Report - download.freeroms.com/psp_roms/a/asterix_%25&_obelix_xxl_2_-_mission_wifix

Report Overview

Visited public
2023-11-11 15:07:25
Tags
URL
download.freeroms.com/psp_roms/a/asterix_%25&_obelix_xxl_2_-_mission_wifix_(europe).zip
Finishing URL
www.freeroms.com/errorpages/404-10gb.html
IP / ASN
23.237.120.146
#174 COGENT-174
Title
Missing File

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
moleconcern.com	unknown	2022-11-04	2022-11-04 05:17:13	2023-11-05 22:16:31	1.0 kB	995 B	192.243.61.227
professionalswebcheck.com	unknown	2022-04-01	2022-04-02 00:47:29	2023-11-11 05:10:32	948 B	722 B	52.59.122.145
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-11-11 05:13:22	900 B	24 kB	104.22.33.172
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-11 11:49:28	1.0 kB	33 kB	216.58.207.227
cameesse.net	unknown	2023-10-18	2023-10-18 14:31:33	2023-11-11 11:22:08	401 B	647 B	139.45.197.242
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-11-11 05:13:21	531 B	484 B	139.45.195.254
gishejuy.com	unknown	2023-10-25	2023-10-25 15:14:32	2023-11-11 14:17:35	2.5 kB	91 kB	139.45.197.242
download.freeroms.com	unknown	1999-02-13	2012-07-01 00:02:10	2023-11-07 12:50:01	459 B	401 B	23.237.120.146
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-11 10:06:29	421 B	11 kB	142.250.74.106
addresseepaper.com	18169	2021-11-01	2021-11-01 22:11:31	2023-11-08 20:23:04	404 B	0 B	0.0.0.0
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-11-11 05:13:21	399 B	8.2 kB	104.21.11.245
dacmaiss.com	68570	2021-11-01	2021-11-02 03:48:17	2023-11-09 08:14:10	1.9 kB	32 kB	139.45.197.237
combatbaskstationery.com	unknown	2022-11-03	2022-11-03 02:54:14	2023-11-06 12:53:18	924 B	16 kB	192.243.61.227
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-11-11 05:09:57	467 B	745 B	139.45.195.8
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-11-11 11:17:16	416 B	847 B	104.21.86.121
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-11-11 05:14:39	1.4 kB	846 B	192.243.59.12
remaincall.com	unknown	2023-11-03	2023-11-03 12:20:09	2023-11-11 05:54:29	518 B	944 B	173.233.137.60
simplewebanalysis.com	unknown	2022-02-15	2022-02-25 05:06:25	2023-08-29 15:49:41	872 B	0 B	0.0.0.0
www.freeroms.com	750065	1999-02-13	2012-06-23 04:20:10	2023-11-10 00:16:00	8.1 kB	225 kB	64.235.54.28
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-11-11 11:17:16	404 B	86 kB	172.64.172.31

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-11	medium	combatbaskstationery.com	Sinkholed
2023-11-11	medium	cameesse.net	Sinkholed
2023-11-11	medium	combatbaskstationery.com	Sinkholed
2023-11-11	medium	moleconcern.com	Sinkholed
2023-11-11	medium	moleconcern.com	Sinkholed
2023-11-11	medium	fleraprt.com	Sinkholed
2023-11-11	medium	gishejuy.com	Sinkholed
2023-11-11	medium	unseenreport.com	Sinkholed
2023-11-11	medium	unseenreport.com	Sinkholed
2023-11-11	medium	remaincall.com	Sinkholed
2023-11-11	medium	gishejuy.com	Sinkholed
2023-11-11	medium	addresseepaper.com	Sinkholed
2023-11-11	medium	gishejuy.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	dacmaiss.com/tag.min.js	ScriptElement	81 kB	2023-11-09	2023-11-14
Pretty URL dacmaiss.com/tag.min.js IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-09 17:56 Last Seen2023-11-14 03:25 Times Seen209 Hash 31f7b9daf5ee02172c3c0cbe4e1fa617 48784129643d6897b3c275520d9983575b9d23c3 b5ad9f48d1639a9ed9f2ba15c61e9388903d97798d1fdc0d7d3559744f86c163 Loading...

	combatbaskstationery.com/c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js	ScriptElement	40 kB	2023-11-11	2023-11-11
Pretty URL combatbaskstationery.com/c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-11 16:07 Last Seen2023-11-11 16:07 Times Seen1 Hash a0b17da68716a20cb337336ae4dc9a7e 51967f369ca6e044c7bc5a5b61ddef34b5b9478e 1ad83e4fcc677b8592d2fc09faeddd46884c69eeb1834eae51c2f4c9b20e1bb8 Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-10
Pretty URL banquetunarmedgrater.com/advertisers.js IP 104.21.86.121 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-10 10:59 Times Seen4643077 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.freeroms.com/js/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-05-10
Pretty URL www.freeroms.com/js/jquery.min.js IP 64.235.54.28 ASN #26277 PREMIANET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 04:20 Times Seen6117 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	www.freeroms.com/js/front-script.js	ScriptElement	547 B	2023-03-07	2024-12-27
Pretty URL www.freeroms.com/js/front-script.js IP 64.235.54.28 ASN #26277 PREMIANET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:24 Last Seen2024-12-27 19:54 Times Seen57 Hash 623069997deee6979f41b571e8b728cb 035788635c81bb176917731fcdc655cbd2bd2270 50db1f925c9abd1ddc94afe8d5d98125b741a8ae04712ac9df007b0c5871f0b1 Loading...

	www.freeroms.com/errorpages/404-10gb.html	ScriptElement	63 kB	2023-03-07	2024-12-19
Pretty URL www.freeroms.com/errorpages/404-10gb.html IP 64.235.54.28 ASN #26277 PREMIANET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:24 Last Seen2024-12-19 19:28 Times Seen40 Hash cb7b43d08d40187b481440aa0ffca1d2 b0271600c8fe4783a882891ce11112c693207642 d6bb18846ca4d3a3de5c1d1fd29ae99671cdf77a3c625bcb7e147e1ee0ba9718 Loading...

	www.freeroms.com/errorpages/404-10gb.html	ScriptElement	445 B	2023-03-07	2024-12-19
Pretty URL www.freeroms.com/errorpages/404-10gb.html IP 64.235.54.28 ASN #26277 PREMIANET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:24 Last Seen2024-12-19 19:28 Times Seen40 Hash 75664f70c2f91e11d52bb5728fdf0eb7 cecfcf1ea522516d743b298b8b062ee4f6c66f16 41f764893b561ae57966d9d1d1de3010acdc82c144e61f840460fab648ad7838 Loading...

	www.freeroms.com/errorpages/404-10gb.html	ScriptElement	88 kB	2023-03-09	2024-12-27
Pretty URL www.freeroms.com/errorpages/404-10gb.html IP 64.235.54.28 ASN #26277 PREMIANET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 00:52 Last Seen2024-12-27 19:54 Times Seen56 Hash 32de7999072918ce608cd3bf9cb62e94 b68754107992736b42fc71ffa9dd51838c093830 c1492ae78710e2bdffb32814006c3ca23df1aa3b4ef75ee86650147b49e38489 Loading...

	gishejuy.com/400/3601099	ScriptElement	89 kB	2023-11-11	2023-11-11
Pretty URL gishejuy.com/400/3601099 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-11 16:07 Last Seen2023-11-11 16:07 Times Seen1 Hash edb6ba2dd2ba364d395daa141bc49c0b 74a08cf6a9f75ac93c86dad68cb61e0697e33f82 2672942a9328fdef4f03293d93df7af2fd4c695ae96a6360b025431474d2c2a9 Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL tzegilo.com/stattag.js IP 104.21.11.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07 Last Seen2024-08-21 07:20 Times Seen2395 Hash 89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-08-25	2023-11-23
Pretty URL friendshipmale.com/sfp.js IP 172.64.172.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 12:30 Last Seen2023-11-23 01:47 Times Seen6642 Hash 2d0450888479d4ddda305bd96206b240 5b4595aab1cd3f854718e05db9be0c65a12ab2f6 44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6 Loading...

HTTP Transactions (47)

URL IP Response Size

download.freeroms.com/psp_roms/a/asterix_%25&_obelix_xxl_2_-_mission_wifix_(europe).zip

23.237.120.146

170 B

URL User Request GET
download.freeroms.com/psp_roms/a/asterix_%25&_obelix_xxl_2_-_mission_wifix_(europe).zip
IP
23.237.120.146:0
ASN
#174 COGENT-174

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
170 B (170 bytes)
Hash
7ae0f3a88d2b351bb1d01f84c43c009e
b0f62bbd08b044b9d9ddc60bdacf10a5568607d9
2399955144f8af99521c3ea8c6f2a5959c500f80902869cbb98d57cde2f48f89

HTTP Headers

GET /psp_roms/a/asterix_%25&_obelix_xxl_2_-_mission_wifix_(europe).zip HTTP/1.1
Host: download.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 11 Nov 2023 15:07:07 GMT
Content-Type: text/html
Content-Length: 170
Connection: keep-alive
Location: https://www.freeroms.com/errorpages/404-10gb.html

www.freeroms.com/images/logo.png

64.235.54.28

200 OK

9.8 kB

URL GET HTTP/2
www.freeroms.com/images/logo.png
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
PNG image data, 215 x 40, 8-bit/color RGB, non-interlaced\012- data
Size
9.8 kB (9831 bytes)
Hash
14cd0a179797ca4b75eafccd97c8bb29
3b28b50481b500440e2d20df8acfba80d752a090
e94da94c103e98f78880e5458d6cd022cc20d1d6412b985ef8c0b3eeafd40f5c

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/errorpages/404-10gb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:08 GMT
content-type: image/png
content-length: 9831
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-2667"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.freeroms.com/js/front-script.js

64.235.54.28

200 OK

295 B

URL GET HTTP/2
www.freeroms.com/js/front-script.js
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text
Size
295 B (295 bytes)
Hash
623069997deee6979f41b571e8b728cb
035788635c81bb176917731fcdc655cbd2bd2270
50db1f925c9abd1ddc94afe8d5d98125b741a8ae04712ac9df007b0c5871f0b1

HTTP Headers

GET /js/front-script.js HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/errorpages/404-10gb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:08 GMT
content-type: application/javascript
content-length: 295
x-accel-version: 0.01
last-modified: Mon, 09 Jan 2017 06:39:35 GMT
etag: "223-545a3a17f17c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.freeroms.com/js/jquery.min.js

64.235.54.28

200 OK

34 kB

URL GET HTTP/2
www.freeroms.com/js/jquery.min.js
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32038)
Size
34 kB (33579 bytes)
Hash
895323ed2f7258af4fae2c738c8aea49
276c87ff3e1e3155679c318938e74e5c1b76d809
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/errorpages/404-10gb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:08 GMT
content-type: application/javascript
last-modified: Tue, 28 Jul 2015 06:50:01 GMT
etag: W/"55b72619-176d5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.freeroms.com/images/circuit_left.gif

64.235.54.28

200 OK

3.0 kB

URL GET HTTP/2
www.freeroms.com/images/circuit_left.gif
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 12 x 320\012- data
Size
3.0 kB (3029 bytes)
Hash
f84caa56ec89113941ed4823aecea88a
dd608663197ad5cf505e06c8a16fbd42f3001153
7925efc9e31cb712e156e1b0663846dea73debe1200b125ed73dfea95efc06f6

HTTP Headers

GET /images/circuit_left.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: image/gif
content-length: 3029
last-modified: Tue, 14 Jul 2015 01:10:52 GMT
etag: "55a4619c-bd5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.freeroms.com/css/style.css

64.235.54.28

200 OK

4.2 kB

URL GET HTTP/2
www.freeroms.com/css/style.css
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text
Size
4.2 kB (4214 bytes)
Hash
398ef8c2ef606ae67b0ba586e1a719b4
c97aedb87e36818212ffc4b54ab3237b219eb35f
0e48283f73694f66f5c82fff2f94a807a7a2e5a846ed7bf38176369deb934989

HTTP Headers

GET /css/style.css HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/errorpages/404-10gb.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:08 GMT
content-type: text/css
last-modified: Tue, 10 Jan 2023 15:18:36 GMT
etag: W/"63bd81cc-6b3d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.freeroms.com/images/black.png

64.235.54.28

200 OK

927 B

URL GET HTTP/2
www.freeroms.com/images/black.png
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
927 B (927 bytes)
Hash
6f78a7c9048c4843d819c2ab39b33b6c
99e314e4b9325f41d0d42512cbf8a4a636871ac4
486e08b2d63e05464d757f1fbf3952a74bff6ff29f9ccace92c478fe8b4e4119

HTTP Headers

GET /images/black.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: image/png
content-length: 927
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:48 GMT
etag: "39f-51acb82299600"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.freeroms.com/images/nav-strip.png

64.235.54.28

200 OK

1.1 kB

URL GET HTTP/2
www.freeroms.com/images/nav-strip.png
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
PNG image data, 7 x 56, 8-bit/color RGB, non-interlaced\012- data
Size
1.1 kB (1094 bytes)
Hash
92f72da7215127fddf06584d40f1f67c
506dec643852f00b64b0a247d5ff68b1c3fe5c7e
d61ce2fb10db1c5814deedb8c6ca63ee220abba2ba29359cd053e28e84f22172

HTTP Headers

GET /images/nav-strip.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: image/png
content-length: 1094
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-446"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.freeroms.com/images/border.png

64.235.54.28

200 OK

938 B

URL GET HTTP/2
www.freeroms.com/images/border.png
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
PNG image data, 2 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size
938 B (938 bytes)
Hash
a4de791940d86ff21226a978b905950e
bba1cc2559c7b67cb577f48118604b169a212239
c1ff6bcf530cc998882a66b1a1dafcff6869533caf5a6fea4e137497f0555269

HTTP Headers

GET /images/border.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: image/png
content-length: 938
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:48 GMT
etag: "3aa-51acb82299600"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.freeroms.com/images/rom.png

64.235.54.28

200 OK

1.4 kB

URL GET HTTP/2
www.freeroms.com/images/rom.png
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
PNG image data, 28 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1365 bytes)
Hash
213bc22990ce0324b563a2714b22749d
514c1c91577fd3fa56b081a73b419015fcb2baf9
0465cb562ac7a714e9e90eb55764b1bc210b3378c5c01a465f8cdaa386f65349

HTTP Headers

GET /images/rom.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: image/png
content-length: 1365
last-modified: Tue, 14 Jul 2015 01:10:46 GMT
etag: "55a46196-555"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.freeroms.com/images/circuit_main_right.gif

64.235.54.28

200 OK

1.8 kB

URL GET HTTP/2
www.freeroms.com/images/circuit_main_right.gif
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 12 x 415\012- data
Size
1.8 kB (1849 bytes)
Hash
ca8a951bdcdf29ca49cf66f5e2a963d1
514cdcb098f3e0716f94c53a33cf2fc9f41d40bf
089c688ad07d47949987f81f182752199bb7329fd5d443fa084342f6f9dc2953

HTTP Headers

GET /images/circuit_main_right.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: image/gif
content-length: 1849
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "55a4619f-739"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.freeroms.com/images/default-arr.png

64.235.54.28

200 OK

978 B

URL GET HTTP/2
www.freeroms.com/images/default-arr.png
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
PNG image data, 3 x 7, 8-bit/color RGBA, non-interlaced\012- data
Size
978 B (978 bytes)
Hash
0edc018ca2c25a655a9eeed4b31eab51
dba5918c2b540f28d9365ad1db47d658c2dd8f66
d82b013cdd3a3efcde2e7403046e96555f5f7446efef3f2a6879af699f868218

HTTP Headers

GET /images/default-arr.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: image/png
content-length: 978
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "3d2-51acb829465c0"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.freeroms.com/images/deals.png

64.235.54.28

200 OK

1.7 kB

URL GET HTTP/2
www.freeroms.com/images/deals.png
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
PNG image data, 28 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1703 bytes)
Hash
af70f63ff1d66bbba81818861df6b9c0
1612daa7d1160baa30c9e31fda99def140832cca
1e169d2ec5faf9c54e194c70c39ee11b21f9985eab0e954de8450b964bd51563

HTTP Headers

GET /images/deals.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: image/png
content-length: 1703
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "55a4619f-6a7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

dacmaiss.com/tag.min.js

139.45.197.237

200 OK

26 kB

URL GET HTTP/2
dacmaiss.com/tag.min.js
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectdacmaiss.com
FingerprintCC:49:30:23:56:98:15:B1:1A:DC:A9:92:7D:D2:DF:DA:8B:CC:2D:1B
ValiditySun, 22 Oct 2023 05:11:39 GMT - Sat, 20 Jan 2024 05:11:38 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25507 bytes)
Hash
31f7b9daf5ee02172c3c0cbe4e1fa617
48784129643d6897b3c275520d9983575b9d23c3
b5ad9f48d1639a9ed9f2ba15c61e9388903d97798d1fdc0d7d3559744f86c163

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: dacmaiss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: text/javascript; charset=utf-8
content-length: 25507
content-encoding: br
x-trace-id: 40171223f8b8ae0a7ee586e2832bf87b
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Thu, 09 Nov 2023 15:32:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.freeroms.com/images/circuit_main_bottom.gif

64.235.54.28

200 OK

1.4 kB

URL GET HTTP/2
www.freeroms.com/images/circuit_main_bottom.gif
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 334 x 40\012- data
Size
1.4 kB (1352 bytes)
Hash
660833b77d6e64a7347b2536658f65d4
7ef5949aa50558090c53c9084bf4e01c8984f5c7
280a43318bfd40a4cf90a00f47e944e7c6ae6221aaed1e7fe23a1b39b79c3635

HTTP Headers

GET /images/circuit_main_bottom.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: image/gif
content-length: 1352
last-modified: Tue, 14 Jul 2015 01:10:54 GMT
etag: "55a4619e-548"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

combatbaskstationery.com/ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json

192.243.61.227

200 OK

414 B

URL GET HTTP/1.1
combatbaskstationery.com/ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectcombatbaskstationery.com
FingerprintC2:03:EE:0C:A4:E6:5D:AF:91:D4:D2:48:12:F2:C8:1D:43:6E:E5:2C
ValiditySun, 29 Oct 2023 06:19:05 GMT - Sat, 27 Jan 2024 06:19:04 GMT

File type
JSON data\012- , ASCII text, with very long lines (414), with no line terminators
Size
414 B (414 bytes)
Hash
187c9dc708cac08306adfd73fddd6f5d
9709bb0f7c7fa756c2913060ba409f52c872e440
438dd45d0dbbb37d0f14b5e4a2014ef97c6717415e1efe155444dd5d25638e90

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json HTTP/1.1
Host: combatbaskstationery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 11 Nov 2023 15:07:09 GMT
Content-Type: application/json
Content-Length: 414
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 724336cb6f01d99f8fcdf14467429b56
Strict-Transport-Security: max-age=0; includeSubdomains

cameesse.net/1?z=3056520

139.45.197.242

404 Not Found

7 B

URL GET HTTP/2
cameesse.net/1?z=3056520
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
3b66fb7a307f3ca29bd59b2f354055bd
d6ae6ccb37eb272d94d4a5191fa50372f4d06bba
de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1?z=3056520 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 5f075c474eac9fc394d6ae84cd7041b6
access-control-expose-headers: X-Sc
x-sc: 4KdnrdofxFOHMlcU
set-cookie: scm=1; expires=Sun, 10 Nov 2024 15:07:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=e0900cb2cb394e9581f2cadcc51eaff9

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=e0900cb2cb394e9581f2cadcc51eaff9
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
1dfbff1232ab3737b9d9759929689428
ee6edd56285b2fb97b21aeef16b74a019790fb01
f3420f996ef507aa1851aa45a2c53e8b70e2603943079c1d7566a829e97d2d20

HTTP Headers

GET /gid.js?userId=e0900cb2cb394e9581f2cadcc51eaff9 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e0900cb2cb394e9581f2cadcc51eaff9; expires=Sun, 10 Nov 2024 15:07:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

combatbaskstationery.com/c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js

192.243.61.227

200 OK

14 kB

URL GET HTTP/1.1
combatbaskstationery.com/c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectcombatbaskstationery.com
FingerprintC2:03:EE:0C:A4:E6:5D:AF:91:D4:D2:48:12:F2:C8:1D:43:6E:E5:2C
ValiditySun, 29 Oct 2023 06:19:05 GMT - Sat, 27 Jan 2024 06:19:04 GMT

File type
ASCII text, with very long lines (40519), with no line terminators
Size
14 kB (14280 bytes)
Hash
a0b17da68716a20cb337336ae4dc9a7e
51967f369ca6e044c7bc5a5b61ddef34b5b9478e
1ad83e4fcc677b8592d2fc09faeddd46884c69eeb1834eae51c2f4c9b20e1bb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js HTTP/1.1
Host: combatbaskstationery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 11 Nov 2023 15:07:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2ae987870fe85fbcd0d268be85e601fc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

moleconcern.com/pixel/pure

192.243.61.227

204 No Content

0 B

URL OPTIONS HTTP/1.1
moleconcern.com/pixel/pure
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectmoleconcern.com
FingerprintEB:1F:59:14:C7:DD:65:50:10:51:62:9F:42:07:6B:62:7A:58:41:AF
ValidityMon, 30 Oct 2023 07:29:08 GMT - Sun, 28 Jan 2024 07:29:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.21.6
Date: Sat, 11 Nov 2023 15:07:09 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

moleconcern.com/pixel/pure

192.243.61.227

204 No Content

0 B

URL OPTIONS HTTP/1.1
moleconcern.com/pixel/pure
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectmoleconcern.com
FingerprintEB:1F:59:14:C7:DD:65:50:10:51:62:9F:42:07:6B:62:7A:58:41:AF
ValidityMon, 30 Oct 2023 07:29:08 GMT - Sun, 28 Jan 2024 07:29:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 11 Nov 2023 15:07:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

professionalswebcheck.com/stats

52.59.122.145

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
52.59.122.145:443
ASN
#16509 AMAZON-02

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
5f0582de01981a73a6fd62c8f97108d8
62020858a56592530132467eed87462716e717ae
7bde1f072bbba503920ce7ee827c587172f29fa1644cecedb13cb773d94ab2b9

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 Nov 2023 15:07:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.freeroms.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d85ac832-576b-4669-97e4-a33900396019:2:1; expires=Tue, 08 Nov 2033 15:07:10 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

professionalswebcheck.com/stats

52.59.122.145

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
52.59.122.145:443
ASN
#16509 AMAZON-02

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
5f0582de01981a73a6fd62c8f97108d8
62020858a56592530132467eed87462716e717ae
7bde1f072bbba503920ce7ee827c587172f29fa1644cecedb13cb773d94ab2b9

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: uid_id2=d85ac832-576b-4669-97e4-a33900396019:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 Nov 2023 15:07:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.freeroms.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1368
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 11 Nov 2023 15:07:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.freeroms.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

gishejuy.com/500/3601099?excludes=&oaid=e0900cb2cb394e9581f2cadcc51eaff9&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fwww.freeroms.com%2Ferrorpages%2F404-10gb.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.307.0

139.45.197.242

200 OK

0 B

URL GET HTTP/2
gishejuy.com/500/3601099?excludes=&oaid=e0900cb2cb394e9581f2cadcc51eaff9&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fwww.freeroms.com%2Ferrorpages%2F404-10gb.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.307.0
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31
ValidityWed, 25 Oct 2023 09:21:45 GMT - Tue, 23 Jan 2024 09:21:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/3601099?excludes=&oaid=e0900cb2cb394e9581f2cadcc51eaff9&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fwww.freeroms.com%2Ferrorpages%2F404-10gb.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.307.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:10 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.11.245

200 OK

7.4 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.11.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint52:B8:ED:73:BB:55:6F:9C:F8:97:7C:04:34:2B:AD:DB:55:0A:C9:6A
ValidityThu, 05 Oct 2023 17:59:18 GMT - Wed, 03 Jan 2024 17:59:17 GMT

File type
ASCII text, with very long lines (18369)
Size
7.4 kB (7359 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 392
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMkuuGpeh95LY%2FlXoZ4%2BDaiWbl45L4Z%2BtK7ZfosIBKu0JObYVmw4UCXqnfUF9rH8XbGKj5Gs5TrHDNvrSVXqKa0tIFMbtnc6L3CxUUDWEHF4zd3m%2BnXJ6jWEov5T3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8247717b48f7b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

104.21.86.121

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
104.21.86.121:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 Nov 2023 15:07:10 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: c6f498fb5b35f7ee2cd0e769b37b3b2b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 11 Nov 2023 15:07:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FO84%2BRUHIwbTTo3hC9VwyHqFf4h7eBbJnsvLMboQb7VjN4%2FP88u951B2BAKBy%2BdKnK8ySfE1kd1m5DzvcIqJZH9r%2Fi%2BMAUDMb7gH0LC%2Fp4hxoFJ3BB8I0LKNQ1ztOPKU014d8xzCqt5FK6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8247717cfadd568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg

104.22.33.172

200 OK

12 kB

URL GET HTTP/2
offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
12 kB (11455 bytes)
Hash
59d005e99dabed8d7a753617b9dfe4d6
5b4b05e20f8496be4f1f8d9e93adc1e1ccfbe383
d09719c31f8376e40f2a23e1e9833214527ec837e61e2e715752d58a1154bd31

HTTP Headers

GET /www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 Nov 2023 15:07:10 GMT
content-type: image/jpeg
content-length: 11455
cache-control: max-age=86400
cf-bgj: h2pri
etag: "631844d9-2cbf"
expires: Sun, 12 Nov 2023 03:41:07 GMT
last-modified: Wed, 07 Sep 2022 07:14:33 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 41163
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8247717ec81a0d2e-ARN
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=&eb=9dc9c1d31cb8b7965ee9d24b6e1f79e7&te=b7f6eb057aaaa451b9eeba0ff496141a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=ea2d5d802b867cf417198fc84113161f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=&eb=9dc9c1d31cb8b7965ee9d24b6e1f79e7&te=b7f6eb057aaaa451b9eeba0ff496141a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=ea2d5d802b867cf417198fc84113161f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=&eb=9dc9c1d31cb8b7965ee9d24b6e1f79e7&te=b7f6eb057aaaa451b9eeba0ff496141a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=ea2d5d802b867cf417198fc84113161f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 11 Nov 2023 15:07:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ddb8c719503b4c0d29ac416ef6602f90
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=&eb=9dc9c1d31cb8b7965ee9d24b6e1f79e7&te=b7f6eb057aaaa451b9eeba0ff496141a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=c4d53d21b4a90448b5012c00c5cfa5a2&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=&eb=9dc9c1d31cb8b7965ee9d24b6e1f79e7&te=b7f6eb057aaaa451b9eeba0ff496141a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=c4d53d21b4a90448b5012c00c5cfa5a2&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=&eb=9dc9c1d31cb8b7965ee9d24b6e1f79e7&te=b7f6eb057aaaa451b9eeba0ff496141a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=c4d53d21b4a90448b5012c00c5cfa5a2&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 11 Nov 2023 15:07:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af83c36f3ba87da2a01424559a4a2615
Strict-Transport-Security: max-age=0; includeSubdomains

www.freeroms.com/favicon.ico

64.235.54.28

200 OK

1.2 kB

URL GET HTTP/2
www.freeroms.com/favicon.ico
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
66ccc38a036f42cb9555a65a8f0dd96d
de96c7f3b02ca03d5ab9dd57e7249e3af0a7469f
554982b40d0c899885675b5eb48e7d32b1068623e99c6d361f190427de2387f0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/errorpages/404-10gb.html
Cookie: prefetchAd_2881944=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d85ac832-576b-4669-97e4-a33900396019%3A2%3A1; ppu_main_ea2d5d802b867cf417198fc84113161f=1; sb_main_c4d53d21b4a90448b5012c00c5cfa5a2=1; sb_count_c4d53d21b4a90448b5012c00c5cfa5a2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:11 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Thu, 18 Dec 2014 11:03:18 GMT
etag: "5492b476-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

remaincall.com/sbar.json?key=c4d53d21b4a90448b5012c00c5cfa5a2&uuid=d85ac832-576b-4669-97e4-a33900396019%3A2%3A1

173.233.137.60

200 OK

0 B

URL GET HTTP/1.1
remaincall.com/sbar.json?key=c4d53d21b4a90448b5012c00c5cfa5a2&uuid=d85ac832-576b-4669-97e4-a33900396019%3A2%3A1
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectremaincall.com
FingerprintA7:83:28:EC:32:77:45:2B:33:A0:1F:19:2B:04:1E:18:4D:75:6B:B9
ValidityFri, 03 Nov 2023 10:18:22 GMT - Thu, 01 Feb 2024 10:18:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=c4d53d21b4a90448b5012c00c5cfa5a2&uuid=d85ac832-576b-4669-97e4-a33900396019%3A2%3A1 HTTP/1.1
Host: remaincall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 11 Nov 2023 15:07:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.freeroms.com
Access-Control-Allow-Origin: https://www.freeroms.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16560103; expires=Sun, 12 Nov 2023 15:07:10 GMT; secure; SameSite=None
uid_id2=d85ac832-576b-4669-97e4-a33900396019:2:1; expires=Sat, 18 Nov 2023 15:07:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f83aa18f772ca6412cf4a297127d1d10
Strict-Transport-Security: max-age=0; includeSubdomains

gishejuy.com/impression/lvQCiwa3tzeJygS2IA7EMNPUcSuEjby3lcR144jimj3WyAa6v8FCv9fTkoLvDtT7qDXotsNrya1kdPN01re-isjziX5xho0C5IJwTmp6oCJcPyjir9GxwCZuzwOX1JhXlsyHxyO2pxWnqko6a_VMAUyfNMdypzYdvlBHL2p3rRFrpSxAjryWBgxQc1WiVFUSP0ssH_s1Ipi1qyizdA7HgGkWmuFFKlkFhaEt9Rwi7O6Pnh_Uiy7UQD8AxWnjnkNC0Mto07YRejiJPZZ17jd94GDBb_8M2Ak5Zmle4VWWzfwIFKru-yH8Bo8KefGd_Njk7-xHvrIwKSekb65NH7Xr0ynF7EJIBRpiEmNX3PCwJfewFD0p5-USOhd8MQaAWZDWjKMEy_yxG-jYCC_0zNt_KzPfb8sMocjn_tviKcxMvzCuMjEeQJEXN-lCi85X9mIBH0UztzQ6Ue6adFm7qnVTQfsG6IpPp-bYwSXimFdB5DLjDx9SrtPrvmEEoJXjBsvOTdoL96--ATl8aumkP83J-sPgDqFfoR2AR0pFr6Ga0ew4juAxt3Zo7HOl3BCD0E3whjppeuDbP3pWfM4f3qFOP-LBvCI=?_z=3601099&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fwww.freeroms.com%2Ferrorpages%2F404-10gb.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.307.0

139.45.197.242

200 OK

43 B

URL GET HTTP/2
gishejuy.com/impression/lvQCiwa3tzeJygS2IA7EMNPUcSuEjby3lcR144jimj3WyAa6v8FCv9fTkoLvDtT7qDXotsNrya1kdPN01re-isjziX5xho0C5IJwTmp6oCJcPyjir9GxwCZuzwOX1JhXlsyHxyO2pxWnqko6a_VMAUyfNMdypzYdvlBHL2p3rRFrpSxAjryWBgxQc1WiVFUSP0ssH_s1Ipi1qyizdA7HgGkWmuFFKlkFhaEt9Rwi7O6Pnh_Uiy7UQD8AxWnjnkNC0Mto07YRejiJPZZ17jd94GDBb_8M2Ak5Zmle4VWWzfwIFKru-yH8Bo8KefGd_Njk7-xHvrIwKSekb65NH7Xr0ynF7EJIBRpiEmNX3PCwJfewFD0p5-USOhd8MQaAWZDWjKMEy_yxG-jYCC_0zNt_KzPfb8sMocjn_tviKcxMvzCuMjEeQJEXN-lCi85X9mIBH0UztzQ6Ue6adFm7qnVTQfsG6IpPp-bYwSXimFdB5DLjDx9SrtPrvmEEoJXjBsvOTdoL96--ATl8aumkP83J-sPgDqFfoR2AR0pFr6Ga0ew4juAxt3Zo7HOl3BCD0E3whjppeuDbP3pWfM4f3qFOP-LBvCI=?_z=3601099&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fwww.freeroms.com%2Ferrorpages%2F404-10gb.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.307.0
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31
ValidityWed, 25 Oct 2023 09:21:45 GMT - Tue, 23 Jan 2024 09:21:44 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/lvQCiwa3tzeJygS2IA7EMNPUcSuEjby3lcR144jimj3WyAa6v8FCv9fTkoLvDtT7qDXotsNrya1kdPN01re-isjziX5xho0C5IJwTmp6oCJcPyjir9GxwCZuzwOX1JhXlsyHxyO2pxWnqko6a_VMAUyfNMdypzYdvlBHL2p3rRFrpSxAjryWBgxQc1WiVFUSP0ssH_s1Ipi1qyizdA7HgGkWmuFFKlkFhaEt9Rwi7O6Pnh_Uiy7UQD8AxWnjnkNC0Mto07YRejiJPZZ17jd94GDBb_8M2Ak5Zmle4VWWzfwIFKru-yH8Bo8KefGd_Njk7-xHvrIwKSekb65NH7Xr0ynF7EJIBRpiEmNX3PCwJfewFD0p5-USOhd8MQaAWZDWjKMEy_yxG-jYCC_0zNt_KzPfb8sMocjn_tviKcxMvzCuMjEeQJEXN-lCi85X9mIBH0UztzQ6Ue6adFm7qnVTQfsG6IpPp-bYwSXimFdB5DLjDx9SrtPrvmEEoJXjBsvOTdoL96--ATl8aumkP83J-sPgDqFfoR2AR0pFr6Ga0ew4juAxt3Zo7HOl3BCD0E3whjppeuDbP3pWfM4f3qFOP-LBvCI=?_z=3601099&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fwww.freeroms.com%2Ferrorpages%2F404-10gb.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.307.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: OAID=e0900cb2cb394e9581f2cadcc51eaff9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:20 GMT
content-type: image/gif
content-length: 43
x-trace-id: 536e865cf099915707d9bdf2f67eaf79
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg

104.22.33.172

200 OK

12 kB

URL GET HTTP/2
offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
12 kB (11455 bytes)
Hash
59d005e99dabed8d7a753617b9dfe4d6
5b4b05e20f8496be4f1f8d9e93adc1e1ccfbe383
d09719c31f8376e40f2a23e1e9833214527ec837e61e2e715752d58a1154bd31

HTTP Headers

GET /www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 Nov 2023 15:07:20 GMT
content-type: image/jpeg
content-length: 11455
cache-control: max-age=86400
cf-bgj: h2pri
etag: "631844d9-2cbf"
expires: Sun, 12 Nov 2023 03:41:07 GMT
last-modified: Wed, 07 Sep 2022 07:14:33 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 41173
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 824771bd0af90d2e-ARN
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 Nov 2023 10:05:24 GMT
expires: Sat, 09 Nov 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 104516
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Nov 2023 21:30:01 GMT
expires: Fri, 08 Nov 2024 21:30:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 149839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dacmaiss.com/?rb=wkhFOapYuJqdBe_XoQW1y9lcTTZ-glDtn4l6JQNAHWPlbgPVXTG3Yyrp0hrL9rLznfy3hy4WBy0_SNayR4bLMbn4kfImhgLXiUbY0QLIc47RBrUof9QBTeAOtnnEftIC_03rmHAJ5sq_jTY6VvR9D87z-YVwi8wu5RNtNoTvbzXpIOjO402xH0YJnAGTEP66xu9ike5WniYZl74A2uAB4lFc8PA52EmM&request_ab2=0&zoneid=2881944&js_build=iclick-1.626.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fwww.freeroms.com%2Ferrorpages%2F404-10gb.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-1.626.0&bs=40437299-d084-4de1-872e-502719fbd8eb&userId=e0900cb2cb394e9581f2cadcc51eaff9&m=link

139.45.197.237

200 OK

0 B

URL GET HTTP/2
dacmaiss.com/?rb=wkhFOapYuJqdBe_XoQW1y9lcTTZ-glDtn4l6JQNAHWPlbgPVXTG3Yyrp0hrL9rLznfy3hy4WBy0_SNayR4bLMbn4kfImhgLXiUbY0QLIc47RBrUof9QBTeAOtnnEftIC_03rmHAJ5sq_jTY6VvR9D87z-YVwi8wu5RNtNoTvbzXpIOjO402xH0YJnAGTEP66xu9ike5WniYZl74A2uAB4lFc8PA52EmM&request_ab2=0&zoneid=2881944&js_build=iclick-1.626.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fwww.freeroms.com%2Ferrorpages%2F404-10gb.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-1.626.0&bs=40437299-d084-4de1-872e-502719fbd8eb&userId=e0900cb2cb394e9581f2cadcc51eaff9&m=link
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectdacmaiss.com
FingerprintCC:49:30:23:56:98:15:B1:1A:DC:A9:92:7D:D2:DF:DA:8B:CC:2D:1B
ValiditySun, 22 Oct 2023 05:11:39 GMT - Sat, 20 Jan 2024 05:11:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?rb=wkhFOapYuJqdBe_XoQW1y9lcTTZ-glDtn4l6JQNAHWPlbgPVXTG3Yyrp0hrL9rLznfy3hy4WBy0_SNayR4bLMbn4kfImhgLXiUbY0QLIc47RBrUof9QBTeAOtnnEftIC_03rmHAJ5sq_jTY6VvR9D87z-YVwi8wu5RNtNoTvbzXpIOjO402xH0YJnAGTEP66xu9ike5WniYZl74A2uAB4lFc8PA52EmM&request_ab2=0&zoneid=2881944&js_build=iclick-1.626.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fwww.freeroms.com%2Ferrorpages%2F404-10gb.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-1.626.0&bs=40437299-d084-4de1-872e-502719fbd8eb&userId=e0900cb2cb394e9581f2cadcc51eaff9&m=link HTTP/1.1
Host: dacmaiss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Cookie: OAID=e0900cb2cb394e9581f2cadcc51eaff9; oaidts=1699715229
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:10 GMT
content-length: 0
x-trace-id: 7c709db3607434447e360c08ff97b401
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://www.freeroms.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=e0900cb2cb394e9581f2cadcc51eaff9; expires=Sun, 10 Nov 2024 15:07:10 GMT; path=/; secure; SameSite=None
oaidts=1699715230; expires=Sun, 10 Nov 2024 15:07:10 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 18 Nov 2023 15:07:10 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.freeroms.com/errorpages/404-10gb.html

64.235.54.28

200 OK

0 B

URL HEAD HTTP/2
www.freeroms.com/errorpages/404-10gb.html
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /errorpages/404-10gb.html HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/errorpages/404-10gb.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: text/html
content-length: 53523
x-accel-version: 0.01
last-modified: Thu, 23 Feb 2023 01:02:26 GMT
etag: "26497-5f55390f1c8b1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.freeroms.com/errorpages/404-10gb.html

64.235.54.28

200 OK

157 kB

URL User Request GET HTTP/2
www.freeroms.com/errorpages/404-10gb.html
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (59770)
Size
157 kB (156823 bytes)
Hash
6587802fa5493278bfb4b98e329d1223
ed174dbbb2c62846f25c8de800dbc0279400b308
ee9250083db4cb75565cc51d01bb466920213d3013b15df98c9414c54dd96f67

HTTP Headers

GET /errorpages/404-10gb.html HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:08 GMT
content-type: text/html
last-modified: Thu, 23 Feb 2023 01:02:26 GMT
etag: W/"63f6bb22-26497"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.freeroms.com/images/circuit_main_top.gif

64.235.54.28

200 OK

1.4 kB

URL GET HTTP/2
www.freeroms.com/images/circuit_main_top.gif
IP
64.235.54.28:443
ASN
#26277 PREMIANET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerNetwork Solutions L.L.C.
Subjectwww.freeroms.com
Fingerprint76:6C:B0:F0:67:FF:14:98:E7:B6:EB:77:80:B0:36:83:14:99:FE:4D
ValidityMon, 15 May 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 334 x 40\012- data
Size
1.4 kB (1366 bytes)
Hash
8ce66b9116fdb0a263fbbf0ec7299e1c
3f2868999529378d7e40c4acce440c0fdd0963bb
7ee186a06b35fc6499ca0fe10faa3f137fdee61cbfd4163aaba28414b8e65063

HTTP Headers

GET /images/circuit_main_top.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: image/gif
content-length: 1366
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "55a4619f-556"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
ASCII text
Size
11 kB (10615 bytes)
Hash
dbdc7ee435c6a7f4277bfc7fedf28368
8194a5d7e0108bed7abb001d8bf2b8985a5aa2ca
91b113cbf5aedc9b93ceebe313863344b1ead775a618a7e9f31f9e98dbbdf227

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 11 Nov 2023 15:07:20 GMT
date: Sat, 11 Nov 2023 15:07:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

0.0.0.0

0 B

URL GET
simplewebanalysis.com/stats
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.freeroms.com/errorpages/404-10gb.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

friendshipmale.com/sfp.js

172.64.172.31

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.172.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85471 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 Nov 2023 15:07:10 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ead6d80ffd2b73666c0f14470094eb7a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 11 Nov 2023 15:07:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6W25ay8ud39%2BsGu%2BXSgEbIh%2B1hoxB1SF1futKS5UaYtwXoOdfc9s6V6z3wQmBJMdKYlnuOoC7xXsCxpaS7saWz5TpwUDSRetTMG4LNyxdq0wDe9PMLTYKw0%2B1rb3dTqBeWDSO0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8247717bad123854-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

0.0.0.0

0 B

URL GET
addresseepaper.com/sfp.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.freeroms.com/errorpages/404-10gb.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

gishejuy.com/400/3601099

139.45.197.242

200 OK

89 kB

URL GET HTTP/2
gishejuy.com/400/3601099
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31
ValidityWed, 25 Oct 2023 09:21:45 GMT - Tue, 23 Jan 2024 09:21:44 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (88930 bytes)
Hash
edb6ba2dd2ba364d395daa141bc49c0b
74a08cf6a9f75ac93c86dad68cb61e0697e33f82
2672942a9328fdef4f03293d93df7af2fd4c695ae96a6360b025431474d2c2a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/3601099 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: application/javascript
x-trace-id: 6394277f65eac8654dd756c4cb2d578c
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=5b94eb80e2b1453d8276263bb23b0734; expires=Sun, 10 Nov 2024 15:07:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

dacmaiss.com/5/2881944/?oo=1&aab=1

139.45.197.237

200 OK

2.9 kB

URL GET HTTP/2
dacmaiss.com/5/2881944/?oo=1&aab=1
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.freeroms.com/errorpages/404-10gb.html
Certificate
IssuerLet's Encrypt
Subjectdacmaiss.com
FingerprintCC:49:30:23:56:98:15:B1:1A:DC:A9:92:7D:D2:DF:DA:8B:CC:2D:1B
ValiditySun, 22 Oct 2023 05:11:39 GMT - Sat, 20 Jan 2024 05:11:38 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3114), with no line terminators
Size
2.9 kB (2864 bytes)
Hash
0719cd423249cbe6b64cfd0f7e3a02ea
f1ce4c78ecd43ba956d61c70ea4fe7404471239a
97b78f62b36c869ca3d9c38741912e0042c5590ce77aa0243c597e42c02f11fe

HTTP Headers

GET /5/2881944/?oo=1&aab=1 HTTP/1.1
Host: dacmaiss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 Nov 2023 15:07:09 GMT
content-type: application/json
x-trace-id: bd3ff4b8a4ce03d6ae1e5e2704348694
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://www.freeroms.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=e0900cb2cb394e9581f2cadcc51eaff9; expires=Sun, 10 Nov 2024 15:07:09 GMT; path=/; secure; SameSite=None
oaidts=1699715229; expires=Sun, 10 Nov 2024 15:07:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

0.0.0.0

0 B

URL GET
simplewebanalysis.com/stats
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.freeroms.com/errorpages/404-10gb.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
DNT: 1
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by