.17.25.14
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	403 B	2.0 kB	142.250.74.164
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	362 B	21 kB	142.250.74.110
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	615 B	436 B	216.239.34.36
cdn.creative-bars1.com	unknown	2022-11-15T17:46:22Z	2023-03-13T05:15:48Z	1.6 kB	4.4 kB	172.64.166.9
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.149.156.115
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.9 kB	71 kB	216.58.207.227
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	947 B	143.204.42.165
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	5.4 kB	14 kB	23.33.119.27
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	879 B	93.184.220.29
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	421 B	165 kB	142.250.74.35
fishermanslush.com	unknown	2022-04-19T11:20:14Z	2023-03-04T20:03:10Z	776 B	38 kB	192.243.59.20
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-13T08:33:39Z	756 B	796 B	3.120.47.42
friendshipmale.com	unknown	2022-10-21T14:15:25Z	2023-03-13T08:33:43Z	350 B	28 kB	172.64.203.23
cdn.barscreative1.com	25648	2021-09-16T13:14:42Z	2023-03-13T08:33:41Z	429 B	386 B	45.133.44.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	405 B	630 B	142.250.74.106
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	748 B	122 kB	172.217.21.168
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-13T08:10:39Z	350 B	944 B	54.230.80.227
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1.7 kB	3.6 kB	23.33.119.27
naveljutmistress.com	unknown	2023-01-24T03:32:25Z	2023-03-10T02:12:39Z	438 B	467 B	192.243.61.225
inflectedminimalbits.com	unknown	2023-01-23T12:53:23Z	2023-02-06T17:16:20Z	4.5 kB	7.4 kB	173.233.137.60
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	381 B	31 kB	216.58.207.234
polyfill.io	102644	2016-02-12T01:04:58Z	2023-03-13T07:52:43Z	373 B	1.2 kB	151.101.65.26
unseenreport.com	unknown	2022-03-30T16:33:17Z	2023-03-13T05:15:47Z	1.4 kB	846 B	192.243.61.225

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	friendshipmale.com/sfp.js	Malware
2023-02-03	medium	cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	naveljutmistress.com	Sinkholed
2023-02-03	medium	unseenreport.com	Sinkholed
2023-02-03	medium	unseenreport.com	Sinkholed
2023-02-03	medium	inflectedminimalbits.com	Sinkholed
2023-02-03	medium	inflectedminimalbits.com	Sinkholed
2023-02-03	medium	inflectedminimalbits.com	Sinkholed
2023-02-03	medium	inflectedminimalbits.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=UA-120643151-1	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-120643151-1 IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:59:39 Last Seen2023-03-13 15:59:39 Times Seen1 Hash ea4a2e54775c3dab16ddc14871a113cf 69b8e9002ee80348d7e34cf5525a38da92e891af 124f546848520ffd9e71ba2eef1fafb3f7c22bac32fb68b6e4c9d2ceada3a54d Loading...

	za.gl/vendor/jquery.min.js?ver=6.0.35	86 kB	2023-03-07	2024-04-26
Pretty URL za.gl/vendor/jquery.min.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:18 Last Seen2024-04-26 10:00:27 Times Seen4076 Hash b354cc9d56a1da6b0c77604d1b153850 a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732 fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 13:19:02 Times Seen62755 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	za.gl/0iFJf	997 B	2023-03-08	2024-02-11
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:45 Times Seen24 Hash 7f6a591687ce7bb0ec71965509db2853 89abf0ce59a41a224ba84406c4af02666da81bc7 dcabc010a8573c50f9e4e944e50570a3acbad7a5b0613e50b3d7df417d56c3be Loading...

	za.gl/0iFJf	1.2 kB	2023-03-08	2023-07-09
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-07-09 00:24:52 Times Seen19 Hash c2c39ad276f809c05f995d2edbd79868 3f97924c66a8edff461321e2bb23070d5a71047b 89b401b6706b2dcb9a0d61e182c218c6f88099480ce4a85befc1727be1c79645 Loading...

	za.gl/0iFJf	190 B	2023-03-08	2023-03-13
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 634eb787db60294a36ac24b0efc33ae1 2daac292e935a98d610964ae083424134e689d82 7d725a37fb033206f74e81a7e584f17f8f27d17ea6ee4833527b915e7ea7d869 Loading...

	www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3 IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:59:39 Last Seen2023-03-13 15:59:39 Times Seen1 Hash d7d74d3eb599118e2652933f73f6a92d 4396e704700c25f61ef7d35b3821e641dcdd7def aa85744cb5ed1d692e4a8a00439bb2b5d0de4258c72c87a8bba932d7b87f7ffe Loading...

	www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	918 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:59:39 Last Seen2023-03-13 20:48:59 Times Seen1 Hash 1e4a27bb3b967b29e1151265dd05eee7 7788b27c028dff2be7110b0a5228e20b2ccb56b5 189ef83471a053ecdfb558036ea961459e13479d1f78f1eea03314ab595699b6 Loading...

	za.gl/js/app.js?ver=6.0.35	26 kB	2023-03-08	2023-03-13
Pretty URL za.gl/js/app.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash b44faf1ba9736ac14c2959df771a764a 2820c342f40786d732b3288a6a794b4c929af991 5a197dd9b64afe3117da8ba22f23306f379ab6470929b2ef9486b7b1af7a2847 Loading...

	za.gl/0iFJf	40 B	2023-03-08	2023-07-09
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-07-09 00:24:52 Times Seen19 Hash 00a8959367484a89f6f33be799163e5b 6912808a17da65b33a3e44d493d9f9012d7d4f27 6b5f923a8b0eb209f662cd1c131791e43049b8c0d8605246a7985a7a1faabcc9 Loading...

	za.gl/0iFJf	1.9 kB	2023-03-08	2023-03-13
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 04af0cf88784e79ae00066bc2057a378 cf96b66fbd1a5c518f40d27adc555650cc75b747 0fcde6f92a9dbfb42ea0a8115ded92978bf4c3876fc312346b6d3030c9e603c7 Loading...

	za.gl/0iFJf	1.0 kB	2023-03-08	2023-03-13
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 9c4368099ae1afa4449542fdecea1235 48283d40685295250d6134df89d8a4f2941ad3d8 798b1f960d2e857d7ed3d768d723312efad32e416ff83ee87c8eb1b047b8a317 Loading...

	za.gl/js/ads.js	106 B	2023-03-08	2024-04-14
Pretty URL za.gl/js/ads.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2024-04-14 20:13:59 Times Seen141 Hash 31129bbaf6802ed0bdd11a024afe7646 22ea0726f15adb8b677d9b4b829b39ce61da1bfc 42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee Loading...

	za.gl/0iFJf	153 B	2023-03-08	2024-02-11
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:36 Last Seen2024-02-11 16:06:45 Times Seen24 Hash 5ab6cc4334cb5477b8f21e3df5e4a2a4 97060e6cf8bec11b2c42404871e77d4679c15b6a d39f57e21dd6f05e4fd71da9bcf563cee4211b05a461ec2b182135189e43ccc2 Loading...

	fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js	60 kB	2023-03-13	2023-03-13
Pretty URL fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:59:39 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 1ffd1760e8d6c1281e65eb33b8b5911e eb336a3fb43382362e7892253b3b9d25b1bc441f aa585441034858fcc04ed20aa5c362d307a30ce755dab2fb4b32555630239bfa Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js	13 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-26 06:55:16 Times Seen12962 Hash 4ff108e4584780dce15d610c142c3e62 77e4519962e2f6a9fc93342137dbb31c33b76b04 fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a Loading...

	za.gl/0iFJf	1.4 kB	2023-03-08	2023-03-13
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:36 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 859794606223894bcc0c033cc6d869b8 ce6138e2db820287dab798492cd66b7b91945073 373181fd41a0a85596fa2358d0dc8ba96bb77e0784df6ea831bceb0470a67770 Loading...

	fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js	37 kB	2023-03-13	2023-03-13
Pretty URL fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:59:39 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 8006e171cc270e824f5d11c65eb1cc29 cc2f75cc19bd04676a944b4bcfa9d58c1f7bb457 c59c15b996db050cd89648096fdc56b863d369c8e40178fcc0821bfa3683f95a Loading...

	za.gl/vendor/owl/owl.carousel.min.js?ver=6.0.35	40 kB	2023-03-07	2024-04-24
Pretty URL za.gl/vendor/owl/owl.carousel.min.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:47 Last Seen2024-04-24 18:20:57 Times Seen4707 Hash ffaa3c82ad2c6e216e68aca44746e1be 2fa7c468110fa68f1f3df6718daf971871623ee9 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91 Loading...

	za.gl/0iFJf	593 B	2023-03-08	2024-02-11
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:45 Times Seen24 Hash 6b69f5e370ada113969be71ca3be15b8 5ea3c5bb08cf7ab6e5b964bc9da5067ea12ed719 5b17e2375e47787d826e08cb17065fa75929abf182c86a485dc5709ea798f2be Loading...

	za.gl/0iFJf	231 B	2023-03-08	2023-07-09
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-07-09 00:24:52 Times Seen19 Hash 8dc5c566219cfcc854b4532904fb6990 5bb002a4d9b6e58f933a39f0f5dd872626277109 c1a2fdd3aa9fd6093fbfc584a8cce0c073c05eb13ddafc54d781cebefc34296b Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	za.gl/vendor/bootstrap/js/bootstrap.min.js?ver=6.0.35	37 kB	2023-03-07	2024-04-26
Pretty URL za.gl/vendor/bootstrap/js/bootstrap.min.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-26 12:56:52 Times Seen54684 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	polyfill.io/v3/polyfill.js?features=Intl%2Cfetch	241 B	2023-03-08	2023-03-13
Pretty URL polyfill.io/v3/polyfill.js?features=Intl%2Cfetch IP 151.101.65.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash 0e5edc55f117cad930f46aa2e7cbd9a9 9992329c4599d663e1772f9a2a582b223ac67e35 b8fd7397496fb050cbb4dc9282804dd0ac75276477ec1b8603e23ed4d22d6f28 Loading...

	za.gl/new_vision_theme/js/front.js?ver=6.0.35	3.7 kB	2023-03-08	2024-02-11
Pretty URL za.gl/new_vision_theme/js/front.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:45 Times Seen30 Hash 127aa9c6e58812d0e4360189267f1af3 8107917380f6cd8f1b4c792c85e9b6d46d5f85bd b684a38a32bead7640659be8be6e21bb1318b7dbee16544c9c6a671d12f7deac Loading...

	metredesculic.com/1clkn/14927	6 B	2023-03-07	2024-04-26
Pretty URL metredesculic.com/1clkn/14927 IP 23.109.248.169 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-04-26 11:01:41 Times Seen13631 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	za.gl/sha256.js	6.6 kB	2023-03-08	2024-02-11
Pretty URL za.gl/sha256.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:45 Times Seen29 Hash 2cc365cf226fcd03e5f84c9f5351666e 2c2d4a57092d0b72f873aa158f9e78a8652d3e28 58248b6ef6302e6acb8173fe9a35918794e1a6a86d0bdb006927d8ec01ffcd35 Loading...

	za.gl/0iFJf	243 B	2023-03-08	2024-02-11
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:45 Times Seen24 Hash 52542741c81f8ecc39a79d0f92259e6f b06faaa0c462ea352b48b5dbc82a8b7a00726eaf aa0f41ba6b2262956ae19cc60609450a7da7851f15cc1e99110b48743c6f6d53 Loading...

	za.gl/vendor/clipboard.min.js?ver=6.0.35	11 kB	2023-03-07	2024-04-06
Pretty URL za.gl/vendor/clipboard.min.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:51 Last Seen2024-04-06 21:42:50 Times Seen234 Hash e77a83c01eb89942d5ae12a79183a741 d4c23f3a7e2f18585ea69e626a77fac782ea6f23 125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141 Loading...

	za.gl/0iFJf	270 B	2023-03-08	2024-02-11
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-02-11 16:06:44 Times Seen24 Hash 584b5071f7bd3d88115d366f9a770392 8d5ff888d7d332c36206ba5c664e940a9ff17c29 71d0b62bdf8965a3ea83bf5ef8c0c82fa6a4900f3541fa7f1bc7134462828d1a Loading...

	za.gl/0iFJf	475 B	2023-03-08	2023-03-13
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash c957004791a1c88f07fad443c4cf0103 df387f0103a68a8cd002a610e143dedc7dda46ef c61f91249095af7ad1ad3d083acbee9b76ca918e3a9380402d8d87289e5b5476 Loading...

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js	412 kB	2023-03-13	2023-03-14
Pretty URL www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:27 Last Seen2023-03-14 08:38:41 Times Seen1 Hash d2aff4cd4e40d9bfa2c1f818bcad7ce2 4cc960f771819bccd4783520506e3909e8ec0fcd d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba Loading...

	http:blank	659 B	2023-03-10	2023-04-17
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:34:45 Last Seen2023-04-17 21:28:58 Times Seen2 Hash d9590722812234dacb8aac7c5d3585a5 84728e178825b6a5ccba228f0ec644ed37a7669a ace514839017806dd081c3ebf7b2c0d16b85f070da4886e8913bfc020d6106d3 Loading...

	za.gl/vendor/wow.min.js?ver=6.0.35	8.2 kB	2023-03-07	2024-04-24
Pretty URL za.gl/vendor/wow.min.js?ver=6.0.35 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:38 Last Seen2024-04-24 15:29:32 Times Seen2087 Hash a26a117ff59c944bbb654bf506f69786 237c90127c99e91347536835096276b0add6d018 cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5 Loading...

	cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.js	84 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:42 Last Seen2024-04-25 01:05:14 Times Seen1570 Hash 99cf8430b8d81c268269760118ec31a4 3fec23eeb6e45407f1fa1d38cf1cd3d463dd1f7a 430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d Loading...

	za.gl/lz-string.min.js	4.7 kB	2023-03-08	2024-03-08
Pretty URL za.gl/lz-string.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2024-03-08 15:15:00 Times Seen51 Hash 20a5177b861a4e4523664d689412d0b7 d0f9a1b384ac8517e80c90d937782a30cb06e00b 4c09d32507760252ea4fd3364d4ec61639e88fd4887f02de667a44b4b90feb6e Loading...

	za.gl/0iFJf	155 B	2023-03-08	2023-03-13
Pretty URL za.gl/0iFJf IP 104.26.5.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:37 Last Seen2023-03-13 15:59:39 Times Seen1 Hash d702c9cac95a57aeede12903e6d3445e 2a93876bc1f5fbb76840644c2c98695b735b5386 d016ae1e57c6e60777647838b5bdd0b5ccd96204c42c2a1b220d2e394e21c1d1 Loading...

HTTP Transactions (83)

URL IP Response Size

za.gl/0iFJf

104.26.5.66

301 Moved Permanently

0 B

URL HTTP/1.1
za.gl/0iFJf
IP
104.26.5.66:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0iFJf HTTP/1.1
Host: za.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 18:00:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 Feb 2023 19:00:53 GMT
Location: https://za.gl/0iFJf
Server-Timing: cf-q-config;dur=5.9999983932357e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uBr5hznhpBGm896oMony8ND9K%2BBvz0eNr2SPcujPIrSvastevH72lT4%2BwveXmj5rFATNf1aq7QD3xmdUag70DhBgG3t0vsNa9q9gWGWtCEaM3LuAXRg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793d11941b801c12-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4157
Expires: Fri, 03 Feb 2023 19:10:10 GMT
Date: Fri, 03 Feb 2023 18:00:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17836
Expires: Fri, 03 Feb 2023 22:58:09 GMT
Date: Fri, 03 Feb 2023 18:00:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9250
Expires: Fri, 03 Feb 2023 20:35:03 GMT
Date: Fri, 03 Feb 2023 18:00:53 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 17:43:35 GMT
content-type: application/json
age: 1038
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: nB7WoDn34wLM2/0eaLt1M1gux+FStgp932/FKuVQeEfIVOHn4He4YytMEWa+8dCgYHfsWdz4ECnoYrLVBEHeHw==
x-amz-request-id: 3M9E0PH5AB275ME3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 17:23:37 GMT
age: 2236
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:00:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js

104.17.25.14

200 OK

4.3 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (548)
Size
4.3 kB (4256 bytes)
Hash
4dc1890d39b14772f9579894d823296e
ae5c8609bcf332695e4669f817c91a20a81e3208
e8280ea3c6c000fb1d319cc116e7ebe934818e2091fcf87dd6cc450b62d00b48

HTTP Headers

GET /ajax/libs/crypto-js/3.1.2/rollups/aes.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 4256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-3430"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 14394
expires: Wed, 24 Jan 2024 18:00:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFf3xBtsGdLjjc11HvNFhVFe1ygaZP4HjujRbT7Z7v4bi2izYu5bVnIbvj72EOMYILjyJpmVmsrG4Gm117bhnFq3sI3Ikoq%2BhCuu2sz%2FvcNoKd0mEOa36PjjYUTC04pXVYxc%2F%2BLW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793d11997f031c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

za.gl/0iFJf

104.26.5.66

200 OK

30 kB

URL HTTP/2
za.gl/0iFJf
IP
104.26.5.66:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6874), with CRLF, LF line terminators
Size
30 kB (30362 bytes)
Hash
1f76a71f254049d486bde8bbf0e82114
dfd2dc3d66abd7e0281694ec0677b6e68d71501a
d5d908fc1f97af74c0469235851d026f17a75c0b42086e06bee0770f8a02f585

HTTP Headers

GET /0iFJf HTTP/1.1
Host: za.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:53 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: AppSession=tm16grpu81crfc68tndcllrhg6; path=/; HttpOnly
zagl_publisher=472804; expires=Fri, 03-Feb-2023 18:01:53 GMT; Max-Age=60; path=/
scr=0.45; expires=Fri, 03-Feb-2023 18:01:53 GMT; Max-Age=60; path=/
zagl_publisher=472804; expires=Fri, 03-Feb-2023 18:01:53 GMT; Max-Age=60; path=/
scr=0.45; expires=Fri, 03-Feb-2023 18:01:53 GMT; Max-Age=60; path=/
csrfToken=78123b139e1c3852fa7aa89337f1a91db6a162233d3ce329b383eb5d74f05b85d2479e296d013fa86b3d086b025c489469cdb9ba004c7daee8174208947f8200; path=/
visitor=Q2FrZQ%3D%3D.OWZjZGM2ZTM3MTM2ZDYwMDdiYzA3Yzk0Y2EyN2M3NWEyZjI3N2MyNTg1YmE5NDg3Y2JlYzYxMmRlZjg0ZmY4Zgt5W61I7m3yimhszdL%2FV20lcuP6HiZRPzD%2Fg2XA2pES6xNZxIZEubM0fyppCDTevINzmNbVwiKX2U1FsXz6vobPPSIZfV99NqGQuTnLazcc; expires=Sat, 04-Feb-2023 18:00:53 GMT; Max-Age=86400; path=/; HttpOnly
hash=Q2FrZQ%3D%3D.ODE4YWE1ODQyOGQ3YTc5NWUxOGIyMDM4ODE0NDk4ZDZhZmQ1NmJhNTQxMWFhM2IwY2VhYjkyNzM3MmNkNmU2N2OHAQUvbWc3T5t3%2BYmOCzk8eQXVMYNl3JX4d8r6wQLhdJQyij1TJoHFfSULE50kAAG8nI6szPZwmkgsu51%2Fo4Y%3D; expires=Fri, 03-Mar-2023 18:00:53 GMT; Max-Age=2419200; path=/
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iUBQ0y%2FssrRlgtm6RYMrPB2GuIfELt%2FDTW4HQJ66oi1xW3aDiOSDJRzCetMCf%2FyCATS2HICWS871A9VLC3laNKENYTpdR4391CCVtHkRfklqqLuSyUu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793d1196187ab4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16320
Expires: Fri, 03 Feb 2023 22:32:54 GMT
Date: Fri, 03 Feb 2023 18:00:54 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

553 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
553 B (553 bytes)
Hash
4ad3dcab44fc2948a18d0fd0a7a291b3
e6b296348836342ab3a43654cd71f3a3b0624ce5
d2cca857abce29c42385098a8b8d74c26b0df914f14a89ab49a42099de614e4c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4784
Cache-Control: max-age=136890
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Etag: "63dcace0-117"
Expires: Sun, 05 Feb 2023 08:02:24 GMT
Last-Modified: Fri, 03 Feb 2023 06:42:40 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

743 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
743 B (743 bytes)
Hash
517d529f0f6f62b909277a535f4a8e1e
37a2f7038da710f17f4c31819351a7d955dabe37
7b9afe618899ed0f8473dd1475ae425c94d4f6de4895ddc600e5631de25ca21c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

216.58.207.234

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32058)
Size
30 kB (30306 bytes)
Hash
fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 19:02:59 GMT
expires: Tue, 30 Jan 2024 19:02:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 341875
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 17:49:06 GMT
age: 708
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.164

200 OK

1.5 kB

URL HTTP/2
www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1513 bytes)
Hash
0b4f5bbaf04a573d7965f6871ac85c47
1e5f792ec1c68880f1abf782dd4fe982100a3c73
3e4d0b1446dc227027bdd8267667b21967a7549cd937e5b065f4fe203258406c

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Fri, 03 Feb 2023 18:00:54 GMT
date: Fri, 03 Feb 2023 18:00:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 581
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-120643151-1

172.217.21.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-120643151-1
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (43912 bytes)
Hash
aa39b1a99aa163156e524a39202b0b8d
fdbd62d11c6adbd75144b5db1cb91c905d9caefc
1b088f38260b2a5a5fa76e4cb75e07a730703fb602e2452b9770a0720643cae6

HTTP Headers

GET /gtag/js?id=UA-120643151-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 18:00:54 GMT
expires: Fri, 03 Feb 2023 18:00:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3

172.217.21.168

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19467)
Size
77 kB (77025 bytes)
Hash
617ec65820682a3ebabcd290078ff49f
879d36074ee4ceebf8b1973ecbb0cf94bae68cd6
d299adc47da7816274af56886b44088c1a3a364b01f579310618f705f0eddafe

HTTP Headers

GET /gtag/js?id=G-6QVVMFTPT3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 18:00:54 GMT
expires: Fri, 03 Feb 2023 18:00:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

2.8 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
2.8 kB (2815 bytes)
Hash
c49291b72e7b02cd0ca9b8988a94a094
5ebe5bcbf1e7bacdf3b5c8e4761be1eae86c2be9
c138146b33f872e3499778948710e67b3dfb0f408075bd6acea1cc5ded14e149

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

polyfill.io/v3/polyfill.js?features=Intl%2Cfetch

151.101.65.26

200 OK

613 B

URL HTTP/2
polyfill.io/v3/polyfill.js?features=Intl%2Cfetch
IP
151.101.65.26:0
ASN
#54113 FASTLY

File type
ASCII text
Size
613 B (613 bytes)
Hash
eb61cde893595318156a0e3af4289f9b
60c45f94824809d7f382d9e2042de95875aa5f80
e2ee61f7dfdec30a8c10539aff697f283a23e401b71f5ce18efdfdcdfeb9ea4e

HTTP Headers

GET /v3/polyfill.js?features=Intl%2Cfetch HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
last-modified: Fri, 03 Feb 2023 05:21:24 GMT
content-encoding: br
useragent_normaliser: firefox/105.0.0
age: 0
date: Fri, 03 Feb 2023 18:00:54 GMT
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=195
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

200 OK

32 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
32 kB (32415 bytes)
Hash
bc1c456b86cae32ec4dff9d5bf61e015
3ce0deac5302657c77bba7750e07ee01fe259fda
2f19b1b18957bd5147d47c4cddb2e7e20d3776e4ed08b2abed59d19217c7855c

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:00:54 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "347E140F06BA447E1BFA43ACF670D25E8E7B2BD5"
Expires: Sat, 04 Feb 2023 04:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2775
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793d119b6df7b51d-OSL

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

4.6 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
4.6 kB (4550 bytes)
Hash
18790f0c8256cc853392955ceae7b2bb
b85d39e2eea50d0039ea84868e6b1eeb1858743a
4023c07b5b26e847633efddb8e4e9d60b0287de46ea1f07ada0caa40c961be7f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.149.156.115

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.156.115:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rKZJ9ayI/j66e/1P2y8TKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5ocDE/TImKE19jH0nYjmAjpq5d4=

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2

216.58.207.227

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18212, version 1.0\012- data
Size
18 kB (18212 bytes)
Hash
ca72fb4e277e59be50b8850190822581
159b97b22006fe2a483da0a13d33cfb3cc5aa031
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c

HTTP Headers

GET /s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:05:58 GMT
expires: Fri, 02 Feb 2024 10:05:58 GMT
cache-control: public, max-age=31536000
age: 114896
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2

216.58.207.227

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data
Size
18 kB (18096 bytes)
Hash
f29503a1895affee5ed85d0246238af8
f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821

HTTP Headers

GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:47:25 GMT
expires: Wed, 31 Jan 2024 09:47:25 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
age: 288809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9989815a8a2bea61a8e83ec08d8757be
c326d76322db9fa8cde9c0b6f4866a408ea4bdda
e3f54bdb13f536d747a2d35bbd3dabc9d415a577cbc221226281c2f6e7ff1e53

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3F54BDB13F536D747A2D35BBD3DABC9D415A577CBC221226281C2F6E7FF1E53"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Sat, 04 Feb 2023 00:00:40 GMT
Date: Fri, 03 Feb 2023 18:00:54 GMT
Connection: keep-alive

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8f900b4d23d4d09745209ce94f193db7
c6afecb168f239097c2aa94f4f1a812eb5ff7fad
2b0e2bbc284db36cd9ea85b67edb36ac4fd028833acc812e93a3f2d9443f2408

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 18:00:54 GMT
Last-Modified: Fri, 03 Feb 2023 17:25:20 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zmdr8CBvrnI92P50JtlgZ2KtHb_rlUPMJk64uSjyw469je7JY7-fOg==
Age: 2134

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

metredesculic.com/1clkn/14927

23.109.248.169

200 OK

26 B

URL HTTP/1.1
metredesculic.com/1clkn/14927
IP
23.109.248.169:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa

HTTP Headers

GET /1clkn/14927 HTTP/1.1
Host: metredesculic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:00:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 04-Feb-2023 18:00:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Sat, 04-Feb-2023 18:00:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 17:44:08 GMT
expires: Fri, 03 Feb 2023 19:44:08 GMT
cache-control: public, max-age=7200
age: 1006
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

142.250.74.35

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (633)
Size
164 kB (163841 bytes)
Hash
fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a

HTTP Headers

GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 292063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c3ef31517a383dcca1bb77d881c8d5bf
8a76375661b9b424963c88a1dd2f62b9e10e8143
e0a56ceb58d55470d3bbcee3d780a8df6d27a64d806726a2224f92fb6e45211b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0A56CEB58D55470D3BBCEE3D780A8DF6D27A64D806726A2224F92FB6E45211B"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 00:00:55 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
82fd61bd95147238019d385fd2d4fdd0
e6313454e0687f23f42ed0d42d2dbaf286992d3c
26ca3105134b45fb3c8795cdedbabf995eb7d00d99b312b40cc66204535940ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CA3105134B45FB3C8795CDEDBABF995EB7D00D99B312B40CC66204535940ED"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 00:00:55 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive

region1.google-analytics.com/g/collect?v=2&tid=G-6QVVMFTPT3&gtm=45je3210&_p=280750025&cid=356934552.1675447286&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675447286&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2F0iFJf&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-6QVVMFTPT3&gtm=45je3210&_p=280750025&cid=356934552.1675447286&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675447286&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2F0iFJf&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-6QVVMFTPT3&gtm=45je3210&_p=280750025&cid=356934552.1675447286&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675447286&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2F0iFJf&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://za.gl
date: Fri, 03 Feb 2023 18:00:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js

192.243.59.20

200 OK

13 kB

URL HTTP/1.1
fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37172), with no line terminators
Size
13 kB (13431 bytes)
Hash
6579205ef008f54d8a5e9bf84a988a53
1912e7db249e984a50adb04690cdf53101a5a060
7aec9d3abda569834100635655e1fc102dc7f60aa8ebca5a6c991ff91b02bc4e

HTTP Headers

GET /3e/c0/90/3ec0905094195898e97f189a6f59b52b.js HTTP/1.1
Host: fishermanslush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 18:00:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25ded1cc2ada7927103bd5bf6673bd18
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.33.119.27

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
e70e9e5d74eea4fe2727fac986865133
0b1a570e9520def8578d434b6ea0cbf204a58098
ac8d96ba934b1a398256d1b309d27f6f028575ea4dd88678d0c83d2688bf86fb

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AC8D96BA934B1A398256D1B309D27F6F028575EA4DD88678D0C83D2688BF86FB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16611
Expires: Fri, 03 Feb 2023 22:37:46 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive

fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js

192.243.59.20

200 OK

23 kB

URL HTTP/1.1
fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
23 kB (23440 bytes)
Hash
781c8227e442c833c61995cb9519a0d9
30f13dcf609fbece04252b137a82b4465c1b81c3
0c68a5f21f17035112989a77555fa3f39ccd1b3ee5305d2040473cf7ecb2087c

HTTP Headers

GET /ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js HTTP/1.1
Host: fishermanslush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 18:00:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c5cf2aafad499cd098486626c99eb2c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

474 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
474 B (474 bytes)
Hash
00dacb8dcfe14ecd6de5965dbc8622d9
9ba4207a00db50dceeaa998c35311567308f7b83
0c64f9090c8c5439c26d0e40a0be7e8795f8417ad6d3afea1afc999fdfed4e54

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 18:00:55 GMT
Last-Modified: Fri, 03 Feb 2023 16:56:17 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: md3tybVf5D_PwD5629o6jWnPVEP79ulNKQoe9ITsZeGmsWMMRsK6TA==
Age: 3878

simplewebanalysis.com/stats

3.120.47.42

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.120.47.42:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
fa3624bc84580086bddb67ca5bbe6262
d4b513ab6ddd508cc7dea13ca61da698bfd0e0bc
d00f09cc774b94c2292539a25f112348d04d6febd5b779b7c8e6da9725e125d2

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://za.gl
access-control-allow-credentials: true
set-cookie: uid_id2=4c2344e2-af03-4684-a6b4-1596f4983cb7:1:1; expires=Mon, 31 Jan 2033 18:00:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

3.120.47.42

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.120.47.42:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
66da7221c719d977bfd9dd068eeb11e7
71116c9bbf15166dc6b1b5cfb7b66c6229071403
0917c25f1dd8137cedd50a2bf9419b08405a2bba9ef4eecf2e9105b04a30813c

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://za.gl
access-control-allow-credentials: true
set-cookie: uid_id2=4df99663-9288-4d6a-8d15-fe075eb12534:3:1; expires=Mon, 31 Jan 2033 18:00:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.203.23

200 OK

28 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
172.64.203.23:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27464 bytes)
Hash
f02d180e0deac3d69312e6f91743f239
4df63c4403df593849b9eb78cea56abaad14aa37
18e0853c92f1da16372ee313bb402dbfddb0df9e5ab1d7a3c859d1cad9406cc2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:55 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2f260f2781033cd08ca408155c58abfa
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 Feb 2023 18:00:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjAZRzeiBMTtKVw8AhPSEjAYvmHH8xvNVrbesaUhgnrq5CPX208yIc8Lw%2FvQSZIz7AtOGHHTGtmG%2FniOMX%2F6nZq3fU6uHo69PrATLW13pOmYKn9bR1VPU5qxo%2BwJmibwLZK5M40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d11a368354084-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf963d54bd13560b2590d8397b99e265
c1afab79363f559cd3b44d7e88a473638628cae6
f2ecaee084b969c4893660a0da3130da592303384d33c98a70e2ab617335c567

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2ECAEE084B969C4893660A0DA3130DA592303384D33C98A70E2AB617335C567"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13349
Expires: Fri, 03 Feb 2023 21:43:24 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10971 bytes)
Hash
24261df857fd20898ed41615ff44efd2
5ebaae7786e95f6daf7e837ce741f96611a64335
b947696fced12e35736691fb27c5cc4ddb28e4b4781cfbb69b8b4011b84aca5b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10971
x-amzn-requestid: 87d6a618-4ddf-4e40-aaeb-f6e38c274c23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feH0jHisoAMFgpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58683-2de413f446505ec44ab2a390;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:33:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSK5RmNEDZxTn_J6zk6eGwhUexiPYxHRnvs7h0DtRM-fXMJ1QsmtHw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 09:43:13 GMT
age: 29862
etag: "5ebaae7786e95f6daf7e837ce741f96611a64335"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10166 bytes)
Hash
2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 70382
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5641 bytes)
Hash
d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 70326
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14071 bytes)
Hash
9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aTs6L8dJENFRdtBn7ggAbY5yaYRAzSY2B0bmElV4YNPrJg-KRDAyNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 72840
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 47255
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 63352
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

naveljutmistress.com/pixel/purst?dl=0&th=0&sc=0&rs=2653&rd=2653&fd=1348&bv=22.10.v.9&tmpl=70

192.243.61.225

200 OK

0 B

URL HTTP/1.1
naveljutmistress.com/pixel/purst?dl=0&th=0&sc=0&rs=2653&rd=2653&fd=1348&bv=22.10.v.9&tmpl=70
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2653&rd=2653&fd=1348&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fee867d660e7db4f404f9d19666d1a06
db98da7eacd4966c62c7f688e10921fc71579bce
6d54bae814fa49d7b9f10b42371f23af095338193032f711af9eef02dd814534

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D54BAE814FA49D7B9F10B42371F23AF095338193032F711AF9EEF02DD814534"
Last-Modified: Thu, 02 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5046
Expires: Fri, 03 Feb 2023 19:25:02 GMT
Date: Fri, 03 Feb 2023 18:00:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47d3156a01937914d3788651a5a1df4e
9f757e95fa9ba9ea3949d29f2617040b3088464a
95796fa7ec26c1f9f6f4d1503b0034405e323786758ae835de2ae53f6e378ec5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95796FA7EC26C1F9F6F4D1503B0034405E323786758AE835DE2AE53F6E378EC5"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14676
Expires: Fri, 03 Feb 2023 22:05:32 GMT
Date: Fri, 03 Feb 2023 18:00:56 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 93b3f4c6225bca4ab94f4c975b952ae2
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c623469559151d157d9b47e73ab3da8
Strict-Transport-Security: max-age=0; includeSubdomains

inflectedminimalbits.com/sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=4c2344e2-af03-4684-a6b4-1596f4983cb7%3A1%3A1

173.233.137.60

200 OK

4.4 kB

URL HTTP/1.1
inflectedminimalbits.com/sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=4c2344e2-af03-4684-a6b4-1596f4983cb7%3A1%3A1
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (6037), with no line terminators
Size
4.4 kB (4372 bytes)
Hash
f490c33b679868ff0d16a1cfc81be2de
d5b7e7503ca980a1ae2ec26a9a2018dfcfd9fdae
b2aea4b3ea933f0226f2b5ba4db926cd825141d57cb98f2be608e1cbc02aaaad

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=4c2344e2-af03-4684-a6b4-1596f4983cb7%3A1%3A1 HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:56 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://za.gl
Access-Control-Allow-Origin: https://za.gl
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16908321; expires=Sat, 04 Feb 2023 18:00:56 GMT; secure; SameSite=None
uid_id2=4c2344e2-af03-4684-a6b4-1596f4983cb7:1:1; expires=Fri, 10 Feb 2023 18:00:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 18:00:56 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 18:00:56 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 04 Feb 2023 18:00:56 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 04 Feb 2023 18:00:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d31abc1616e89a0e75d6b6b0d9592a17
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

inflectedminimalbits.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxReeTfO7%2FJBQQVw4IAziUCTi7Nq7trcVqgglKGpJo7YoFy4zs7POkPHOambX6%2FgUUQnlgKi5cdx8ThoBFaJ%2FABLacEG5UHOAHJp%2FAsEZ2bFkeNLue2%2B%2Bd%2Fje973PD%2FML4iKn51sf6aFUiq4Gdbd2bVsmkS5sbfNBzXPr7o3atkxa%2Fo3aYPoz%2FeueG9Tdt2sfCr6rVxuu57qe69XWpRGxHqzOUMj0SejVQ7fuN%2Bpe4GNg%2Ftvb3IGlDqL%2BBXkZMpr8b%2BeXp5C8QtL74Zawu5lO3%2FmglyuaaYN%2BdPJxspvoIkFvUcbGQZyczKeh7YSQr5egk5P5BtD9o%2BkGYHJCnN89sORkThOsf3zJlCmIBCx6AUW%2FglAVJK3A9UPI6BkBeITNu0h6jze1KejeJUqn6IQs%2F%2F0nZDEhy89fQdL7fk3JQe2%2BVnkmdWIxiEvIQQXZrZDmp8iGDmRxCp59BhkRJL0SMjp%2Fy%2BeNpu%2BLxgqN3eaK3%2Br4K7TF%2FBUvCFuxH3aanLVn0khZQcYVlBiBWgf59JMO8thBnjroRec1GoSx67ZjFjebHZ9z3mxyHnRaURA1%2FU7sIudT7iNk6QhcjcDNPlKzj105gsl%2Fgt0pYSMHNiPoRyUKQVBYgoISFJKgyAiKfnkcKduw5eNI2Zx589yY52Y51ln3kB7rrCsScphekJemgjlL5A3sivNaU3A3dAM39L0w6IQdEbZjrxPSVhyELGgwWFlC2qXZmsOpe786SKe5uApGT2HVKbi8Cpq%2FBlqM2w0XdGfsd1wMk%2BMhrXcVIl0izZaR7TmH6oK8OnPs%2BrsvQvCzm5NHn1z7q3oEbkqkpsSn8meCrjoY39MFObqnC0ue3k0z2ZNDOnXzfkYzceXb22Kv0CbauGVH37zHp8C0fPJA2OwOTSKZdC35bk1GkTDr2nBBftyw24Jt5XZnLTdJnt7Zen99o5caYa3USQUqn9kvwOWE%2FP%2Fgy9mdvv5mCmkqmLxELz8j84DUFXi6D5su2FtNYNRihqUOirwcmwZbPCpJoMSip6yE%2FVfPFvWhPUDXOKDZw9l19k2JvipB1Qg2vzLOUnN287fmLMCUM2bKOEdMGfXVpbRWntdEELuxcBuCxSGL29SNwtgPGQ090WYB9ZDZCX9%2B%2B49%2FAAAA%2F%2F8BAAD%2F%2F1R8u0J%2FBAAA

173.233.137.60

200 OK

7 B

URL HTTP/1.1
inflectedminimalbits.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxReeTfO7%2FJBQQVw4IAziUCTi7Nq7trcVqgglKGpJo7YoFy4zs7POkPHOambX6%2FgUUQnlgKi5cdx8ThoBFaJ%2FABLacEG5UHOAHJp%2FAsEZ2bFkeNLue2%2B%2Bd%2Fje973PD%2FML4iKn51sf6aFUiq4Gdbd2bVsmkS5sbfNBzXPr7o3atkxa%2Fo3aYPoz%2FeueG9Tdt2sfCr6rVxuu57qe69XWpRGxHqzOUMj0SejVQ7fuN%2Bpe4GNg%2Ftvb3IGlDqL%2BBXkZMpr8b%2BeXp5C8QtL74Zawu5lO3%2FmglyuaaYN%2BdPJxspvoIkFvUcbGQZyczKeh7YSQr5egk5P5BtD9o%2BkGYHJCnN89sORkThOsf3zJlCmIBCx6AUW%2FglAVJK3A9UPI6BkBeITNu0h6jze1KejeJUqn6IQs%2F%2F0nZDEhy89fQdL7fk3JQe2%2BVnkmdWIxiEvIQQXZrZDmp8iGDmRxCp59BhkRJL0SMjp%2Fy%2BeNpu%2BLxgqN3eaK3%2Br4K7TF%2FBUvCFuxH3aanLVn0khZQcYVlBiBWgf59JMO8thBnjroRec1GoSx67ZjFjebHZ9z3mxyHnRaURA1%2FU7sIudT7iNk6QhcjcDNPlKzj105gsl%2Fgt0pYSMHNiPoRyUKQVBYgoISFJKgyAiKfnkcKduw5eNI2Zx589yY52Y51ln3kB7rrCsScphekJemgjlL5A3sivNaU3A3dAM39L0w6IQdEbZjrxPSVhyELGgwWFlC2qXZmsOpe786SKe5uApGT2HVKbi8Cpq%2FBlqM2w0XdGfsd1wMk%2BMhrXcVIl0izZaR7TmH6oK8OnPs%2BrsvQvCzm5NHn1z7q3oEbkqkpsSn8meCrjoY39MFObqnC0ue3k0z2ZNDOnXzfkYzceXb22Kv0CbauGVH37zHp8C0fPJA2OwOTSKZdC35bk1GkTDr2nBBftyw24Jt5XZnLTdJnt7Zen99o5caYa3USQUqn9kvwOWE%2FP%2Fgy9mdvv5mCmkqmLxELz8j84DUFXi6D5su2FtNYNRihqUOirwcmwZbPCpJoMSip6yE%2FVfPFvWhPUDXOKDZw9l19k2JvipB1Qg2vzLOUnN287fmLMCUM2bKOEdMGfXVpbRWntdEELuxcBuCxSGL29SNwtgPGQ090WYB9ZDZCX9%2B%2B49%2FAAAA%2F%2F8BAAD%2F%2F1R8u0J%2FBAAA
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxReeTfO7%2FJBQQVw4IAziUCTi7Nq7trcVqgglKGpJo7YoFy4zs7POkPHOambX6%2FgUUQnlgKi5cdx8ThoBFaJ%2FABLacEG5UHOAHJp%2FAsEZ2bFkeNLue2%2B%2Bd%2Fje973PD%2FML4iKn51sf6aFUiq4Gdbd2bVsmkS5sbfNBzXPr7o3atkxa%2Fo3aYPoz%2FeueG9Tdt2sfCr6rVxuu57qe69XWpRGxHqzOUMj0SejVQ7fuN%2Bpe4GNg%2Ftvb3IGlDqL%2BBXkZMpr8b%2BeXp5C8QtL74Zawu5lO3%2FmglyuaaYN%2BdPJxspvoIkFvUcbGQZyczKeh7YSQr5egk5P5BtD9o%2BkGYHJCnN89sORkThOsf3zJlCmIBCx6AUW%2FglAVJK3A9UPI6BkBeITNu0h6jze1KejeJUqn6IQs%2F%2F0nZDEhy89fQdL7fk3JQe2%2BVnkmdWIxiEvIQQXZrZDmp8iGDmRxCp59BhkRJL0SMjp%2Fy%2BeNpu%2BLxgqN3eaK3%2Br4K7TF%2FBUvCFuxH3aanLVn0khZQcYVlBiBWgf59JMO8thBnjroRec1GoSx67ZjFjebHZ9z3mxyHnRaURA1%2FU7sIudT7iNk6QhcjcDNPlKzj105gsl%2Fgt0pYSMHNiPoRyUKQVBYgoISFJKgyAiKfnkcKduw5eNI2Zx589yY52Y51ln3kB7rrCsScphekJemgjlL5A3sivNaU3A3dAM39L0w6IQdEbZjrxPSVhyELGgwWFlC2qXZmsOpe786SKe5uApGT2HVKbi8Cpq%2FBlqM2w0XdGfsd1wMk%2BMhrXcVIl0izZaR7TmH6oK8OnPs%2BrsvQvCzm5NHn1z7q3oEbkqkpsSn8meCrjoY39MFObqnC0ue3k0z2ZNDOnXzfkYzceXb22Kv0CbauGVH37zHp8C0fPJA2OwOTSKZdC35bk1GkTDr2nBBftyw24Jt5XZnLTdJnt7Zen99o5caYa3USQUqn9kvwOWE%2FP%2Fgy9mdvv5mCmkqmLxELz8j84DUFXi6D5su2FtNYNRihqUOirwcmwZbPCpJoMSip6yE%2FVfPFvWhPUDXOKDZw9l19k2JvipB1Qg2vzLOUnN287fmLMCUM2bKOEdMGfXVpbRWntdEELuxcBuCxSGL29SNwtgPGQ090WYB9ZDZCX9%2B%2B49%2FAAAA%2F%2F8BAAD%2F%2F1R8u0J%2FBAAA HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=4c2344e2-af03-4684-a6b4-1596f4983cb7:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2b6adcce8124ddcc444e62e7b8442dc4
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358c0cc441f7401b74509340db8b0014
19c0c7970d9a01d09daa48fd89a756d3da76a4d8
f4b0f1711cc67ff151c6ce05827d1663b2569b55a669e8bb4a1dd21b3972dfea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4B0F1711CC67FF151C6CE05827D1663B2569B55A669E8BB4A1DD21B3972DFEA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4673
Expires: Fri, 03 Feb 2023 19:18:50 GMT
Date: Fri, 03 Feb 2023 18:00:57 GMT
Connection: keep-alive

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e1326b1d0b68cc5f9b8efc40c36f9231
d3578c1a32fbc184b8169373299d315ca68b2f12
25c07b57c23f9ecc3499e3f95c6f44c74a532a1ac521562c689d665a29fc9614

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "25C07B57C23F9ECC3499E3F95C6F44C74A532A1AC521562C689D665A29FC9614"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10347
Expires: Fri, 03 Feb 2023 20:53:24 GMT
Date: Fri, 03 Feb 2023 18:00:57 GMT
Connection: keep-alive

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e1326b1d0b68cc5f9b8efc40c36f9231
d3578c1a32fbc184b8169373299d315ca68b2f12
25c07b57c23f9ecc3499e3f95c6f44c74a532a1ac521562c689d665a29fc9614

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "25C07B57C23F9ECC3499E3F95C6F44C74A532A1AC521562C689D665A29FC9614"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10347
Expires: Fri, 03 Feb 2023 20:53:24 GMT
Date: Fri, 03 Feb 2023 18:00:57 GMT
Connection: keep-alive

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e1326b1d0b68cc5f9b8efc40c36f9231
d3578c1a32fbc184b8169373299d315ca68b2f12
25c07b57c23f9ecc3499e3f95c6f44c74a532a1ac521562c689d665a29fc9614

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "25C07B57C23F9ECC3499E3F95C6F44C74A532A1AC521562C689D665A29FC9614"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10347
Expires: Fri, 03 Feb 2023 20:53:24 GMT
Date: Fri, 03 Feb 2023 18:00:57 GMT
Connection: keep-alive

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e1326b1d0b68cc5f9b8efc40c36f9231
d3578c1a32fbc184b8169373299d315ca68b2f12
25c07b57c23f9ecc3499e3f95c6f44c74a532a1ac521562c689d665a29fc9614

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "25C07B57C23F9ECC3499E3F95C6F44C74A532A1AC521562C689D665A29FC9614"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10347
Expires: Fri, 03 Feb 2023 20:53:24 GMT
Date: Fri, 03 Feb 2023 18:00:57 GMT
Connection: keep-alive

cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg

172.64.166.9

200 OK

1.1 kB

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1088 bytes)
Hash
edb1d59c5b13639d5887c988790fc2bf
db08b7c62a65d991388dd066e3310e8bb7eccb29
9c35585d5916b83a40ca44cae8b94151456302cccbdc19116673a4ac2532b581

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 700916
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bp963XT%2BsdhCZZidhJUsnOa0ve9Dq2ZllnZF79aQMd%2BUGGRzN5xrN4bZ%2BXeAUs68%2BdfwLeeIw4kwhbVsJ13CqReWZ9tvHfBwqungpfwbMNiNst5pLI2DTKW8GoCGh2xKJ0QcM5HBIfq8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d11aedbe9718c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/88/20/d7/8820d768c143122c4a8f72673febf558/1669388682.png

45.133.44.9

200 OK

77 kB

URL HTTP/2
cdn.cloudimagesb.com/si/88/20/d7/8820d768c143122c4a8f72673febf558/1669388682.png
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
77 kB (76891 bytes)
Hash
26cea52015acfd8c5d5a865936fc6a31
54d4ceb358870ea19f8feff669b5d55eb2f1498c
0ad3d172d193c3d75d6df7486d1b2ffa211c553184ad29e3eaba421f01776043

HTTP Headers

GET /si/88/20/d7/8820d768c143122c4a8f72673febf558/1669388682.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: image/png
content-length: 76891
server: nginx/1.17.6
last-modified: Fri, 25 Nov 2022 15:04:51 GMT
etag: "6380d993-12c5b"
expires: Sun, 05 Feb 2023 18:00:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 276711
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 417537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

inflectedminimalbits.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwY%2FbxBcet%2F1dfkioIC4cEAFxKBKb2rGd2K1QRSlFVUtbtUV74TKeGWeHnXisGTvO5rSiEtoDouHG0ftltyugQvQPQEJeLmgvNBxgD91%2FAsEZJRsp8CT7vTffO3zv%2B97nu%2BUJcVHS47sf6bFUil4M227rwrrMuK5s6%2FaDlue23cutdZl1g8ut0fxnhpc8N2y7b7c%2BFGxTX%2By4nut6rte6Lo1I9ejiAoXMn8ReO3bbQafthQFG5r%2B9LR1Y6oAPT8jLkHz2v41fnkKyBtngh2vCbhY6f%2BeDQalooQ2G%2FODjbDPTVYbBqkyNgzQ7WE5D2xkhX5%2BBzg6WG0AP9%2BYbIJEz4vzuIckOljSRDPdPmSYKIkPCX0A1bCBUA0kbMP0Qkj8jAOO4fQfZ4PFtbSq6dYrSOToj5%2F7%2BE7KakXPPX0E2%2BP6qkqPWfa3KQurMYpTWkKMGst8gLw9RjB3I6hCs%2BAySE2SDGpIfvxWwjh8EorNGU9dfC7pRsEa7SbDmhXE3DeLIZ0lvIY2UDWTaQIkJqHVQzj%2FpoEwdlLmDAT9u0TBOXbeXJqnvRwFjzPcZC6MuD7kfRKmLks25T1DkEzA1ATPbyM02NuUEpvwJdqOG5Q5sQTDkNSpBUFmCihJUkqAqCKphvc%2BV7dj6MVe2TLxl7iyzX0910d%2Bl%2B7roi4zs5ifkpblgzhnyBjbFccsXzI3d0I0DLw6jOBJxL%2FWimHbTME7CTgIra0h7ZrHmeO7erw7yea7OI6GHsOoQTJ4HLV8Draa9jgu6MQ0iF%2BNsf0zbfQWua%2BTFORRbzq46Ia8uHLv07osQ7OjK7NEnF%2F5qHoGZGrmp8an8maCvdqb3dEX27unKkqd38kIO5JjO3bxf0EKc%2Ffam2Kq04Teu2ck377E5MC%2BfPBC2uEUzLrO%2BJd9dlZwLc10bJsiPN%2By6SO6WduNqabIyv3X3%2Fes3BrkR1kqdNaDymf0CTM7I%2F3e%2BXNzp62%2FmkKaBKWsMyiOyDEjdgOXbsPmKvdUERq1mktxBVdZT00lWj0oSKLHqaVLD%2FqtPVvWu3UHfOKDFw8V1Dk2NoapB1QS2PDstcnN05Td%2FEUiUM02UcfYSZdRXp9JaedwKvUBESdRjnCeCca%2FX8SPfdTucB71YeDEKO2PPb%2F7xDwAAAP%2F%2FAQAA%2F%2F9AdDWkfwQAAA%3D%3D

173.233.137.60

200 OK

7 B

URL HTTP/1.1
inflectedminimalbits.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwY%2FbxBcet%2F1dfkioIC4cEAFxKBKb2rGd2K1QRSlFVUtbtUV74TKeGWeHnXisGTvO5rSiEtoDouHG0ftltyugQvQPQEJeLmgvNBxgD91%2FAsEZJRsp8CT7vTffO3zv%2B97nu%2BUJcVHS47sf6bFUil4M227rwrrMuK5s6%2FaDlue23cutdZl1g8ut0fxnhpc8N2y7b7c%2BFGxTX%2By4nut6rte6Lo1I9ejiAoXMn8ReO3bbQafthQFG5r%2B9LR1Y6oAPT8jLkHz2v41fnkKyBtngh2vCbhY6f%2BeDQalooQ2G%2FODjbDPTVYbBqkyNgzQ7WE5D2xkhX5%2BBzg6WG0AP9%2BYbIJEz4vzuIckOljSRDPdPmSYKIkPCX0A1bCBUA0kbMP0Qkj8jAOO4fQfZ4PFtbSq6dYrSOToj5%2F7%2BE7KakXPPX0E2%2BP6qkqPWfa3KQurMYpTWkKMGst8gLw9RjB3I6hCs%2BAySE2SDGpIfvxWwjh8EorNGU9dfC7pRsEa7SbDmhXE3DeLIZ0lvIY2UDWTaQIkJqHVQzj%2FpoEwdlLmDAT9u0TBOXbeXJqnvRwFjzPcZC6MuD7kfRKmLks25T1DkEzA1ATPbyM02NuUEpvwJdqOG5Q5sQTDkNSpBUFmCihJUkqAqCKphvc%2BV7dj6MVe2TLxl7iyzX0910d%2Bl%2B7roi4zs5ifkpblgzhnyBjbFccsXzI3d0I0DLw6jOBJxL%2FWimHbTME7CTgIra0h7ZrHmeO7erw7yea7OI6GHsOoQTJ4HLV8Draa9jgu6MQ0iF%2BNsf0zbfQWua%2BTFORRbzq46Ia8uHLv07osQ7OjK7NEnF%2F5qHoGZGrmp8an8maCvdqb3dEX27unKkqd38kIO5JjO3bxf0EKc%2Ffam2Kq04Teu2ck377E5MC%2BfPBC2uEUzLrO%2BJd9dlZwLc10bJsiPN%2By6SO6WduNqabIyv3X3%2Fes3BrkR1kqdNaDymf0CTM7I%2F3e%2BXNzp62%2FmkKaBKWsMyiOyDEjdgOXbsPmKvdUERq1mktxBVdZT00lWj0oSKLHqaVLD%2FqtPVvWu3UHfOKDFw8V1Dk2NoapB1QS2PDstcnN05Td%2FEUiUM02UcfYSZdRXp9JaedwKvUBESdRjnCeCca%2FX8SPfdTucB71YeDEKO2PPb%2F7xDwAAAP%2F%2FAQAA%2F%2F9AdDWkfwQAAA%3D%3D
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSwY%2FbxBcet%2F1dfkioIC4cEAFxKBKb2rGd2K1QRSlFVUtbtUV74TKeGWeHnXisGTvO5rSiEtoDouHG0ftltyugQvQPQEJeLmgvNBxgD91%2FAsEZJRsp8CT7vTffO3zv%2B97nu%2BUJcVHS47sf6bFUil4M227rwrrMuK5s6%2FaDlue23cutdZl1g8ut0fxnhpc8N2y7b7c%2BFGxTX%2By4nut6rte6Lo1I9ejiAoXMn8ReO3bbQafthQFG5r%2B9LR1Y6oAPT8jLkHz2v41fnkKyBtngh2vCbhY6f%2BeDQalooQ2G%2FODjbDPTVYbBqkyNgzQ7WE5D2xkhX5%2BBzg6WG0AP9%2BYbIJEz4vzuIckOljSRDPdPmSYKIkPCX0A1bCBUA0kbMP0Qkj8jAOO4fQfZ4PFtbSq6dYrSOToj5%2F7%2BE7KakXPPX0E2%2BP6qkqPWfa3KQurMYpTWkKMGst8gLw9RjB3I6hCs%2BAySE2SDGpIfvxWwjh8EorNGU9dfC7pRsEa7SbDmhXE3DeLIZ0lvIY2UDWTaQIkJqHVQzj%2FpoEwdlLmDAT9u0TBOXbeXJqnvRwFjzPcZC6MuD7kfRKmLks25T1DkEzA1ATPbyM02NuUEpvwJdqOG5Q5sQTDkNSpBUFmCihJUkqAqCKphvc%2BV7dj6MVe2TLxl7iyzX0910d%2Bl%2B7roi4zs5ifkpblgzhnyBjbFccsXzI3d0I0DLw6jOBJxL%2FWimHbTME7CTgIra0h7ZrHmeO7erw7yea7OI6GHsOoQTJ4HLV8Draa9jgu6MQ0iF%2BNsf0zbfQWua%2BTFORRbzq46Ia8uHLv07osQ7OjK7NEnF%2F5qHoGZGrmp8an8maCvdqb3dEX27unKkqd38kIO5JjO3bxf0EKc%2Ffam2Kq04Teu2ck377E5MC%2BfPBC2uEUzLrO%2BJd9dlZwLc10bJsiPN%2By6SO6WduNqabIyv3X3%2Fes3BrkR1kqdNaDymf0CTM7I%2F3e%2BXNzp62%2FmkKaBKWsMyiOyDEjdgOXbsPmKvdUERq1mktxBVdZT00lWj0oSKLHqaVLD%2FqtPVvWu3UHfOKDFw8V1Dk2NoapB1QS2PDstcnN05Td%2FEUiUM02UcfYSZdRXp9JaedwKvUBESdRjnCeCca%2FX8SPfdTucB71YeDEKO2PPb%2F7xDwAAAP%2F%2FAQAA%2F%2F9AdDWkfwQAAA%3D%3D HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=4c2344e2-af03-4684-a6b4-1596f4983cb7:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2c69d98629a60446b0ff3c64ec328580
Strict-Transport-Security: max-age=0; includeSubdomains

inflectedminimalbits.com/pixel/sbs?c=1

173.233.137.60

200 OK

0 B

URL HTTP/1.1
inflectedminimalbits.com/pixel/sbs?c=1
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=4c2344e2-af03-4684-a6b4-1596f4983cb7:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=DM+Sans:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 18:00:54 GMT
date: Fri, 03 Feb 2023 18:00:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

openfpcdn.io/fingerprintjs/v3

54.230.111.116

200 OK

0 B

URL HTTP/2
openfpcdn.io/fingerprintjs/v3
IP
54.230.111.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fingerprintjs/v3 HTTP/1.1
Host: openfpcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: CloudFront
date: Fri, 03 Feb 2023 16:37:49 GMT
cache-control: public, max-age=581825, s-maxage=10527
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
etag: W/"hgr97TpQKaVAGMaALEadtdFfoCM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vmomSZo4vdtJvpyenDMUy3DRX04E_kw5uUAku8uw7ZHVIbJNnF4--w==
age: 4985
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html

45.133.44.3

200 OK

0 B

URL HTTP/2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP
45.133.44.3:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 03 Feb 2023 19:00:57 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js

172.64.166.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NStFi1yZw%2BKpBB3JApkC9f3QJohjQeQFXXXqv1q0Q7l%2FbHys9Ny5WOTYHuyBZbbHZFejS7ihxi0xL6rfYlQs0%2F20nYkUQLCPSqgDeD7v1jvKA93rzZ3sKjNBvkBqVDetKTjM7ejuKUR4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d11ae7b4f7488-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

104.16.57.101

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
104.16.57.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:54 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d119b0f61b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css

172.64.166.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRQWjw68dDMUafxLwIkgx1bLP1oCCN%2BNHQR5Z8xUaeosIhgf9n70DJUBxaLrqj2PEG8dRMwaGvE%2F8mM4QyUu%2FQphLxKpKD4T%2BhwHQhN9fXCvXOioTeeaGcIPhaGPEnEC0U3RZMywuJxJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d11ae8b547488-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css

172.64.166.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfpZgGhn%2FKNHdabWKwC%2F7A1eT3AT%2FZn50RyT6WRIBpIGy4UOc3AIjJGS3CGT0%2FI62rS%2B2cs222CdQOWErH%2FJrPgn3cCh%2FTSQJ3yfrz%2FPQ1Ye8yAMU3La2Sjjx9LdEbHt8uqnP8dnqp9h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d11ae7b4c7488-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML