200 OK 21 kB URL User Request GET HTTP/1.1 IP
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1042)
Hash b388969d853eddc0dee8f57c5e8e19c6
a1d3bc001c3820f243ad1037408d86ba1b6c801b
e1c7c06a375e14137709513b0ecc7b40f776944cfca1360156c08e703add5da6
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET / HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 07 Dec 2023 10:07:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: *
X-Server-IP: 209.202.244.198
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
Set-Cookie: CookieStatus=COOKIE_OK; path=/; domain=.tripod.com; expires=Fri, 06-Dec-2024 10:07:19 GMT
MEMBER_PAGE=good12345/index.html; path=/; domain=.tripod.com
REFERRER=(null); path=/; domain=.tripod.com
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
ly.lygo.net/ly/zeeblio/advanced/advReset.css
200 OK 2.7 kB URL GET HTTP/1.1 ly.lygo.net/ly/zeeblio/advanced/advReset.css
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectlygo.net
Fingerprint8F:AF:4C:41:14:9B:73:8E:DF:22:1B:3E:86:76:48:6C:43:E4:4B:72
ValidityFri, 10 Nov 2023 00:22:18 GMT - Thu, 08 Feb 2024 00:22:17 GMT
File type ASCII text, with very long lines (347)
Hash a1d5426918bd96d6d9437039df72e0ec
7bdebce5c35d61bc1a402af5aa1bb9a54c6e3959
bbb7f426cea28863f49b687f4e3c1d3e33542085613cae41156e60ec17bed5fe
GET /ly/zeeblio/advanced/advReset.css HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:20 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2016 19:43:00 GMT
ETag: "27dc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=43200
Expires: Thu, 07 Dec 2023 22:07:20 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 2703
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ly.lygo.net/ly/zeeblio/advanced/styles/Pets/css/advDefault.css
200 OK 1.7 kB URL GET HTTP/1.1 ly.lygo.net/ly/zeeblio/advanced/styles/Pets/css/advDefault.css
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectlygo.net
Fingerprint8F:AF:4C:41:14:9B:73:8E:DF:22:1B:3E:86:76:48:6C:43:E4:4B:72
ValidityFri, 10 Nov 2023 00:22:18 GMT - Thu, 08 Feb 2024 00:22:17 GMT
Hash 54cab73ad8cf3c35e52664f0ddd06990
118a8ed12caa615f80bea213082ee90552963445
a59cb1dc478b68467916be5d4feef184b4c03b4434184ebf9553ddbc467a36df
GET /ly/zeeblio/advanced/styles/Pets/css/advDefault.css HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:20 GMT
Server: Apache
Last-Modified: Thu, 11 Jun 2020 15:35:02 GMT
ETag: "1d28-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=43200
Expires: Thu, 07 Dec 2023 22:07:20 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 1685
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
scripts.lycos.com/catman/init.js
200 OK 927 B URL GET HTTP/1.1 scripts.lycos.com/catman/init.js
IP
Requested by https://good12345.tripod.com/adm/ad/injectAd.iframe.html
Certificate IssuerLet's Encrypt
Subject*.lycos.com
Fingerprint37:37:C0:CC:FF:85:15:63:48:B5:FE:89:06:E2:B8:29:6D:4F:C3:3F
ValidityTue, 17 Oct 2023 00:22:33 GMT - Mon, 15 Jan 2024 00:22:32 GMT
File type ASCII text, with very long lines (905)
Hash 66e54ed2b8eaa3b82ba27ff49c42e81d
79b8df00da71f4fe5526f855345059c7dcdecfe8
b1d4a753cf3cc25720fc2883a3e6c6be8c43637041c34aa376cf7428f7672520
GET /catman/init.js HTTP/1.1
Host: scripts.lycos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:20 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2016 19:26:58 GMT
ETag: "9c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=21600
Expires: Thu, 07 Dec 2023 16:07:20 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 927
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
good12345.tripod.com/adm/zbl/js/published/moduleloader.js
200 OK 1.5 kB URL GET HTTP/1.1 good12345.tripod.com/adm/zbl/js/published/moduleloader.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
Hash c5df2330daf6802e10e0b26050d3c41e
410e24b24366534263833a225e2102a96252cdb8
1e2df2adfec91156669dda9a0eb31ce5913191fcb92128f52d934a56392a0155
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /adm/zbl/js/published/moduleloader.js HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: CookieStatus=COOKIE_OK; MEMBER_PAGE=good12345/index.html; REFERRER=(null)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 07 Dec 2023 10:07:20 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Server-IP: 209.202.244.191
Accept-Ranges: bytes
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
X-Cache: MISS from good12345.tripod.com
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
good12345.tripod.com/adm/zbl/js/jquery/jquery-1.6.4.min.js
200 OK 92 kB URL GET HTTP/1.1 good12345.tripod.com/adm/zbl/js/jquery/jquery-1.6.4.min.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 9118381924c51c89d9414a311ec9c97f
71cce71820cc47b3bd1098618d248325fcf24ddb
951d6bae39eb172f57a88bd686f7a921cf060fd21f59648f0d20b6a8f98fc5a5
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /adm/zbl/js/jquery/jquery-1.6.4.min.js HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: CookieStatus=COOKIE_OK; MEMBER_PAGE=good12345/index.html; REFERRER=(null)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 07 Dec 2023 10:07:20 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Server-IP: 209.202.244.193
Accept-Ranges: bytes
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
X-Cache: MISS from good12345.tripod.com
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
good12345.tripod.com/adm/zbl/css/addons.css
200 OK 73 kB URL GET HTTP/1.1 good12345.tripod.com/adm/zbl/css/addons.css
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
File type ASCII text, with very long lines (453)
Hash 56b4d35a2727111e475aacb8aacd2924
b5a26880a48ba983d6303d20d9278faad8fecb2b
15d83655591005c6062a3eaba56f9a380161155d7452bdf00128170160d6edd4
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /adm/zbl/css/addons.css HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: CookieStatus=COOKIE_OK; MEMBER_PAGE=good12345/index.html; REFERRER=(null)
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 07 Dec 2023 10:07:22 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-Server-IP: 209.202.244.199
Cache-Control: max-age=604800
Expires: Thu, 14 Dec 2023 10:07:22 GMT
Accept-Ranges: bytes
X-UA-Compatible: IE=edge
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
X-Cache: MISS from good12345.tripod.com
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
good12345.tripod.com/adm/zbl/js/jquery/jquery.inherit-1.0.9.js
200 OK 1.9 kB URL GET HTTP/1.1 good12345.tripod.com/adm/zbl/js/jquery/jquery.inherit-1.0.9.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
Hash e61d56b0d29d8bb4843f00438d9ef6b1
51c858419ac0f9882ce12d3d382cd87be67ab38d
e6859c1a97220336c52d3a48579df36c711fcdd7470b5b7ed3a51b45a66cf48a
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /adm/zbl/js/jquery/jquery.inherit-1.0.9.js HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: CookieStatus=COOKIE_OK; MEMBER_PAGE=good12345/index.html; REFERRER=(null)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 07 Dec 2023 10:07:24 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Server-IP: 209.202.244.197
Accept-Ranges: bytes
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
X-Cache: MISS from good12345.tripod.com
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js
200 OK 893 B URL GET HTTP/1.1 scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js
IP
Requested by https://good12345.tripod.com/adm/ad/injectAd.iframe.html
Certificate IssuerLet's Encrypt
Subject*.lycos.com
Fingerprint37:37:C0:CC:FF:85:15:63:48:B5:FE:89:06:E2:B8:29:6D:4F:C3:3F
ValidityTue, 17 Oct 2023 00:22:33 GMT - Mon, 15 Jan 2024 00:22:32 GMT
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (970)
Hash a2a6b9fc74528fd91c980f6c1180ee50
d07a5c0ea220f12f04c63e62f0f83fc57aab8559
b93914f0559985baff5a4aaa7c829f941bdc36bef8145a004fb27a0a5d2b9c6b
GET /catman3/code/tripod.lycos.com/memberembedded.js HTTP/1.1
Host: scripts.lycos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:24 GMT
Server: Apache
Last-Modified: Mon, 07 Aug 2023 17:45:02 GMT
ETag: "a08-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=21600
Expires: Thu, 07 Dec 2023 16:07:24 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 893
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
platform.bidgear.com/ads.php?domainid=6586&sizeid=16&zoneid=7361
200 OK 1.3 kB URL GET HTTP/2 platform.bidgear.com/ads.php?domainid=6586&sizeid=16&zoneid=7361
IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1241), with no line terminators
Hash 4256b59cf86560a3a7b0a7d8b5c0c5ac
87a4bb91105e8622d3a0e631a243747a4d25ac21
ad671f8672983398032a39c45d6303be4ef50e9c4b4fac71901646a2b43f0f84
GET /ads.php?domainid=6586&sizeid=16&zoneid=7361 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYpE8THFBhuGAKB3ZeUfYYKrcQ3hCe5TF3HWrFfy89IE3EnX4MyEGnCA5kL8wxrt7TgVUl2mwhulPL5%2F1UtO8y8N8JV01x7WQHcZK0eCCnPbxzSfHw5%2BFIw%2FHb08I%2FuBtG8Vj4Aq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831bf620ee44569d-OSL
content-encoding: br
X-Firefox-Spdy: h2
tags.h12-media.com/load2.js
200 OK 98 kB URL GET HTTP/2 tags.h12-media.com/load2.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subject*.h12-media.com
Fingerprint82:5A:A3:DD:A2:D3:8C:13:85:81:F5:96:29:70:B0:AE:4E:0C:F7:42
ValidityTue, 05 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 45595a0a1e2419e734b0637847c17f19
0d3bb5287010fde22f9fa763cc7bc2b6013174a3
647cdfbb012b539f5af58374f519fcd1bf9d9e5330f43026cbf3df02118ed10b
GET /load2.js HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 10 Dec 2022 17:21:25 GMT
accept-ranges: bytes
etag: "d458c1d4bbcd91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Thu, 07 Dec 2023 10:07:23 GMT
content-length: 98135
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=7226&uuid=0feb24fd45d34504986e9d5f3d32fd67&p=85&g=NO&token=4a44335432&tbg=1701943644
200 OK 599 B URL GET HTTP/2 imp9.bidgear.com/rec?t=1&z=7226&uuid=0feb24fd45d34504986e9d5f3d32fd67&p=85&g=NO&token=4a44335432&tbg=1701943644
IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=7226&uuid=0feb24fd45d34504986e9d5f3d32fd67&p=85&g=NO&token=4a44335432&tbg=1701943644 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvA1rIuUF6id9oET3LdDenqtyjkw76w0lgVONFk2Di5ZSONACDXxnhaLAsHJTCfqKJPF71C5meHUjgJm1gwz4igQG29%2FjCp0yRQGyMfREbW%2BkPqup4DxLBG0SNYTYvQWWLI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831bf622e887569d-OSL
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=6586&sizeid=28&zoneid=7226
200 OK 980 B URL GET HTTP/2 platform.bidgear.com/ads.php?domainid=6586&sizeid=28&zoneid=7226
IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (619), with no line terminators
Hash 4fb66696ecf99b83e56155768c9aa2f8
ca24b045034c5bb63dff10cbca8240af7e6c06fb
38a87fa824624223a391c100c39536337f6bff08c74e431e8030debfdedce3ff
GET /ads.php?domainid=6586&sizeid=28&zoneid=7226 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5uKE72QFDKXdf7173Bb5Ky9%2BXyCXL7YqxBeX11YldEhvATCQy1vyt2GnCBiw%2FR7M6c5K4xYdabaj0lcWjbRJMx6MWtdBgOp7sM3ns2swo4evQplJ6cJ6YnxHa5HIbOT3XTpep%2BA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831bf6220fa8569d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.prplads.com/agent.js?publisherId=a58453be7e6b81764b3de7a675ac08ed:cf6c43c612645d5b4b180a4c3b90c9bd163bce810c11302add0036bd764118ac16ee2905145b220e03ade02b7ddf200a56a1651e5ffd8c3eac8fa65f65ab8f61
200 OK 22 kB URL GET HTTP/2 cdn.prplads.com/agent.js?publisherId=a58453be7e6b81764b3de7a675ac08ed:cf6c43c612645d5b4b180a4c3b90c9bd163bce810c11302add0036bd764118ac16ee2905145b220e03ade02b7ddf200a56a1651e5ffd8c3eac8fa65f65ab8f61
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint1D:DC:5D:E3:C9:52:D6:68:A1:9C:80:1E:CF:12:47:DA:C4:CF:72:EF
ValidityFri, 13 Oct 2023 12:28:33 GMT - Thu, 11 Jan 2024 12:28:32 GMT
File type Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Hash 9ecd2ab2e6476f27ccb67ce6873afe4f
c5d1101dc4774ae6bcb8703b31dd5689a0b9d16d
5dd29098f92e2849c511b54896490bd19c21f9002628c2d6e8ea58d54bbfefc5
GET /agent.js?publisherId=a58453be7e6b81764b3de7a675ac08ed:cf6c43c612645d5b4b180a4c3b90c9bd163bce810c11302add0036bd764118ac16ee2905145b220e03ade02b7ddf200a56a1651e5ffd8c3eac8fa65f65ab8f61 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64d9569deb156256a1c7a4d2f1b1fed9"
last-modified: Thu, 30 Nov 2023 15:57:22 GMT
x-amz-id-2: xOqw5rAPwlukfCBVUGVeBgSe+P/lWJSKskjJTdc29hp76i5das+RdRxgPZOdq7QiC6qDB6C0nZs=
x-amz-request-id: NNBS93W01SHTAJ22
cache-control: max-age=86400
cf-cache-status: HIT
age: 4132
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3F4wPSbBjjDAetMPlGkhhjG%2BROJqHfpjNzIm0iImEvIcxuzbM6MvhqdjciWCfUZ%2Bm4qi39AvZaX1lHBcIBpTtt4wMzHf8PUznRAtOl2mLDLS6l%2BW7myO7pi%2FIeEhVj7%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831bf622ed5f5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
ly.lygo.net/ly/zeeblio/images/trans/w30.png
200 OK 1.1 kB URL GET HTTP/1.1 ly.lygo.net/ly/zeeblio/images/trans/w30.png
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectlygo.net
Fingerprint8F:AF:4C:41:14:9B:73:8E:DF:22:1B:3E:86:76:48:6C:43:E4:4B:72
ValidityFri, 10 Nov 2023 00:22:18 GMT - Thu, 08 Feb 2024 00:22:17 GMT
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ddc36b286fe6771c568acf69b556611
40b803b58e889165354aba9a6a4a061ad2033380
533615ab4550d2eea6ea1ee4d7fe05c73e1dd2176be1799d126a3cbae8013aff
GET /ly/zeeblio/images/trans/w30.png HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:24 GMT
Server: Apache
Last-Modified: Mon, 19 Sep 2016 16:02:40 GMT
ETag: "433"
Accept-Ranges: bytes
Content-Length: 1075
Cache-Control: max-age=43200
Expires: Thu, 07 Dec 2023 22:07:24 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ly.lygo.net/ly/zeeblio/images/trans/w50.png
200 OK 1.1 kB URL GET HTTP/1.1 ly.lygo.net/ly/zeeblio/images/trans/w50.png
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectlygo.net
Fingerprint8F:AF:4C:41:14:9B:73:8E:DF:22:1B:3E:86:76:48:6C:43:E4:4B:72
ValidityFri, 10 Nov 2023 00:22:18 GMT - Thu, 08 Feb 2024 00:22:17 GMT
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 980d94ae0acbc78ab47757693b6994e6
6e940d5d66d665c07dce9285747230c6779af5e4
b75a5f7632d78eab5748f3eea4fa26cd596ce74849297e1e1a41da8df3bdb310
GET /ly/zeeblio/images/trans/w50.png HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:24 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2016 19:43:16 GMT
ETag: "432"
Accept-Ranges: bytes
Content-Length: 1074
Cache-Control: max-age=43200
Expires: Thu, 07 Dec 2023 22:07:24 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
good12345.tripod.com/adm/zbl/js/published/init.js
200 OK 1.4 kB URL GET HTTP/2 good12345.tripod.com/adm/zbl/js/published/init.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
Hash c0b1d97d0e9aaa19527dfc591f5c48d2
ba7eb703dba4d1af6b68e0e457a707df654198ea
580a3962655378ec5ddf895287123d57ceb18f620a812a89ee549679c6c8557a
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /adm/zbl/js/published/init.js HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: CookieStatus=COOKIE_OK; MEMBER_PAGE=good12345/index.html; REFERRER=(null)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 07 Dec 2023 10:07:20 GMT
content-type: application/x-javascript
x-server-ip: 209.202.244.193
accept-ranges: bytes
vary: Accept-Encoding
x-ua-compatible: IE=edge
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
x-cache: MISS from good12345.tripod.com
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
tags.h12-media.com/v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22responsive%22%2C%22adformat%22%3A%22standard%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2230114%22%2C%22topurl%22%3A%22https%3A%2F%2Fgood12345.tripod.com%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%220ngcwpese26%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A10%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1280%2C1024%5D%2C%22ddims%22%3A%5B1280%2C1362%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B160%2C1082%5D%2C%22pwidth%22%3A%5B100%2C960%2C1280%5D%2C%22pheight%22%3A%5Bnull%2C1081%2C1024%5D%2C%22maxwidth%22%3A960%2C%22maxheight%22%3A1024%7D&rnd=0.9633449088950583
200 OK 18 kB URL GET HTTP/2 tags.h12-media.com/v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22responsive%22%2C%22adformat%22%3A%22standard%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2230114%22%2C%22topurl%22%3A%22https%3A%2F%2Fgood12345.tripod.com%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%220ngcwpese26%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A10%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1280%2C1024%5D%2C%22ddims%22%3A%5B1280%2C1362%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B160%2C1082%5D%2C%22pwidth%22%3A%5B100%2C960%2C1280%5D%2C%22pheight%22%3A%5Bnull%2C1081%2C1024%5D%2C%22maxwidth%22%3A960%2C%22maxheight%22%3A1024%7D&rnd=0.9633449088950583
IP
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subject*.h12-media.com
Fingerprint82:5A:A3:DD:A2:D3:8C:13:85:81:F5:96:29:70:B0:AE:4E:0C:F7:42
ValidityTue, 05 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (7224), with CRLF line terminators
Hash 995a9f3877b392539ff3e91030a7aa2c
6eb7635a34e140d7aa299f170418c76d612f3e43
fa5b2d4d474fbdb92052137f464e99273579cb167aa8bfa39ecb467fa79b658e
GET /v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22responsive%22%2C%22adformat%22%3A%22standard%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2230114%22%2C%22topurl%22%3A%22https%3A%2F%2Fgood12345.tripod.com%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%220ngcwpese26%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A10%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1280%2C1024%5D%2C%22ddims%22%3A%5B1280%2C1362%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B160%2C1082%5D%2C%22pwidth%22%3A%5B100%2C960%2C1280%5D%2C%22pheight%22%3A%5Bnull%2C1081%2C1024%5D%2C%22maxwidth%22%3A960%2C%22maxheight%22%3A1024%7D&rnd=0.9633449088950583 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: 7thMile=f922753c%2Dfc6a%2D47e7%2D9078%2D1b63ef02c363; Max-Age=5000000; Domain=.h12-media.com; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin:
srg-x: x-.170
x-powered-by: ARR/3.0
date: Thu, 07 Dec 2023 10:07:24 GMT
content-length: 18440
X-Firefox-Spdy: h2
tags.h12-media.com/v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2230115%22%2C%22topurl%22%3A%22https%3A%2F%2Fgood12345.tripod.com%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22ppws7a04c8c%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%224%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A10%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1280%2C1024%5D%2C%22ddims%22%3A%5B1280%2C1479%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C1461%5D%2C%22pwidth%22%3A%5B100%2C1280%5D%2C%22pheight%22%3A%5Bnull%2C1024%5D%2C%22maxwidth%22%3A1280%2C%22maxheight%22%3A1024%7D&rnd=0.4402490737661665
200 OK 18 kB URL GET HTTP/2 tags.h12-media.com/v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2230115%22%2C%22topurl%22%3A%22https%3A%2F%2Fgood12345.tripod.com%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22ppws7a04c8c%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%224%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A10%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1280%2C1024%5D%2C%22ddims%22%3A%5B1280%2C1479%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C1461%5D%2C%22pwidth%22%3A%5B100%2C1280%5D%2C%22pheight%22%3A%5Bnull%2C1024%5D%2C%22maxwidth%22%3A1280%2C%22maxheight%22%3A1024%7D&rnd=0.4402490737661665
IP
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subject*.h12-media.com
Fingerprint82:5A:A3:DD:A2:D3:8C:13:85:81:F5:96:29:70:B0:AE:4E:0C:F7:42
ValidityTue, 05 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (7234), with CRLF line terminators
Hash ad5d0e855e6b491a04954802fea85491
108315370087e5ebd34d9d4530d7d559e1d86ade
a0ed0aa91e038a720631baf87521f1ad770c757b12d8c75d4194f3a449b25799
GET /v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2230115%22%2C%22topurl%22%3A%22https%3A%2F%2Fgood12345.tripod.com%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22ppws7a04c8c%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%224%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A10%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1280%2C1024%5D%2C%22ddims%22%3A%5B1280%2C1479%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C1461%5D%2C%22pwidth%22%3A%5B100%2C1280%5D%2C%22pheight%22%3A%5Bnull%2C1024%5D%2C%22maxwidth%22%3A1280%2C%22maxheight%22%3A1024%7D&rnd=0.4402490737661665 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: 7thMile=e4cac2f7%2D630e%2D4350%2D9ee1%2Dfe0ee9a9b81e; Max-Age=5000000; Domain=.h12-media.com; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin:
srg-x: x-.162
x-powered-by: ARR/3.0
date: Thu, 07 Dec 2023 10:07:24 GMT
content-length: 18409
X-Firefox-Spdy: h2
sp-log.lycos.com/tp_cm.gif
200 OK 45 B URL GET HTTP/1.1 sp-log.lycos.com/tp_cm.gif
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subject*.lycos.com
Fingerprint37:37:C0:CC:FF:85:15:63:48:B5:FE:89:06:E2:B8:29:6D:4F:C3:3F
ValidityTue, 17 Oct 2023 00:22:33 GMT - Mon, 15 Jan 2024 00:22:32 GMT
File type GIF image data, version 89a, 5 x 5\012- data
Hash c4e3e106fbcc28e9c5b2be2a78018886
fe87fba9c2a6384dfe3827cf6608b0692cb79872
e0f8dceb516151e70891cb4ed02aac4b5800b37c13d8328a35919472efe0f93e
GET /tp_cm.gif HTTP/1.1
Host: sp-log.lycos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:24 GMT
Server: Apache
Last-Modified: Mon, 06 Aug 2018 18:05:44 GMT
ETag: "2d-572c8204a63ec"
Accept-Ranges: bytes
Content-Length: 45
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
api.purpleads.io/x/init?ts=1701943650938
200 OK 103 B URL GET HTTP/2 api.purpleads.io/x/init?ts=1701943650938
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.purpleads.io
FingerprintB0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97
ValiditySun, 01 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 58f796f06ab6982381ac26e6a86c6479
09c26dd2a30758ac8bd82fd4122094d4dfb66686
0af17552baaa71e1bc34e64cb3dfe4c4ea1b09d2d04ec9204d7484942f6d64ae
GET /x/init?ts=1701943650938 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
Content-Type: application/json
x-purpleads-version: 3.0.9
x-request-url: aHR0cHM6Ly9nb29kMTIzNDUudHJpcG9kLmNvbS8=
Authorization: Bearer 06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:25 GMT
content-type: application/json; charset=utf-8
content-length: 103
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
etag: W/"67-CcJt0qMHWKyL2C/UEiCU1N+2ZoY"
vary: Accept-Encoding
X-Firefox-Spdy: h2
lygo.net/ly/zeeblio/styles/pets/images/petsBlock.jpg
200 OK 25 kB URL GET HTTP/1.1 lygo.net/ly/zeeblio/styles/pets/images/petsBlock.jpg
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectlygo.net
Fingerprint8F:AF:4C:41:14:9B:73:8E:DF:22:1B:3E:86:76:48:6C:43:E4:4B:72
ValidityFri, 10 Nov 2023 00:22:18 GMT - Thu, 08 Feb 2024 00:22:17 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 880x247, components 3\012- data
Hash 28b6234e8e7805e215c50ca02e9bf322
bf2534296ca47e44cc891f392067c74a4fa25a1f
59326300c90524adc0fc09f414835191737d0969386070548934b4a5413b6849
GET /ly/zeeblio/styles/pets/images/petsBlock.jpg HTTP/1.1
Host: lygo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ly.lygo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:25 GMT
Server: Apache
Last-Modified: Mon, 30 Oct 2017 14:29:05 GMT
ETag: "6051"
Accept-Ranges: bytes
Content-Length: 24657
Cache-Control: max-age=43200
Expires: Thu, 07 Dec 2023 22:07:25 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
lygo.net/ly/zeeblio/styles/pets/images/dogCat.png
200 OK 40 kB URL GET HTTP/1.1 lygo.net/ly/zeeblio/styles/pets/images/dogCat.png
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectlygo.net
Fingerprint8F:AF:4C:41:14:9B:73:8E:DF:22:1B:3E:86:76:48:6C:43:E4:4B:72
ValidityFri, 10 Nov 2023 00:22:18 GMT - Thu, 08 Feb 2024 00:22:17 GMT
File type PNG image data, 920 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash 8eb463537c945811989cee4fdf68b616
f231953111191fafa1ae07e58f465a41e7845658
9a0cdeaf93468edd20e755bdf9a2fe01b0fd61e6f1ef0493786c35ee74056642
GET /ly/zeeblio/styles/pets/images/dogCat.png HTTP/1.1
Host: lygo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ly.lygo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:25 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2016 19:25:44 GMT
ETag: "9d59"
Accept-Ranges: bytes
Content-Length: 40281
Cache-Control: max-age=43200
Expires: Thu, 07 Dec 2023 22:07:25 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
f.h12-media.com/v3/prebid3_2.1.js?v=14102023-2
200 OK 301 kB URL GET HTTP/3 f.h12-media.com/v3/prebid3_2.1.js?v=14102023-2
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecth12-media.com
FingerprintCF:FA:F4:37:56:D2:93:B9:F2:F4:ED:2B:0D:D4:70:F8:63:EB:D3:14
ValiditySat, 21 Oct 2023 08:17:43 GMT - Fri, 19 Jan 2024 08:17:42 GMT
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size 301 kB (300654 bytes)
Hash 4ad371b8543f85c48ecde1992e696210
0f7bc0b2dff78ceeae287550e4b73b0d74df0016
5739879c12a7db547c2ffc3a35466a4978ae4e63e91b5429b1dcaacd15adcd79
GET /v3/prebid3_2.1.js?v=14102023-2 HTTP/1.1
Host: f.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: 7thMile=e4cac2f7%2D630e%2D4350%2D9ee1%2Dfe0ee9a9b81e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 10:07:25 GMT
content-type: application/javascript
last-modified: Sat, 14 Oct 2023 07:06:52 GMT
etag: W/"5d471926dfed91:0"
vary: Accept-Encoding
x-powered-by: ARR/3.0
cache-control: max-age=14400
cf-cache-status: HIT
age: 4042
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGXtcPSE8NA5wvXlGwUSiKY05%2BjksMdE2%2F3QpEhmws%2BYcMd%2FMFlphz3v3o1VIX4P6PCDdXmh7IRJpR8WmTna7lHT%2BOUidnrYAmNIDek8BTo3xHQOEs%2BJHhyU23YulIAvMa0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831bf625ba0556bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
api.purpleads.io/x/v2/b/?idx=1&pid=5e30d587a3d2432b9c3ddb06182468ee&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100],[300,50]]&slotid=e6b73c8a-89de-4844-8e27-1db2253e7b32&ts=1701943651634
200 OK 4.7 kB URL OPTIONS HTTP/2 api.purpleads.io/x/v2/b/?idx=1&pid=5e30d587a3d2432b9c3ddb06182468ee&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100],[300,50]]&slotid=e6b73c8a-89de-4844-8e27-1db2253e7b32&ts=1701943651634
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.purpleads.io
FingerprintB0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97
ValiditySun, 01 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (3350), with no line terminators
Hash 660e8f8a8b1dabed6abd75f46939ebb2
0674338e46e149e8f5d75f96a3dac4f45bd17b16
447cd3235f18d99288d8fa25cfe46e02ef20cf5c2ded19166b8eb0db5b3b75f6
GET /x/v2/b/?idx=1&pid=5e30d587a3d2432b9c3ddb06182468ee&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100],[300,50]]&slotid=e6b73c8a-89de-4844-8e27-1db2253e7b32&ts=1701943651634 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
Content-Type: application/json
x-purpleads-version: 3.0.9
x-request-url: aHR0cHM6Ly9nb29kMTIzNDUudHJpcG9kLmNvbS8=
Authorization: Bearer 06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
set-cookie: pa-user-id=c930f846-e77d-42e2-abd7-8d337e6907b0; Domain=.purpleads.io; Path=/
pa-user-id: c930f846-e77d-42e2-abd7-8d337e6907b0
etag: W/"d16-BnQzjkbhSej111+Wo9rE9FvRexY"
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/b/?idx=0&pid=5e30d587a3d2432b9c3ddb06182468ee&sizes=[[336,280],[300,250],[200,200],[250,250],[320,100],[320,50],[300,100],[300,50]]&slotid=ca5dd4c4-8cbe-486b-8e45-8bdd1d59e4d3&ts=1701943651154
200 OK 6.8 kB URL GET HTTP/2 api.purpleads.io/x/v2/b/?idx=0&pid=5e30d587a3d2432b9c3ddb06182468ee&sizes=[[336,280],[300,250],[200,200],[250,250],[320,100],[320,50],[300,100],[300,50]]&slotid=ca5dd4c4-8cbe-486b-8e45-8bdd1d59e4d3&ts=1701943651154
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.purpleads.io
FingerprintB0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97
ValiditySun, 01 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
Hash fef450de61afdcb1b658fe16be488576
cacf17f03d6c6cfacdf04a10b9a9dea4a152c5de
f11ba21a1b31828dfe160eaff67bb8e1b4c14f01fa23de9856cdae3572897581
OPTIONS /x/v2/b/?idx=0&pid=5e30d587a3d2432b9c3ddb06182468ee&sizes=[[336,280],[300,250],[200,200],[250,250],[320,100],[320,50],[300,100],[300,50]]&slotid=ca5dd4c4-8cbe-486b-8e45-8bdd1d59e4d3&ts=1701943651154 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://good12345.tripod.com/
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1701943650938
200 OK 315 B URL GET HTTP/2 api.purpleads.io/x/init?ts=1701943650938
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.purpleads.io
FingerprintB0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97
ValiditySun, 01 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
Hash 9902dd90a34a5d4983153d84d2b7b644
93cba184b3234f5c821c7753725ae1634c4db9a6
c5227c37942e0c9b493720d550f946fbdc7018eb6abc548b969a05cd5881ff4d
OPTIONS /x/init?ts=1701943650938 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://good12345.tripod.com/
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
cdn.prplads.com/prebid-2023-10-03.js
200 OK 103 kB URL GET HTTP/2 cdn.prplads.com/prebid-2023-10-03.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint1D:DC:5D:E3:C9:52:D6:68:A1:9C:80:1E:CF:12:47:DA:C4:CF:72:EF
ValidityFri, 13 Oct 2023 12:28:33 GMT - Thu, 11 Jan 2024 12:28:32 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (103001 bytes)
Hash 22c6991529f172186b30126ef7602734
3c24b11bbbf27e04dbb073ca1d27dbafe407b606
f6c7add2b831f224789f67233e1064f9a3ceb1b55ac76644fa4eadc20cbe5c63
GET /prebid-2023-10-03.js HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:25 GMT
content-type: application/javascript
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=323203
etag: W/"c7c7415b80d5bb12e941595d2cc6b7f7"
last-modified: Tue, 03 Oct 2023 08:29:24 GMT
x-amz-id-2: cFsOaZRD+HjQqhV0tKhvlHDsz3Gv2Okd3uxT0Aia0nz96NIND3VWt5DmqRQv0jaYe3oHjqyXvt0=
x-amz-request-id: 57Y77SA59NV0433T
cf-cache-status: HIT
age: 583795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3uQxcIhpag3E7fsOXiEW%2FKlJmk57q%2B%2FoB%2Biy%2FIIqDMYhtC3dqOpxdQiGC%2F6CD3x4gXHCC9pqvqCwGRm3UJX4zVaLO8NYchCh0OKgXmGTkCSozHc6%2FlZmouHpPskLLTDkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831bf626f9da5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
f.h12-media.com/v3/prebid3_2.1.js?v=14102023-2
200 OK 274 kB URL GET HTTP/3 f.h12-media.com/v3/prebid3_2.1.js?v=14102023-2
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecth12-media.com
FingerprintCF:FA:F4:37:56:D2:93:B9:F2:F4:ED:2B:0D:D4:70:F8:63:EB:D3:14
ValiditySat, 21 Oct 2023 08:17:43 GMT - Fri, 19 Jan 2024 08:17:42 GMT
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size 274 kB (274056 bytes)
Hash 4ad371b8543f85c48ecde1992e696210
0f7bc0b2dff78ceeae287550e4b73b0d74df0016
5739879c12a7db547c2ffc3a35466a4978ae4e63e91b5429b1dcaacd15adcd79
GET /v3/prebid3_2.1.js?v=14102023-2 HTTP/1.1
Host: f.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: 7thMile=e4cac2f7%2D630e%2D4350%2D9ee1%2Dfe0ee9a9b81e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 10:07:25 GMT
content-type: application/javascript
last-modified: Sat, 14 Oct 2023 07:06:52 GMT
etag: W/"5d471926dfed91:0"
vary: Accept-Encoding
x-powered-by: ARR/3.0
cache-control: max-age=14400
cf-cache-status: HIT
age: 4042
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WUwKtR17vIb8iCAeqfMLM97HOnJj3v5BCESBBVtTcqDzxerjJdrY5FRcnVM%2B3zNFriNuRYt%2BH3FMFEpnnhAT%2BVOLwbue5CrDeRSqoQLzJYwT7kiH4kBTjin7ppB8Sl7GBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831bf625da1656bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ghb.adtelligent.com/v2/auction/
200 OK 1.2 kB URL POST HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP
Requested by https://good12345.tripod.com/
Certificate IssuerZeroSSL
Subjectghb.adtelligent.com
FingerprintF3:6D:8F:BA:9A:45:30:17:EB:61:41:B7:32:80:CA:ED:9F:A6:72:1B
ValidityTue, 28 Nov 2023 00:00:00 GMT - Mon, 26 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (4414), with no line terminators
Hash 1f9eed5211d210fd7bb0be8c00e49a03
75033204a23e8c1311774377f3adfd1274218ffa
b834ac36e435fdbc96b0e012f7cc4925a1738aa73341785c60fc5429ddf08204
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 951
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Thu, 07 Dec 2023 10:07:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1181
Access-Control-Allow-Origin: https://good12345.tripod.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
bidder.h12-media.com/prebid/default.asp?payload=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN_ck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa_O1ugFq810ZENvppYF5-Uw5OP8yg8NGSHkygw0VttGTPNbHUZrDpvR_7ZiW3dE_FBKha6hACvkl7Y9VmGZvjUI9oI0uNqWiTcyeW8kW_M695W9ChdRlRdCw5Id6wDy25bOBP1z8Gj-elh7AcugvVPRn419h_R3LJKXakArHPoWXwV1Nb_jNiQgVM-dckIRUukuxMzRP5ijdovv03jBIpvdnMBSco9jgzsmtlGnpXUojlzyv9Amg7KJyF4b8sT4mncIcskdMsDh1uG7LBquj01dsodSabE1pIUQ8UqCWsIx_9Tfdtd9JSiLiBCNiwpb3DTXM_5TVnEM05zIoNdZpjYzeoy5LoQikMti_q-MslLTeNB84wA52
200 OK 3.1 kB URL POST HTTP/2 bidder.h12-media.com/prebid/default.asp?payload=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN_ck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa_O1ugFq810ZENvppYF5-Uw5OP8yg8NGSHkygw0VttGTPNbHUZrDpvR_7ZiW3dE_FBKha6hACvkl7Y9VmGZvjUI9oI0uNqWiTcyeW8kW_M695W9ChdRlRdCw5Id6wDy25bOBP1z8Gj-elh7AcugvVPRn419h_R3LJKXakArHPoWXwV1Nb_jNiQgVM-dckIRUukuxMzRP5ijdovv03jBIpvdnMBSco9jgzsmtlGnpXUojlzyv9Amg7KJyF4b8sT4mncIcskdMsDh1uG7LBquj01dsodSabE1pIUQ8UqCWsIx_9Tfdtd9JSiLiBCNiwpb3DTXM_5TVnEM05zIoNdZpjYzeoy5LoQikMti_q-MslLTeNB84wA52
IP
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subject*.h12-media.com
Fingerprint82:5A:A3:DD:A2:D3:8C:13:85:81:F5:96:29:70:B0:AE:4E:0C:F7:42
ValidityTue, 05 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (3099), with no line terminators
Hash 8ac912e954e20fc93c7be088fcddb56c
32d840857d4d89fd59e3b8e68c2f3decdcc3fdb7
ee321db60a09a949832e14effcc276501c0503a6646948b04066fedc7be55129
POST /prebid/default.asp?payload=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN_ck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa_O1ugFq810ZENvppYF5-Uw5OP8yg8NGSHkygw0VttGTPNbHUZrDpvR_7ZiW3dE_FBKha6hACvkl7Y9VmGZvjUI9oI0uNqWiTcyeW8kW_M695W9ChdRlRdCw5Id6wDy25bOBP1z8Gj-elh7AcugvVPRn419h_R3LJKXakArHPoWXwV1Nb_jNiQgVM-dckIRUukuxMzRP5ijdovv03jBIpvdnMBSco9jgzsmtlGnpXUojlzyv9Amg7KJyF4b8sT4mncIcskdMsDh1uG7LBquj01dsodSabE1pIUQ8UqCWsIx_9Tfdtd9JSiLiBCNiwpb3DTXM_5TVnEM05zIoNdZpjYzeoy5LoQikMti_q-MslLTeNB84wA52 HTTP/1.1
Host: bidder.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1159
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: 7thMile=e067cb46%2Daac8%2D4233%2D9fa6%2Dfc0a9cfc6fab
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/json; Charset=UTF-8
server: Microsoft-IIS/10.0
set-cookie: 7thMile=1dd8b340%2Dc5a1%2D4ee0%2D8313%2Dbcd7fa6c6468; Max-Age=5000000; Domain=.h12-media.com; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: https://good12345.tripod.com
srg-x: x-.176
procadsent: 0.0469
x-powered-by: ARR/3.0
date: Thu, 07 Dec 2023 10:07:25 GMT
content-length: 3099
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231207
200 OK 831 B URL GET HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231207
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type JSON data\012- , ASCII text, with very long lines (1590), with no line terminators
Hash fea5fd5e74eef9de67d76eb55653b65c
ed3fa7d78a7ae75503a9452bb2395a7f9e80e23d
21afa7199d559d4dfd75da10d23a37752ed1c2636718c556a133dc13ba88fdbc
GET /gh/prebid/currency-file@1/latest.json?date=20231207 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1896
x-jsd-version-type: version
etag: W/"636-7T+n14p651UDqUUrsjlaf56A4j0"
content-encoding: br
accept-ranges: bytes
date: Thu, 07 Dec 2023 10:07:25 GMT
age: 21993
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 831
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
200 OK 268 B URL GET HTTP/1.1 script.4dex.io/localstore.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectscript.4dex.io
FingerprintAB:9B:A2:70:ED:27:23:EF:84:14:22:FF:67:9F:5D:50:06:2D:04:28
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (482)
Hash 922cffdd75f7192f75231d92684885aa
48ae21017844de388e0a32206a2691fa4c109669
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 870663
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWwwTdxLW99DeDFAMx0H6weorXki1%2FEVa6PuzvZKZKJRU7mpGGUyP1%2FaW%2FeFm264oSngKX72pqatjEKd3SJRFnHh%2FJ1QH7GSP49NKsplH8zup56D9Zt%2F12Y1OtOvi7DK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 831bf62b1cf3b512-OSL
Content-Encoding: br
ghb.adtelligent.com/v2/auction/
200 OK 667 B URL POST HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP
Requested by https://good12345.tripod.com/
Certificate IssuerZeroSSL
Subjectghb.adtelligent.com
FingerprintF3:6D:8F:BA:9A:45:30:17:EB:61:41:B7:32:80:CA:ED:9F:A6:72:1B
ValidityTue, 28 Nov 2023 00:00:00 GMT - Mon, 26 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2804), with no line terminators
Hash e8e277850efa8c1511ae7e6a7a01226c
6a76cd02298cb55228e756fd4767d8323621faf6
3dbff323374407fddbe613503ef932bb3653678eb8aa94d8acba1b097ec2a99c
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 332
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Thu, 07 Dec 2023 10:07:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 667
Access-Control-Allow-Origin: https://good12345.tripod.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
prebid.a-mo.net/a/c
204 No Content 0 B IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint5C:1B:DB:42:AD:A4:54:7C:87:D6:3F:1A:B6:29:AF:0C:7F:A6:14:FE
ValidityTue, 07 Nov 2023 13:48:39 GMT - Mon, 05 Feb 2024 13:48:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 1443
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://good12345.tripod.com
cache-control: max-age=0, private, must-revalidate
date: Thu, 07 Dec 2023 10:07:25 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 2
X-Firefox-Spdy: h2
mp.4dex.io/prebid
204 No Content 0 B IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint02:E1:92:C5:72:6D:E0:64:4A:46:05:69:81:98:7C:43:13:E7:15:7A
ValidityTue, 01 Aug 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 1660
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 07 Dec 2023 10:07:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://good12345.tripod.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 831bf62b3f890b3d-OSL
X-Firefox-Spdy: h2
tags.h12-media.com/rtb/default.asp?pname=hb_result_v3&impdata=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN%5Fck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa%5FO1ugFq810ZENvppYF5%2DUw5OP8ygQ4Mz20LwHimopIdPmqQYJrDpvR%5F7ZiW3dE%5FFBKha6hACvkl7Y9VmGZvjUI9oI0uBmCDWclI3T1C2RWFYnQ7fdRlRdCw5Id6wDy25bOBP1z8Gj%2Delh7AcugvVPRn419h%5FR3LJKXakArHPoWXwV1Nbx5p8zoRLJvxzCNCHMGAUFezXc904ODboAfvmDgdt%2DSFy%2DHvyRZHsR5tIM7VWeZvrJ7otzkKc76GTMD4uIv4gn9fd%2DjuBw0szkhdPsJRw6gQcrR0v2uIKGVJ5gS8R7ntgKRigTtZ3y%5FRFUz3QKTJC%5FRnpDBlx7OtYG89xJZF4EZqTgFxp8Q2lGbOe4nYsfTc7A52&size=970x250&wp=0%2E121&bd=OBT&d=imgpinger
200 OK 164 B URL GET HTTP/2 tags.h12-media.com/rtb/default.asp?pname=hb_result_v3&impdata=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN%5Fck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa%5FO1ugFq810ZENvppYF5%2DUw5OP8ygQ4Mz20LwHimopIdPmqQYJrDpvR%5F7ZiW3dE%5FFBKha6hACvkl7Y9VmGZvjUI9oI0uBmCDWclI3T1C2RWFYnQ7fdRlRdCw5Id6wDy25bOBP1z8Gj%2Delh7AcugvVPRn419h%5FR3LJKXakArHPoWXwV1Nbx5p8zoRLJvxzCNCHMGAUFezXc904ODboAfvmDgdt%2DSFy%2DHvyRZHsR5tIM7VWeZvrJ7otzkKc76GTMD4uIv4gn9fd%2DjuBw0szkhdPsJRw6gQcrR0v2uIKGVJ5gS8R7ntgKRigTtZ3y%5FRFUz3QKTJC%5FRnpDBlx7OtYG89xJZF4EZqTgFxp8Q2lGbOe4nYsfTc7A52&size=970x250&wp=0%2E121&bd=OBT&d=imgpinger
IP
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subject*.h12-media.com
Fingerprint82:5A:A3:DD:A2:D3:8C:13:85:81:F5:96:29:70:B0:AE:4E:0C:F7:42
ValidityTue, 05 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash ad787f51cfc060d10732c65085cdff51
e3d7ae7828efb9bb7895b5cacd37d64e4ac769f8
032489211ad43a5c993c77904674600333a8c31a9771c969d749f791480f4921
GET /rtb/default.asp?pname=hb_result_v3&impdata=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN%5Fck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa%5FO1ugFq810ZENvppYF5%2DUw5OP8ygQ4Mz20LwHimopIdPmqQYJrDpvR%5F7ZiW3dE%5FFBKha6hACvkl7Y9VmGZvjUI9oI0uBmCDWclI3T1C2RWFYnQ7fdRlRdCw5Id6wDy25bOBP1z8Gj%2Delh7AcugvVPRn419h%5FR3LJKXakArHPoWXwV1Nbx5p8zoRLJvxzCNCHMGAUFezXc904ODboAfvmDgdt%2DSFy%2DHvyRZHsR5tIM7VWeZvrJ7otzkKc76GTMD4uIv4gn9fd%2DjuBw0szkhdPsJRw6gQcrR0v2uIKGVJ5gS8R7ntgKRigTtZ3y%5FRFUz3QKTJC%5FRnpDBlx7OtYG89xJZF4EZqTgFxp8Q2lGbOe4nYsfTc7A52&size=970x250&wp=0%2E121&bd=OBT&d=imgpinger HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: 7thMile=1dd8b340%2Dc5a1%2D4ee0%2D8313%2Dbcd7fa6c6468
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
srg-x: x-.158
x-powered-by: ARR/3.0
date: Thu, 07 Dec 2023 10:07:25 GMT
content-length: 164
X-Firefox-Spdy: h2
ocsp.e2m01.amazontrust.com/
279 B URL ocsp.e2m01.amazontrust.com/
IP
Hash 6f8fba9198c94e3bb153b2a723e3aa14
4bafa0aee63c47832a2281cd62ef2a4bc4a2585d
330a00648e1500108d29a496b38a7f9a5450255f1fe42d0bc5ba36880ea544b1
POST / HTTP/1.1
Host: ocsp.e2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 279
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 07 Dec 2023 10:07:26 GMT
Last-Modified: Thu, 07 Dec 2023 08:43:15 GMT
Server: ECAcc (ska/F776)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cp65yT2VhgfyKHarGs51JoEmXN6dHDhBqxoYBJMRKch8HvO1xlnf3Q==
Age: 5051
onetag-sys.com/prebid-request
200 OK 41 B URL POST HTTP/2 onetag-sys.com/prebid-request
IP
Requested by https://good12345.tripod.com/
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint1B:3E:A7:6D:D6:26:C6:9E:AB:38:DE:9E:22:71:64:8C:9F:91:0B:7B
ValidityWed, 28 Dec 2022 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 1698
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
tags.h12-media.com/rtb/default.asp?pname=hb_result_v3&impdata=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN%5Fck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa%5FO1ugFq810ZENvppYF5%2DUw5OP8yg8NGSHkygw0VttGTPNbHUZrDpvR%5F7ZiW3dE%5FFBKha6hACvkl7Y9VmGZvjUI9oI0uNqWiTcyeW8kW%5FM695W9ChdRlRdCw5Id6wDy25bOBP1z8Gj%2Delh7AcugvVPRn419h%5FR3LJKXakArHPoWXwV1Nb%5FjNiQgVM%2DdckIRUukuxMzRP5ijdovv03jBIpvdnMBSco9jgzsmtlGnpXUojlzyv9Amg7KJyF4b8sT4mncIcskdMsDh1uG7LBquj01dsodSabE1pIUQ8UqCWsIx%5F9Tfdtd9JSiLiBCNiwpb3DTXM%5F5TVnEM05zIoNdZpjYzeoy5LoQikMti%5Fq%2DMslLTeNB84wA52&size=970x90&wp=0%2E121&bd=OBT&d=imgpinger
200 OK 164 B URL GET HTTP/2 tags.h12-media.com/rtb/default.asp?pname=hb_result_v3&impdata=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN%5Fck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa%5FO1ugFq810ZENvppYF5%2DUw5OP8yg8NGSHkygw0VttGTPNbHUZrDpvR%5F7ZiW3dE%5FFBKha6hACvkl7Y9VmGZvjUI9oI0uNqWiTcyeW8kW%5FM695W9ChdRlRdCw5Id6wDy25bOBP1z8Gj%2Delh7AcugvVPRn419h%5FR3LJKXakArHPoWXwV1Nb%5FjNiQgVM%2DdckIRUukuxMzRP5ijdovv03jBIpvdnMBSco9jgzsmtlGnpXUojlzyv9Amg7KJyF4b8sT4mncIcskdMsDh1uG7LBquj01dsodSabE1pIUQ8UqCWsIx%5F9Tfdtd9JSiLiBCNiwpb3DTXM%5F5TVnEM05zIoNdZpjYzeoy5LoQikMti%5Fq%2DMslLTeNB84wA52&size=970x90&wp=0%2E121&bd=OBT&d=imgpinger
IP
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subject*.h12-media.com
Fingerprint82:5A:A3:DD:A2:D3:8C:13:85:81:F5:96:29:70:B0:AE:4E:0C:F7:42
ValidityTue, 05 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash ad787f51cfc060d10732c65085cdff51
e3d7ae7828efb9bb7895b5cacd37d64e4ac769f8
032489211ad43a5c993c77904674600333a8c31a9771c969d749f791480f4921
GET /rtb/default.asp?pname=hb_result_v3&impdata=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN%5Fck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa%5FO1ugFq810ZENvppYF5%2DUw5OP8yg8NGSHkygw0VttGTPNbHUZrDpvR%5F7ZiW3dE%5FFBKha6hACvkl7Y9VmGZvjUI9oI0uNqWiTcyeW8kW%5FM695W9ChdRlRdCw5Id6wDy25bOBP1z8Gj%2Delh7AcugvVPRn419h%5FR3LJKXakArHPoWXwV1Nb%5FjNiQgVM%2DdckIRUukuxMzRP5ijdovv03jBIpvdnMBSco9jgzsmtlGnpXUojlzyv9Amg7KJyF4b8sT4mncIcskdMsDh1uG7LBquj01dsodSabE1pIUQ8UqCWsIx%5F9Tfdtd9JSiLiBCNiwpb3DTXM%5F5TVnEM05zIoNdZpjYzeoy5LoQikMti%5Fq%2DMslLTeNB84wA52&size=970x90&wp=0%2E121&bd=OBT&d=imgpinger HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: 7thMile=1dd8b340%2Dc5a1%2D4ee0%2D8313%2Dbcd7fa6c6468
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
srg-x: x-.170
x-powered-by: ARR/3.0
date: Thu, 07 Dec 2023 10:07:25 GMT
content-length: 164
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
200 OK 24 kB IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectscript.4dex.io
FingerprintAB:9B:A2:70:ED:27:23:EF:84:14:22:FF:67:9F:5D:50:06:2D:04:28
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (65354)
Hash 6faf3acfde3bb82adada71be4fc1deb0
20f08498f821936592273d8f755d94f31c9b9c7a
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQX3dp512bTxZG2ZQeKQj972f2foTvbLMLuyZOR%2B7MFxbKkcdTXDF%2FBfGt3VrlxAmpt86RuhBLPJr1lgLxpsgr%2ByWOAPTRxI6uHKtn8WmGoF2ZJD7xYoqKW4lmERN%2B%2BF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 831bf62c099e5687-OSL
Content-Encoding: br
hb.minutemedia-prebid.com/hb-mm-multi
200 OK 83 B URL POST HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.minutemedia-prebid.com
Fingerprint78:60:CA:D2:8D:B9:A7:DD:37:8E:1C:86:0C:2C:C9:BA:3A:16:60:B9
ValidityTue, 18 Apr 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash b60c1aa8b7c49a16d482ff31df4c9ec9
f3f413da7c3beacd73d5242847f7834a274b65df
59ebe56b0c51544e2ad328cc712133b0610100a3838baaf4cecd3e2907397701
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 1006
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:26 GMT
content-type: application/json
content-length: 83
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://good12345.tripod.com
x-reason: do not track ifa
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
200 OK 268 B URL GET HTTP/1.1 script.4dex.io/localstore.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectscript.4dex.io
FingerprintAB:9B:A2:70:ED:27:23:EF:84:14:22:FF:67:9F:5D:50:06:2D:04:28
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (482)
Hash 922cffdd75f7192f75231d92684885aa
48ae21017844de388e0a32206a2691fa4c109669
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 870664
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cCE%2BNdjwGrDXaAz9ChJcWljRgVP4VCDr%2BiG%2FmRH2NAqpU2m4yb%2BEUTFy%2FhOwnykNDpIeiugOkRVeXSzMmwp3YIL4ZC6yhoZTqFh%2FvBrMBjqFSCVKPOpEmnQV2YBpUei"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 831bf62c9ea9b512-OSL
Content-Encoding: br
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231207
200 OK 831 B URL GET HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231207
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type JSON data\012- , ASCII text, with very long lines (1590), with no line terminators
Hash fea5fd5e74eef9de67d76eb55653b65c
ed3fa7d78a7ae75503a9452bb2395a7f9e80e23d
21afa7199d559d4dfd75da10d23a37752ed1c2636718c556a133dc13ba88fdbc
GET /gh/prebid/currency-file@1/latest.json?date=20231207 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1896
x-jsd-version-type: version
etag: W/"636-7T+n14p651UDqUUrsjlaf56A4j0"
content-encoding: br
accept-ranges: bytes
date: Thu, 07 Dec 2023 10:07:26 GMT
age: 21993
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 831
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
204 No Content 0 B IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint5C:1B:DB:42:AD:A4:54:7C:87:D6:3F:1A:B6:29:AF:0C:7F:A6:14:FE
ValidityTue, 07 Nov 2023 13:48:39 GMT - Mon, 05 Feb 2024 13:48:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 1417
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://good12345.tripod.com
cache-control: max-age=0, private, must-revalidate
date: Thu, 07 Dec 2023 10:07:26 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
200 OK 24 kB IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectscript.4dex.io
FingerprintAB:9B:A2:70:ED:27:23:EF:84:14:22:FF:67:9F:5D:50:06:2D:04:28
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (65354)
Hash 6faf3acfde3bb82adada71be4fc1deb0
20f08498f821936592273d8f755d94f31c9b9c7a
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8FCu%2BR8Wn%2BLx4KGGAY50j1vbmBx2emF1kCXQixnmEBQu9Lck2e0QZ%2Bj%2BBEjLjgg58oAbOKKSjtP3%2FKP8b02pD8XCrKbiGAdoJaLMaJpXxnIxOf9pRRN21OwPGyOXh8D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 831bf62cfa845687-OSL
Content-Encoding: br
onetag-sys.com/prebid-request
200 OK 41 B URL POST HTTP/2 onetag-sys.com/prebid-request
IP
Requested by https://good12345.tripod.com/
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint1B:3E:A7:6D:D6:26:C6:9E:AB:38:DE:9E:22:71:64:8C:9F:91:0B:7B
ValidityWed, 28 Dec 2022 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 1655
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
ghb.adtelligent.com/v2/auction/
200 OK 668 B URL POST HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP
Requested by https://good12345.tripod.com/
Certificate IssuerZeroSSL
Subjectghb.adtelligent.com
FingerprintF3:6D:8F:BA:9A:45:30:17:EB:61:41:B7:32:80:CA:ED:9F:A6:72:1B
ValidityTue, 28 Nov 2023 00:00:00 GMT - Mon, 26 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2804), with no line terminators
Hash 065256ff29563b21b3782b62e36382b1
8518abb7f95c845d3c1beaf9e2e3e6eed6972cef
276c74f37531ed748fd800d5484028ede82987490cf61b15e69e6ab70ffb345a
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 321
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Thu, 07 Dec 2023 10:07:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 668
Access-Control-Allow-Origin: https://good12345.tripod.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
mp.4dex.io/prebid
204 No Content 0 B IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint02:E1:92:C5:72:6D:E0:64:4A:46:05:69:81:98:7C:43:13:E7:15:7A
ValidityTue, 01 Aug 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 1650
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 07 Dec 2023 10:07:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://good12345.tripod.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 831bf62ce8b90b3d-OSL
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
200 OK 84 B URL POST HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.minutemedia-prebid.com
Fingerprint78:60:CA:D2:8D:B9:A7:DD:37:8E:1C:86:0C:2C:C9:BA:3A:16:60:B9
ValidityTue, 18 Apr 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash 3cf7190d8ec0c556e4eb2b16b4eb8c6d
2939e79bd5b31e915d80c9c3dc556c6e331406ff
88b5d12fa172d0d71ca7ef2f61b32ccb221970180d21e68a85bea08c814f3fe3
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 996
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:26 GMT
content-type: application/json
content-length: 84
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://good12345.tripod.com
x-reason: do not track ifa
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
bs.yandex.ru/prebid/2347836?imp-id=1&target-ref=good12345.tripod.com&ssp-id=10500&ssp-cur=USD
200 OK 0 B URL POST HTTP/2 bs.yandex.ru/prebid/2347836?imp-id=1&target-ref=good12345.tripod.com&ssp-id=10500&ssp-cur=USD
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subjectbs.yandex.ru
Fingerprint2D:C7:B4:EE:E5:27:AC:B2:A3:3B:D7:05:03:6E:54:31:5E:D2:25:AB
ValiditySun, 24 Sep 2023 21:01:39 GMT - Sun, 24 Mar 2024 20:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/2347836?imp-id=1&target-ref=good12345.tripod.com&ssp-id=10500&ssp-cur=USD HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 326
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
uniformat: true
date: Thu, 07 Dec 2023 10:07:26 GMT
access-control-allow-origin: https://good12345.tripod.com
set-cookie: yandexuid=8580451051701943646; domain=.yandex.ru; path=/; expires=Sun, 04-Dec-2033 10:07:26 GMT
access-control-allow-credentials: true
uniformat-product-type: None
pragma: no-cache
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Thu, 07 Dec 2023 10:07:26 GMT
x-yandex-req-id: 1701943646359536-667832721918811436800444-production-app-host-vla-pcode-118
last-modified: Thu, 07 Dec 2023 10:07:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
X-Firefox-Spdy: h2
scripts.lycos.com/catman/init.js
200 OK 927 B URL GET HTTP/1.1 scripts.lycos.com/catman/init.js
IP
Requested by https://good12345.tripod.com/adm/ad/injectAd.iframe.html
Certificate IssuerLet's Encrypt
Subject*.lycos.com
Fingerprint37:37:C0:CC:FF:85:15:63:48:B5:FE:89:06:E2:B8:29:6D:4F:C3:3F
ValidityTue, 17 Oct 2023 00:22:33 GMT - Mon, 15 Jan 2024 00:22:32 GMT
File type ASCII text, with very long lines (905)
Hash 66e54ed2b8eaa3b82ba27ff49c42e81d
79b8df00da71f4fe5526f855345059c7dcdecfe8
b1d4a753cf3cc25720fc2883a3e6c6be8c43637041c34aa376cf7428f7672520
GET /catman/init.js HTTP/1.1
Host: scripts.lycos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:26 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2016 19:26:58 GMT
ETag: "9c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=21600
Expires: Thu, 07 Dec 2023 16:07:26 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 927
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js
200 OK 893 B URL GET HTTP/1.1 scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js
IP
Requested by https://good12345.tripod.com/adm/ad/injectAd.iframe.html
Certificate IssuerLet's Encrypt
Subject*.lycos.com
Fingerprint37:37:C0:CC:FF:85:15:63:48:B5:FE:89:06:E2:B8:29:6D:4F:C3:3F
ValidityTue, 17 Oct 2023 00:22:33 GMT - Mon, 15 Jan 2024 00:22:32 GMT
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (970)
Hash a2a6b9fc74528fd91c980f6c1180ee50
d07a5c0ea220f12f04c63e62f0f83fc57aab8559
b93914f0559985baff5a4aaa7c829f941bdc36bef8145a004fb27a0a5d2b9c6b
GET /catman3/code/tripod.lycos.com/memberembedded.js HTTP/1.1
Host: scripts.lycos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:26 GMT
Server: Apache
Last-Modified: Mon, 07 Aug 2023 17:45:02 GMT
ETag: "a08-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=21600
Expires: Thu, 07 Dec 2023 16:07:26 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 893
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
scripts.lycos.com/catman/init.js
200 OK 927 B URL GET HTTP/1.1 scripts.lycos.com/catman/init.js
IP
Requested by https://good12345.tripod.com/adm/ad/injectAd.iframe.html
Certificate IssuerLet's Encrypt
Subject*.lycos.com
Fingerprint37:37:C0:CC:FF:85:15:63:48:B5:FE:89:06:E2:B8:29:6D:4F:C3:3F
ValidityTue, 17 Oct 2023 00:22:33 GMT - Mon, 15 Jan 2024 00:22:32 GMT
File type ASCII text, with very long lines (905)
Hash 66e54ed2b8eaa3b82ba27ff49c42e81d
79b8df00da71f4fe5526f855345059c7dcdecfe8
b1d4a753cf3cc25720fc2883a3e6c6be8c43637041c34aa376cf7428f7672520
GET /catman/init.js HTTP/1.1
Host: scripts.lycos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:26 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2016 19:26:58 GMT
ETag: "9c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=21600
Expires: Thu, 07 Dec 2023 16:07:26 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 927
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
api.purpleads.io/x/v2/b/?idx=2&pid=5e30d587a3d2432b9c3ddb06182468ee&sizes=[[336,280],[300,250],[200,200],[250,250],[320,100],[320,50],[300,100],[300,50]]&slotid=ca5dd4c4-8cbe-486b-8e45-8bdd1d59e4d3&demand=unifiedPb&ts=1701943653039
200 OK 939 B URL OPTIONS HTTP/2 api.purpleads.io/x/v2/b/?idx=2&pid=5e30d587a3d2432b9c3ddb06182468ee&sizes=[[336,280],[300,250],[200,200],[250,250],[320,100],[320,50],[300,100],[300,50]]&slotid=ca5dd4c4-8cbe-486b-8e45-8bdd1d59e4d3&demand=unifiedPb&ts=1701943653039
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.purpleads.io
FingerprintB0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97
ValiditySun, 01 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
Hash f8f5b5a80e9680a3577ce9c375b51e51
d1b94b3caeb8c1a6a3a00e07db18bf04e46472f3
a0a7cfc9a47eedc34455ca66b427ef2225a5b1c3adb10bb84e7a33669891f4da
OPTIONS /x/v2/b/?idx=2&pid=5e30d587a3d2432b9c3ddb06182468ee&sizes=[[336,280],[300,250],[200,200],[250,250],[320,100],[320,50],[300,100],[300,50]]&slotid=ca5dd4c4-8cbe-486b-8e45-8bdd1d59e4d3&demand=unifiedPb&ts=1701943653039 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Referer: https://good12345.tripod.com/
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:26 GMT
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
bs.yandex.ru/prebid/2347836?imp-id=1&target-ref=good12345.tripod.com&ssp-id=10500&ssp-cur=USD
200 OK 101 kB URL POST HTTP/2 bs.yandex.ru/prebid/2347836?imp-id=1&target-ref=good12345.tripod.com&ssp-id=10500&ssp-cur=USD
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subjectbs.yandex.ru
Fingerprint2D:C7:B4:EE:E5:27:AC:B2:A3:3B:D7:05:03:6E:54:31:5E:D2:25:AB
ValiditySun, 24 Sep 2023 21:01:39 GMT - Sun, 24 Mar 2024 20:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 101 kB (101202 bytes)
Hash d5affe0a9e691e2299912022db656d48
ed8656a913680dbbca21d6cf76e1e931e18670a1
338e8b5b241a1b5d734fea0d1d6536d1e3290273cf2367a7722e04345a8488f1
POST /prebid/2347836?imp-id=1&target-ref=good12345.tripod.com&ssp-id=10500&ssp-cur=USD HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
content-type: text/plain
Content-Length: 303
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://good12345.tripod.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1701943646425730-506104305473362305500323-production-app-host-vla-pcode-397
x-ya-product-type: direct
last-modified: Thu, 07 Dec 2023 10:07:26 GMT
date: Thu, 07 Dec 2023 10:07:26 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Thu, 14-Dec-2023 10:07:26 GMT
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
x-ya-format-type: banner
ssr: true
expires: Thu, 07 Dec 2023 10:07:26 GMT
x-ya-request-id: 1701943646425730-506104305473362305500323-production-app-host-vla-pcode-397
X-Firefox-Spdy: h2
scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js
200 OK 893 B URL GET HTTP/1.1 scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js
IP
Requested by https://good12345.tripod.com/adm/ad/injectAd.iframe.html
Certificate IssuerLet's Encrypt
Subject*.lycos.com
Fingerprint37:37:C0:CC:FF:85:15:63:48:B5:FE:89:06:E2:B8:29:6D:4F:C3:3F
ValidityTue, 17 Oct 2023 00:22:33 GMT - Mon, 15 Jan 2024 00:22:32 GMT
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (970)
Hash a2a6b9fc74528fd91c980f6c1180ee50
d07a5c0ea220f12f04c63e62f0f83fc57aab8559
b93914f0559985baff5a4aaa7c829f941bdc36bef8145a004fb27a0a5d2b9c6b
GET /catman3/code/tripod.lycos.com/memberembedded.js HTTP/1.1
Host: scripts.lycos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:26 GMT
Server: Apache
Last-Modified: Mon, 07 Aug 2023 17:45:02 GMT
ETag: "a08-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=21600
Expires: Thu, 07 Dec 2023 16:07:26 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 893
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
api.purpleads.io/x/a/winner?ts=1701943653083
200 OK 0 B URL OPTIONS HTTP/2 api.purpleads.io/x/a/winner?ts=1701943653083
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.purpleads.io
FingerprintB0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97
ValiditySun, 01 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/a/winner?ts=1701943653083 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Referer: https://good12345.tripod.com/
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:26 GMT
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
api.purpleads.io/x/a/16450c39e4d9a9e91ea3efc08a4c11b6:caa7ab62e79eaa02d0ff1fc47ed49f1de75b1f387f03d9c2e547c43e5d8486de998826bc8a4a4feb8ed8cd2ae295d4e07ccd812c396eb9c7be1d4b26a1afe0e25efa392bf676d098f0add132083b1779b2047d1bc0c4a8fd24d9753882715eed875649080b5077795597ddd893c2e40bd6d0dc8a0ce80e3a5504a5b6f0afdbf985de9d60573fa00b524e5976798fea1a/i?id=8bc7f551-5bb9-49c6-b01c-2ca3c4e4ae7c&ts=1701943653085
204 No Content 0 B URL GET HTTP/2 api.purpleads.io/x/a/16450c39e4d9a9e91ea3efc08a4c11b6:caa7ab62e79eaa02d0ff1fc47ed49f1de75b1f387f03d9c2e547c43e5d8486de998826bc8a4a4feb8ed8cd2ae295d4e07ccd812c396eb9c7be1d4b26a1afe0e25efa392bf676d098f0add132083b1779b2047d1bc0c4a8fd24d9753882715eed875649080b5077795597ddd893c2e40bd6d0dc8a0ce80e3a5504a5b6f0afdbf985de9d60573fa00b524e5976798fea1a/i?id=8bc7f551-5bb9-49c6-b01c-2ca3c4e4ae7c&ts=1701943653085
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.purpleads.io
FingerprintB0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97
ValiditySun, 01 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/a/16450c39e4d9a9e91ea3efc08a4c11b6:caa7ab62e79eaa02d0ff1fc47ed49f1de75b1f387f03d9c2e547c43e5d8486de998826bc8a4a4feb8ed8cd2ae295d4e07ccd812c396eb9c7be1d4b26a1afe0e25efa392bf676d098f0add132083b1779b2047d1bc0c4a8fd24d9753882715eed875649080b5077795597ddd893c2e40bd6d0dc8a0ce80e3a5504a5b6f0afdbf985de9d60573fa00b524e5976798fea1a/i?id=8bc7f551-5bb9-49c6-b01c-2ca3c4e4ae7c&ts=1701943653085 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
Content-Type: application/json
x-purpleads-version: 3.0.9
x-request-url: aHR0cHM6Ly9nb29kMTIzNDUudHJpcG9kLmNvbS8=
Authorization: Bearer 06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
pa-user-id: c930f846-e77d-42e2-abd7-8d337e6907b0
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 07 Dec 2023 10:07:26 GMT
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
200 OK 26 kB URL GET HTTP/2 yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 26004, version 1.0\012- data
Hash 7f0cdaf91230f9789ca4162aedff612e
965de571aa794dab64076c3cc64dc8894b843f23
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Fri, 06 Dec 2024 15:55:03 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: afef2be6d0116ed2
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/923722/81f60938c3a6ab759528.js
200 OK 15 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/923722/81f60938c3a6ab759528.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (60313)
Hash d0483ca99025f2bde09efcfc7ee22ad3
49a557eb3d997a1c23a14577552c016ba7f24452
95846f6f3b9b0a2cb6febe848e2ee0692768b22a811aac2bb6875708fec6a478
GET /partner-code-bundles/923722/81f60938c3a6ab759528.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 14812
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "fb09445feb444e4c9ec8ca27c662071c"
expires: Sat, 06 Dec 2053 16:42:33 GMT
last-modified: Wed, 06 Dec 2023 15:48:36 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/923722/361d224b1ec190a68875.js
200 OK 118 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/923722/361d224b1ec190a68875.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (65497)
Size 118 kB (117460 bytes)
Hash 4a8bdb6e3a1a4071db7965eafc128890
f1145875c487c31b61666eb688cb683ac274c8b6
c0e05b7a75bdcf341341c1576c130791ab011e0cec8d7f21869a8751f1320a7b
GET /partner-code-bundles/923722/361d224b1ec190a68875.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 117460
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "387612b4727448e39a318ced50582808"
expires: Sat, 06 Dec 2053 16:42:33 GMT
last-modified: Wed, 06 Dec 2023 15:48:36 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/923722/a7bf7e145afb723d3ac7.js
200 OK 4.8 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/923722/a7bf7e145afb723d3ac7.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (14270)
Hash 0bc0c5c7c215c221300aeb93ad99b94a
03154be393fa2192be1febf00ada52dd6b9925a8
2fec8f9de57413ffe94bfff4f7f6a0fb65d10662677124d3f78f9939b0ba853d
GET /partner-code-bundles/923722/a7bf7e145afb723d3ac7.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 4771
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "7d63e44065153a3d841810a5e9c9a6d0"
expires: Sat, 06 Dec 2053 16:42:33 GMT
last-modified: Wed, 06 Dec 2023 15:48:36 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/923722/ed1feef7c36b0b46edcf.js
200 OK 8.0 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/923722/ed1feef7c36b0b46edcf.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (24505)
Hash bc1f08dc637bbea36743f8f74c9ac502
7a3ffeb5005e7521d19cc317b2d1fd0491a2145f
591e545c7a85c8d329e312fed673f2fc4c684f3307e26c2e77a75a85163e5383
GET /partner-code-bundles/923722/ed1feef7c36b0b46edcf.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 7950
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "a0848b5adf26d00371205853bde96608"
expires: Sat, 06 Dec 2053 16:42:33 GMT
last-modified: Wed, 06 Dec 2023 15:48:36 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/923722/f86fd4f099dc63b96537.js
200 OK 24 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/923722/f86fd4f099dc63b96537.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (65494)
Hash 2966057e4a42ab785cc13255105817e4
f7c00c0b8510319fa2b33a83a19b92f020497913
82892b3038968faaabb54ffd3ef7eb099f68c2d7268c07dc104f35b14b90d1f0
GET /partner-code-bundles/923722/f86fd4f099dc63b96537.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 24545
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "6efbea1b5a4c7fb54c08077c17b29f87"
expires: Sat, 06 Dec 2053 16:42:33 GMT
last-modified: Wed, 06 Dec 2023 15:48:36 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
api.purpleads.io/x/a/16450c39e4d9a9e91ea3efc08a4c11b6:caa7ab62e79eaa02d0ff1fc47ed49f1de75b1f387f03d9c2e547c43e5d8486de998826bc8a4a4feb8ed8cd2ae295d4e07ccd812c396eb9c7be1d4b26a1afe0e25efa392bf676d098f0add132083b1779b2047d1bc0c4a8fd24d9753882715eed875649080b5077795597ddd893c2e40bd6d0dc8a0ce80e3a5504a5b6f0afdbf985de9d60573fa00b524e5976798fea1a/i?id=8bc7f551-5bb9-49c6-b01c-2ca3c4e4ae7c&ts=1701943653085
204 No Content 8.9 kB URL GET HTTP/2 api.purpleads.io/x/a/16450c39e4d9a9e91ea3efc08a4c11b6:caa7ab62e79eaa02d0ff1fc47ed49f1de75b1f387f03d9c2e547c43e5d8486de998826bc8a4a4feb8ed8cd2ae295d4e07ccd812c396eb9c7be1d4b26a1afe0e25efa392bf676d098f0add132083b1779b2047d1bc0c4a8fd24d9753882715eed875649080b5077795597ddd893c2e40bd6d0dc8a0ce80e3a5504a5b6f0afdbf985de9d60573fa00b524e5976798fea1a/i?id=8bc7f551-5bb9-49c6-b01c-2ca3c4e4ae7c&ts=1701943653085
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.purpleads.io
FingerprintB0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97
ValiditySun, 01 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
Hash f80882bf67cf261aa08d636da095149a
3e5bf3fbdb45c9696f9b925d3e71b2e9777c82cd
4794febaad77bf94edba1c860dbcf9612722ad0a18b95831dad359b0bba4bed6
OPTIONS /x/a/16450c39e4d9a9e91ea3efc08a4c11b6:caa7ab62e79eaa02d0ff1fc47ed49f1de75b1f387f03d9c2e547c43e5d8486de998826bc8a4a4feb8ed8cd2ae295d4e07ccd812c396eb9c7be1d4b26a1afe0e25efa392bf676d098f0add132083b1779b2047d1bc0c4a8fd24d9753882715eed875649080b5077795597ddd893c2e40bd6d0dc8a0ce80e3a5504a5b6f0afdbf985de9d60573fa00b524e5976798fea1a/i?id=8bc7f551-5bb9-49c6-b01c-2ca3c4e4ae7c&ts=1701943653085 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Referer: https://good12345.tripod.com/
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:26 GMT
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6IjU4ZGI5Mzc0N2NmOTU5NmY4Y2FkMTFjNTk2YmE2NjA5OWRmZjRmMTFkZmMyMjliNGM3NWJhNDdkNTliNzdjZjMiLCJ3Ijo1MDAsImgiOjM3NSwiZCI6MS4wLCJjaCI6LTg0NDg2MjYxNCwiY3MiOjAsImYiOjR9.webp
200 OK 22 kB URL GET HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6IjU4ZGI5Mzc0N2NmOTU5NmY4Y2FkMTFjNTk2YmE2NjA5OWRmZjRmMTFkZmMyMjliNGM3NWJhNDdkNTliNzdjZjMiLCJ3Ijo1MDAsImgiOjM3NSwiZCI6MS4wLCJjaCI6LTg0NDg2MjYxNCwiY3MiOjAsImYiOjR9.webp
IP
Requested by https://good12345.tripod.com/
Certificate IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint4F:05:15:71:93:78:ED:64:53:30:81:ED:DA:9C:FE:4F:7B:F9:41:BE
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 11b751665346bb4a6c3f6d610148476a
7d785981f65ed6d78dde77d1f3de34b411a6c8f6
31e3a97a9c1dd2dec0d3f94ef2326a6cc7d1a53c99e038fae0689994ab5c1a90
GET /transform/v3/eyJpdSI6IjU4ZGI5Mzc0N2NmOTU5NmY4Y2FkMTFjNTk2YmE2NjA5OWRmZjRmMTFkZmMyMjliNGM3NWJhNDdkNTliNzdjZjMiLCJ3Ijo1MDAsImgiOjM3NSwiZCI6MS4wLCJjaCI6LTg0NDg2MjYxNCwiY3MiOjAsImYiOjR9.webp HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 21860
last-modified: Tue, 10 Oct 2023 19:45:02 GMT
x-traceid: ae8960112b4671dd3459dc1172eb256b
cache-control: max-age=1595356
date: Thu, 07 Dec 2023 10:07:27 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.purpleads.io/x/a/6ee9ce200ab15321e18308efb94cbef9:379a164aec23327a07fedd5a5fb20ba590018163d6f0e686dc49addad05fa38b9b4edd2269be13a6c89324c811057012a0b5a0af1e759da5df5fbf12b4e84a98fe9dd1fba0ebe3d2d09c1f76d7ae2daa5a76b5dc2a0385ec40bda0705c9657fc1d7fccd7fc6fe0179fc94e85dcb59f58664de18a066d4698b884a0cd637b028e085da7acccb1321e59cb41849c3764b9/i?id=88e1374b-f7f7-4d09-8d42-ea306a3faf55
204 No Content 0 B URL GET HTTP/2 api.purpleads.io/x/a/6ee9ce200ab15321e18308efb94cbef9:379a164aec23327a07fedd5a5fb20ba590018163d6f0e686dc49addad05fa38b9b4edd2269be13a6c89324c811057012a0b5a0af1e759da5df5fbf12b4e84a98fe9dd1fba0ebe3d2d09c1f76d7ae2daa5a76b5dc2a0385ec40bda0705c9657fc1d7fccd7fc6fe0179fc94e85dcb59f58664de18a066d4698b884a0cd637b028e085da7acccb1321e59cb41849c3764b9/i?id=88e1374b-f7f7-4d09-8d42-ea306a3faf55
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.purpleads.io
FingerprintB0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97
ValiditySun, 01 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/a/6ee9ce200ab15321e18308efb94cbef9:379a164aec23327a07fedd5a5fb20ba590018163d6f0e686dc49addad05fa38b9b4edd2269be13a6c89324c811057012a0b5a0af1e759da5df5fbf12b4e84a98fe9dd1fba0ebe3d2d09c1f76d7ae2daa5a76b5dc2a0385ec40bda0705c9657fc1d7fccd7fc6fe0179fc94e85dcb59f58664de18a066d4698b884a0cd637b028e085da7acccb1321e59cb41849c3764b9/i?id=88e1374b-f7f7-4d09-8d42-ea306a3faf55 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 07 Dec 2023 10:07:27 GMT
access-control-allow-origin: api.purpleads.io
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
api.purpleads.io/x/a/6ee9ce200ab15321e18308efb94cbef9:379a164aec23327a07fedd5a5fb20ba590018163d6f0e686dc49addad05fa38b9b4edd2269be13a6c89324c811057012a0b5a0af1e759da5df5fbf12b4e84a98fe9dd1fba0ebe3d2d09c1f76d7ae2daa5a76b5dc2a0385ec40bda0705c9657fc1d7fccd7fc6fe0179fc94e85dcb59f58664de18a066d4698b884a0cd637b028e085da7acccb1321e59cb41849c3764b9/i?id=88e1374b-f7f7-4d09-8d42-ea306a3faf55&ts=1701943653419
200 OK 15 B URL GET HTTP/2 api.purpleads.io/x/a/6ee9ce200ab15321e18308efb94cbef9:379a164aec23327a07fedd5a5fb20ba590018163d6f0e686dc49addad05fa38b9b4edd2269be13a6c89324c811057012a0b5a0af1e759da5df5fbf12b4e84a98fe9dd1fba0ebe3d2d09c1f76d7ae2daa5a76b5dc2a0385ec40bda0705c9657fc1d7fccd7fc6fe0179fc94e85dcb59f58664de18a066d4698b884a0cd637b028e085da7acccb1321e59cb41849c3764b9/i?id=88e1374b-f7f7-4d09-8d42-ea306a3faf55&ts=1701943653419
IP
Requested by https://good12345.tripod.com/
Certificate IssuerAmazon
Subject*.purpleads.io
FingerprintB0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97
ValiditySun, 01 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash fb38c458e00f6087acb6c5a702de3ecd
956483e767e8317e2a2d3f36b70789134f754bd4
8063e5a51719c58189c7d5209a5f37b34d14764198145a3f84bfd11c062f11d2
OPTIONS /x/a/6ee9ce200ab15321e18308efb94cbef9:379a164aec23327a07fedd5a5fb20ba590018163d6f0e686dc49addad05fa38b9b4edd2269be13a6c89324c811057012a0b5a0af1e759da5df5fbf12b4e84a98fe9dd1fba0ebe3d2d09c1f76d7ae2daa5a76b5dc2a0385ec40bda0705c9657fc1d7fccd7fc6fe0179fc94e85dcb59f58664de18a066d4698b884a0cd637b028e085da7acccb1321e59cb41849c3764b9/i?id=88e1374b-f7f7-4d09-8d42-ea306a3faf55&ts=1701943653419 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Referer: https://good12345.tripod.com/
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:27 GMT
access-control-allow-origin: https://good12345.tripod.com
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5245050/vDB26wZKLbDD86yJMl1NHg/wy150
200 OK 9.8 kB URL GET HTTP/2 avatars.mds.yandex.net/get-direct/5245050/vDB26wZKLbDD86yJMl1NHg/wy150
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subject*.avatars.yandex.net
Fingerprint9F:0C:9F:99:0D:02:4E:B2:BF:26:FD:6F:D3:4D:29:FE:82:26:AD:70
ValidityMon, 11 Sep 2023 08:52:23 GMT - Fri, 12 Apr 2024 08:52:23 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 267x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 91bdbc7bb50a7b876a5e477adfbd84e8
b1bc5e7ba9a70b2849a88bc11a3241c6149d8f51
e4cce9a165d94c2bd0c13cd9a6734f600fac5bdc65a045926e8fc8d399080f75
GET /get-direct/5245050/vDB26wZKLbDD86yJMl1NHg/wy150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: image/webp
content-length: 9778
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Fri, 28 Oct 2022 11:35:51 GMT
cache-control: max-age=31536000,immutable
x-request-id: 7901bd1c998eaf01
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/life.nice-loft.ru?size=32&stub=2
200 Ok 414 B URL GET HTTP/1.1 favicon.yandex.net/favicon/life.nice-loft.ru?size=32&stub=2
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subjectfavicon.yandex.net
FingerprintB7:C8:CA:CC:B5:19:F7:1C:BD:62:23:0F:AE:DB:F6:4A:B3:C6:72:CB
ValidityThu, 19 Oct 2023 21:02:07 GMT - Tue, 19 Mar 2024 20:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a659a2d7f4f666f447aca3ca150f424b
3e064289cf08ea37899783e76bdf8c79e1852e70
ec2177bd491dc0c04b5c88a5b28dea0ffb65bb98738f326b1c90621b0e31edf2
GET /favicon/life.nice-loft.ru?size=32&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
log.outbrainimg.com/loggerServices/log-viewability?requestId=100d2a32abcb1c1c96c4a0ed0e45c0e4&position=0
200 OK 4 B URL GET HTTP/1.1 log.outbrainimg.com/loggerServices/log-viewability?requestId=100d2a32abcb1c1c96c4a0ed0e45c0e4&position=0
IP
Requested by https://good12345.tripod.com/
Certificate IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint20:D2:F0:B3:C3:92:99:66:27:4F:78:12:57:9F:4D:C0:BF:9A:8F:C4
ValidityTue, 14 Mar 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/log-viewability?requestId=100d2a32abcb1c1c96c4a0ed0e45c0e4&position=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:27 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: b8195f20585cc11a5f597b01f5885d69
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=100d2a32abcb1c1c96c4a0ed0e45c0e4&pvId=8b590e8d4ef9d87ad76fe8556d7740b1&sid=9696580&pid=45718&idx=2&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
200 OK 4 B URL GET HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=100d2a32abcb1c1c96c4a0ed0e45c0e4&pvId=8b590e8d4ef9d87ad76fe8556d7740b1&sid=9696580&pid=45718&idx=2&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
IP
Requested by https://good12345.tripod.com/
Certificate IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint20:D2:F0:B3:C3:92:99:66:27:4F:78:12:57:9F:4D:C0:BF:9A:8F:C4
ValidityTue, 14 Mar 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=100d2a32abcb1c1c96c4a0ed0e45c0e4&pvId=8b590e8d4ef9d87ad76fe8556d7740b1&sid=9696580&pid=45718&idx=2&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:27 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 08b5cc4f8aad670392b7e4f6a96d0720
id.a-mx.com/sync/?tagId=&ref=null&u=https://good12345.tripod.com/&v=7.16.0&vg=pbjs&us_privacy=null&gdpr=1&gdpr_consent=CP2b_3mP2b_3mBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA
302 Found 0 B URL GET HTTP/1.1 id.a-mx.com/sync/?tagId=&ref=null&u=https://good12345.tripod.com/&v=7.16.0&vg=pbjs&us_privacy=null&gdpr=1&gdpr_consent=CP2b_3mP2b_3mBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA
IP
ASN #60558 Phoenix Nap, LLC.
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subjectid.a-mx.com
FingerprintE1:1E:89:FE:28:E7:84:69:37:FD:D0:2F:18:B1:BB:F3:45:1E:1C:E9
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/?tagId=&ref=null&u=https://good12345.tripod.com/&v=7.16.0&vg=pbjs&us_privacy=null&gdpr=1&gdpr_consent=CP2b_3mP2b_3mBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA HTTP/1.1
Host: id.a-mx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
date: Thu, 7 Dec 2023 10:07:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://good12345.tripod.com
location: https://c3.a-mo.net/b?uid=b1055a4c-556a-4030-aa63-37c6124780ae&sh=id.a-mx.com&?us_privacy=null&gdpr_consent=CP2b_3mP2b_3mBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&gdpr=1
content-length: 0
set-cookie: amdt_t=g::1701943647720; Max-Age=31536000; Expires=Fri, 06 Dec 2024 10:07:27 GMT; Path=/; Domain=a-mx.com; Secure; HTTPOnly; SameSite=None
amuid2=b1055a4c-556a-4030-aa63-37c6124780ae; Max-Age=31536000; Expires=Fri, 06 Dec 2024 10:07:27 GMT; Path=/; Domain=a-mx.com; Secure; HTTPOnly; SameSite=None
id.a-mx.com/sync/?tagId=&ref=null&u=https://good12345.tripod.com/&v=7.16.0&vg=pbjs&us_privacy=null&gdpr=1&gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA
302 Found 0 B URL GET HTTP/1.1 id.a-mx.com/sync/?tagId=&ref=null&u=https://good12345.tripod.com/&v=7.16.0&vg=pbjs&us_privacy=null&gdpr=1&gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA
IP
ASN #60558 Phoenix Nap, LLC.
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subjectid.a-mx.com
FingerprintE1:1E:89:FE:28:E7:84:69:37:FD:D0:2F:18:B1:BB:F3:45:1E:1C:E9
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/?tagId=&ref=null&u=https://good12345.tripod.com/&v=7.16.0&vg=pbjs&us_privacy=null&gdpr=1&gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA HTTP/1.1
Host: id.a-mx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
date: Thu, 7 Dec 2023 10:07:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://good12345.tripod.com
location: https://c3.a-mo.net/b?uid=45322038-1cda-4326-aaf0-94e4ec3505cb&sh=id.a-mx.com&?us_privacy=null&gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&gdpr=1
content-length: 0
set-cookie: amdt_t=g::1701943647731; Max-Age=31536000; Expires=Fri, 06 Dec 2024 10:07:27 GMT; Path=/; Domain=a-mx.com; Secure; HTTPOnly; SameSite=None
amuid2=45322038-1cda-4326-aaf0-94e4ec3505cb; Max-Age=31536000; Expires=Fri, 06 Dec 2024 10:07:27 GMT; Path=/; Domain=a-mx.com; Secure; HTTPOnly; SameSite=None
a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACE2DB%26sp%3D519590%26pb%3D306874%26c%3D603469%26a%3D307558%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F
302 Found 317 B URL GET HTTP/2 a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACE2DB%26sp%3D519590%26pb%3D306874%26c%3D603469%26a%3D307558%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectadpartner.pro
FingerprintAA:1B:60:57:5F:36:81:14:28:C6:3E:80:C3:EA:FE:4B:03:62:CD:B3
ValidityFri, 20 Oct 2023 07:58:51 GMT - Thu, 18 Jan 2024 07:58:50 GMT
Hash 8f5c256054a2983d49edb21efceddc8c
2ecfdb5e37a4325b0b9f17abe8ac1a876f0d872f
373d4a823f6ce09750b84fa80ae66f253c2a0df38dda5acfa835a6979d228048
GET /ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACE2DB%26sp%3D519590%26pb%3D306874%26c%3D603469%26a%3D307558%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F HTTP/1.1
Host: a4p.adpartner.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: text/html; charset=utf-8
content-length: 317
location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e57173f-3e1b-40f0-9e0f-e0a21ce3851b&traffic_source=snippet&session=369CBC6C0AACE2DB&sp=519590&pb=306874&c=603469&a=307558&domain=https://good12345.tripod.com/
set-cookie: apuid=6e57173f-3e1b-40f0-9e0f-e0a21ce3851b; Path=/; Expires=Mon, 05 Feb 2024 10:07:27 GMT; Secure; SameSite=None
cache-control: no-store no-transform
X-Firefox-Spdy: h2
a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACF4A0%26sp%3D519590%26pb%3D306874%26c%3D603469%26a%3D307558%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F
302 Found 317 B URL GET HTTP/2 a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACF4A0%26sp%3D519590%26pb%3D306874%26c%3D603469%26a%3D307558%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectadpartner.pro
FingerprintAA:1B:60:57:5F:36:81:14:28:C6:3E:80:C3:EA:FE:4B:03:62:CD:B3
ValidityFri, 20 Oct 2023 07:58:51 GMT - Thu, 18 Jan 2024 07:58:50 GMT
Hash 2ecc72937d39460e22feb9c28f76bd11
693b6842f7791f30cfb51ec6aa3eef5aea6f5bb8
bace52f8d10343ee31c819c12cac6dfabc5c99b2f32c0b837c9570b8f4435f46
GET /ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACF4A0%26sp%3D519590%26pb%3D306874%26c%3D603469%26a%3D307558%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F HTTP/1.1
Host: a4p.adpartner.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: text/html; charset=utf-8
content-length: 317
location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=7d219d4b-4d2d-41a4-a32a-39c44fc2f776&traffic_source=snippet&session=369CBC6C0AACF4A0&sp=519590&pb=306874&c=603469&a=307558&domain=https://good12345.tripod.com/
set-cookie: apuid=7d219d4b-4d2d-41a4-a32a-39c44fc2f776; Path=/; Expires=Mon, 05 Feb 2024 10:07:27 GMT; Secure; SameSite=None
cache-control: no-store no-transform
X-Firefox-Spdy: h2
c3.a-mo.net/b?uid=45322038-1cda-4326-aaf0-94e4ec3505cb&sh=id.a-mx.com&?us_privacy=null&gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&gdpr=1
302 Found 0 B URL GET HTTP/1.1 c3.a-mo.net/b?uid=45322038-1cda-4326-aaf0-94e4ec3505cb&sh=id.a-mx.com&?us_privacy=null&gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&gdpr=1
IP
ASN #60558 Phoenix Nap, LLC.
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subjectid.a-mx.com
FingerprintE1:1E:89:FE:28:E7:84:69:37:FD:D0:2F:18:B1:BB:F3:45:1E:1C:E9
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?uid=45322038-1cda-4326-aaf0-94e4ec3505cb&sh=id.a-mx.com&?us_privacy=null&gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: c3.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Content-Type: text/plain
Referer: https://good12345.tripod.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
date: Thu, 7 Dec 2023 10:07:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: null
location: https://id.a-mx.com/set?oid=45322038-1cda-4326-aaf0-94e4ec3505cb&uid=45322038-1cda-4326-aaf0-94e4ec3505cb&?gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&gdpr=1
content-length: 0
set-cookie: amdt_t=p::1701943647832; Max-Age=31536000; Expires=Fri, 06 Dec 2024 10:07:27 GMT; Path=/; Domain=a-mo.net; Secure; HTTPOnly; SameSite=None
amuid2=45322038-1cda-4326-aaf0-94e4ec3505cb; Max-Age=31536000; Expires=Fri, 06 Dec 2024 10:07:27 GMT; Path=/; Domain=a-mo.net; Secure; HTTPOnly; SameSite=None
zerossl.ocsp.sectigo.com/
315 B URL zerossl.ocsp.sectigo.com/
IP
Hash 7b7ebf9680dc4420a26bd1e620b518aa
802d4a2e9fa573d453d90cac27b5f4c50760c916
26939ab2a852505daea93862ab034917bf14b7d728706c2c5bde53484f743afa
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:28 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Tue, 05 Dec 2023 22:23:27 GMT
Expires: Tue, 12 Dec 2023 22:23:26 GMT
Etag: "802d4a2e9fa573d453d90cac27b5f4c50760c916"
Cache-Control: max-age=477106,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 831bf6390d6e56cb-OSL
zerossl.ocsp.sectigo.com/
315 B URL zerossl.ocsp.sectigo.com/
IP
Hash 7b7ebf9680dc4420a26bd1e620b518aa
802d4a2e9fa573d453d90cac27b5f4c50760c916
26939ab2a852505daea93862ab034917bf14b7d728706c2c5bde53484f743afa
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:28 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Tue, 05 Dec 2023 22:23:27 GMT
Expires: Tue, 12 Dec 2023 22:23:26 GMT
Etag: "802d4a2e9fa573d453d90cac27b5f4c50760c916"
Cache-Control: max-age=477106,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 831bf6390f86b4ff-OSL
sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e57173f-3e1b-40f0-9e0f-e0a21ce3851b&traffic_source=snippet&session=369CBC6C0AACE2DB&sp=519590&pb=306874&c=603469&a=307558&domain=https://good12345.tripod.com/
200 OK 43 B URL GET HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e57173f-3e1b-40f0-9e0f-e0a21ce3851b&traffic_source=snippet&session=369CBC6C0AACE2DB&sp=519590&pb=306874&c=603469&a=307558&domain=https://good12345.tripod.com/
IP
Requested by https://good12345.tripod.com/
Certificate IssuerZeroSSL
Subjectsync.adtelligent.com
FingerprintBA:32:98:C9:EB:7D:80:3D:A7:C9:E1:17:13:41:10:6E:85:93:86:80
ValidityMon, 20 Nov 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=a&ep=307558&extuid=6e57173f-3e1b-40f0-9e0f-e0a21ce3851b&traffic_source=snippet&session=369CBC6C0AACE2DB&sp=519590&pb=306874&c=603469&a=307558&domain=https://good12345.tripod.com/ HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Thu, 07 Dec 2023 10:07:28 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 0775f7c4a717d22b
Set-Cookie: vmuid=0775f7c4a717d22b; expires=Wed, 07 Feb 2024 10:07:28 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
a307558=6e57173f-3e1b-40f0-9e0f-e0a21ce3851b; expires=Wed, 07 Feb 2024 10:07:28 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
sync.adtelligent.com/csync?t=a&ep=307558&extuid=7d219d4b-4d2d-41a4-a32a-39c44fc2f776&traffic_source=snippet&session=369CBC6C0AACF4A0&sp=519590&pb=306874&c=603469&a=307558&domain=https://good12345.tripod.com/
200 OK 43 B URL GET HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=307558&extuid=7d219d4b-4d2d-41a4-a32a-39c44fc2f776&traffic_source=snippet&session=369CBC6C0AACF4A0&sp=519590&pb=306874&c=603469&a=307558&domain=https://good12345.tripod.com/
IP
Requested by https://good12345.tripod.com/
Certificate IssuerZeroSSL
Subjectsync.adtelligent.com
FingerprintBA:32:98:C9:EB:7D:80:3D:A7:C9:E1:17:13:41:10:6E:85:93:86:80
ValidityMon, 20 Nov 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=a&ep=307558&extuid=7d219d4b-4d2d-41a4-a32a-39c44fc2f776&traffic_source=snippet&session=369CBC6C0AACF4A0&sp=519590&pb=306874&c=603469&a=307558&domain=https://good12345.tripod.com/ HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://good12345.tripod.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Thu, 07 Dec 2023 10:07:28 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 0775f7c4a717d22b
Set-Cookie: vmuid=0775f7c4a717d22b; expires=Wed, 07 Feb 2024 10:07:28 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
a307558=7d219d4b-4d2d-41a4-a32a-39c44fc2f776; expires=Wed, 07 Feb 2024 10:07:28 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
204 No Content 0 B URL GET HTTP/2 prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint5C:1B:DB:42:AD:A4:54:7C:87:D6:3F:1A:B6:29:AF:0C:7F:A6:14:FE
ValidityTue, 07 Nov 2023 13:48:39 GMT - Mon, 05 Feb 2024 13:48:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Thu, 07 Dec 2023 10:07:28 GMT
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 07 Dec 2023 10:12:29 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
vary: Accept-Encoding
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1701943652656
204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?cb=1701943652656
IP
Requested by https://good12345.tripod.com/
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint1B:3E:A7:6D:D6:26:C6:9E:AB:38:DE:9E:22:71:64:8C:9F:91:0B:7B
ValidityWed, 28 Dec 2022 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1701943652656 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
bs.yandex.ru/rtbcount/1IufLm7h0Ky200000000U9nJZ6jCJCm8DserP9DR-t7VNFPKoxYPXQaCGE094majlCWS6sjpMPaXbH4ediacT_SXIBmKnAkz2YHQ6Sk1v4n6DmO8MCYe0cMjPEI4ilOoBdh0n72KaHN8Fil832IlCe8CkCl88670C9S9n5xAT0eeiPOf2gI6wJyGF6LYqMHWUCKaiBDhosKsEKO6N_7AHI-usHZ-Ch60B6O66TVBh0WafpA3Z9ZBp0Qobfc9GG5YBVCMdeEC9vdZFXxEt3_feiXLiAgxOF8fi-dD3rm_cHsS-27EPebtrG99CAnWSTl0yXy667SWiGyWiM-od3m30a_i7xBill3xOeFP3VktB20dDR6AfEVdfnWQ6PkOwfKKPHRaf-Wbv-SkOEKzoRhl6o_OkWki3I30z9KLPDWlLav32sDJKpCJ0zC6jgsR3eTti3Mmp62xSZXu0TkFVnjVDq-PirDi9HlCdWDi7YVOc1-nyHO5kbbP1FdvfQTvv9c_P8E4zWVxdt3MHFQNHwhO55tUsMzWPzh1pdY2NV81-wJh3q_yktdfdSiFTfu576uhE5GsS73ku62ynO4Hr4yv61WQx7ivGVwQoWaAzWMS3SmhE0itSCQUu6IymCbuWvFr0oVZ3qv609z4nmO0?pcode-active-testids=905418%2C0%2C62%3B910216%2C0%2C3&pcode-test-ids-from-count=913082%2C0%2C75%3B918135%2C0%2C56%3B909919%2C0%2C41%3B901183%2C0%2C83%3B917808%2C0%2C70%3B919402%2C0%2C81%3B917139%2C0%2C61%3B882595%2C0%2C79%3B892905%2C0%2C40%3B906702%2C0%2C31%3B910216%2C0%2C3%3B910552%2C0%2C18%3B914206%2C0%2C78%3B905418%2C0%2C62%3B923722%2C0%2C68
553 B URL GET bs.yandex.ru/rtbcount/1IufLm7h0Ky200000000U9nJZ6jCJCm8DserP9DR-t7VNFPKoxYPXQaCGE094majlCWS6sjpMPaXbH4ediacT_SXIBmKnAkz2YHQ6Sk1v4n6DmO8MCYe0cMjPEI4ilOoBdh0n72KaHN8Fil832IlCe8CkCl88670C9S9n5xAT0eeiPOf2gI6wJyGF6LYqMHWUCKaiBDhosKsEKO6N_7AHI-usHZ-Ch60B6O66TVBh0WafpA3Z9ZBp0Qobfc9GG5YBVCMdeEC9vdZFXxEt3_feiXLiAgxOF8fi-dD3rm_cHsS-27EPebtrG99CAnWSTl0yXy667SWiGyWiM-od3m30a_i7xBill3xOeFP3VktB20dDR6AfEVdfnWQ6PkOwfKKPHRaf-Wbv-SkOEKzoRhl6o_OkWki3I30z9KLPDWlLav32sDJKpCJ0zC6jgsR3eTti3Mmp62xSZXu0TkFVnjVDq-PirDi9HlCdWDi7YVOc1-nyHO5kbbP1FdvfQTvv9c_P8E4zWVxdt3MHFQNHwhO55tUsMzWPzh1pdY2NV81-wJh3q_yktdfdSiFTfu576uhE5GsS73ku62ynO4Hr4yv61WQx7ivGVwQoWaAzWMS3SmhE0itSCQUu6IymCbuWvFr0oVZ3qv609z4nmO0?pcode-active-testids=905418%2C0%2C62%3B910216%2C0%2C3&pcode-test-ids-from-count=913082%2C0%2C75%3B918135%2C0%2C56%3B909919%2C0%2C41%3B901183%2C0%2C83%3B917808%2C0%2C70%3B919402%2C0%2C81%3B917139%2C0%2C61%3B882595%2C0%2C79%3B892905%2C0%2C40%3B906702%2C0%2C31%3B910216%2C0%2C3%3B910552%2C0%2C18%3B914206%2C0%2C78%3B905418%2C0%2C62%3B923722%2C0%2C68
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subjectbs.yandex.ru
Fingerprint2D:C7:B4:EE:E5:27:AC:B2:A3:3B:D7:05:03:6E:54:31:5E:D2:25:AB
ValiditySun, 24 Sep 2023 21:01:39 GMT - Sun, 24 Mar 2024 20:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 258362d3b76eb4800d2f8338b7fe9df7
e30901c02a8f11aa6ea32755059419ba408907b0
15d2fc342c9f87fe943ba91c373621257f2f7be65c42ba99da6a3934211d4b2a
GET /rtbcount/1IufLm7h0Ky200000000U9nJZ6jCJCm8DserP9DR-t7VNFPKoxYPXQaCGE094majlCWS6sjpMPaXbH4ediacT_SXIBmKnAkz2YHQ6Sk1v4n6DmO8MCYe0cMjPEI4ilOoBdh0n72KaHN8Fil832IlCe8CkCl88670C9S9n5xAT0eeiPOf2gI6wJyGF6LYqMHWUCKaiBDhosKsEKO6N_7AHI-usHZ-Ch60B6O66TVBh0WafpA3Z9ZBp0Qobfc9GG5YBVCMdeEC9vdZFXxEt3_feiXLiAgxOF8fi-dD3rm_cHsS-27EPebtrG99CAnWSTl0yXy667SWiGyWiM-od3m30a_i7xBill3xOeFP3VktB20dDR6AfEVdfnWQ6PkOwfKKPHRaf-Wbv-SkOEKzoRhl6o_OkWki3I30z9KLPDWlLav32sDJKpCJ0zC6jgsR3eTti3Mmp62xSZXu0TkFVnjVDq-PirDi9HlCdWDi7YVOc1-nyHO5kbbP1FdvfQTvv9c_P8E4zWVxdt3MHFQNHwhO55tUsMzWPzh1pdY2NV81-wJh3q_yktdfdSiFTfu576uhE5GsS73ku62ynO4Hr4yv61WQx7ivGVwQoWaAzWMS3SmhE0itSCQUu6IymCbuWvFr0oVZ3qv609z4nmO0?pcode-active-testids=905418%2C0%2C62%3B910216%2C0%2C3&pcode-test-ids-from-count=913082%2C0%2C75%3B918135%2C0%2C56%3B909919%2C0%2C41%3B901183%2C0%2C83%3B917808%2C0%2C70%3B919402%2C0%2C81%3B917139%2C0%2C61%3B882595%2C0%2C79%3B892905%2C0%2C40%3B906702%2C0%2C31%3B910216%2C0%2C3%3B910552%2C0%2C18%3B914206%2C0%2C78%3B905418%2C0%2C62%3B923722%2C0%2C68 HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 07 Dec 2023 10:07:27 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 10:07:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 07 Dec 2023 10:07:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
good12345.tripod.com/adm/ad/injectAd.iframe.html
200 OK 3.3 kB URL GET HTTP/2 good12345.tripod.com/adm/ad/injectAd.iframe.html
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c2e9f89079941237eea3f61fe1d1cf34
63d9ebc7fad63ef0a1590ca53073adca0b8b3db2
69f6c2f473c838b9876696814c5a39034f6f26a4d4bc0504b445ac553048d9de
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /adm/ad/injectAd.iframe.html HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 07 Dec 2023 10:07:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: CookieStatus=COOKIE_OK; path=/; domain=.tripod.com; expires=Fri, 06-Dec-2024 10:07:36 GMT
Vary: *
X-Server-IP: 209.202.244.202
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
good12345.tripod.com/adm/ad/footerAd.iframe.html
200 OK 3.5 kB URL GET HTTP/2 good12345.tripod.com/adm/ad/footerAd.iframe.html
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d4a312542c7fccf43cce68e859dac179
f884a3b465b8750a1aacbcbd0bd30d1a0a3c99a0
1252674fe89eebc0821606739d5650f12dcca2dc64a335a50d1c920b132aa6d2
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /adm/ad/footerAd.iframe.html HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 07 Dec 2023 10:07:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: CookieStatus=COOKIE_OK; path=/; domain=.tripod.com; expires=Fri, 06-Dec-2024 10:07:36 GMT
Vary: *
X-Server-IP: 209.202.244.208
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
stugsoda.com/to8vlBpxvlwMp/57317
200 OK 5 B URL GET HTTP/1.1 stugsoda.com/to8vlBpxvlwMp/57317
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectstugsoda.com
FingerprintE5:A9:E9:4B:B5:46:79:89:E3:59:01:72:EB:12:67:90:20:2C:91:E5
ValidityFri, 17 Nov 2023 23:31:15 GMT - Thu, 15 Feb 2024 23:31:14 GMT
File type ASCII text, with no line terminators
Hash f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
GET /to8vlBpxvlwMp/57317 HTTP/1.1
Host: stugsoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Dec 2023 10:07:24 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://good12345.tripod.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Fri, 08-Dec-2023 10:07:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Fri, 08-Dec-2023 10:07:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
good12345.tripod.com/adm/zbl/css/fonts.css
200 OK 14 kB URL GET HTTP/2 good12345.tripod.com/adm/zbl/css/fonts.css
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
Hash d6ae0dabaef5cf72fd3bc403545a9cdf
af1fc829dc7abeb25fe5cae8ee3e93789418f03b
379781a909b3f4e0658f438e369a0d4dbdfc4791aaa19007c0b981dd0c9cbe13
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /adm/zbl/css/fonts.css HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: CookieStatus=COOKIE_OK; MEMBER_PAGE=good12345/index.html; REFERRER=(null)
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 07 Dec 2023 10:07:20 GMT
content-type: text/css
x-server-ip: 209.202.244.207
cache-control: max-age=604800
expires: Thu, 14 Dec 2023 10:07:20 GMT
accept-ranges: bytes
x-ua-compatible: IE=edge
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
x-cache: MISS from good12345.tripod.com
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/host.js
200 OK 34 kB URL GET HTTP/2 yastatic.net/safeframe-bundles/0.83/host.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (33703), with no line terminators
Hash 2435549eac66915d7464ee7b9efce038
e390598fb192583622a8ea079d5c96dffdb34fb5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
GET /safeframe-bundles/0.83/host.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 8878
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
expires: Sat, 06 Dec 2053 16:42:08 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.prplads.com/agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
200 OK 77 kB URL GET HTTP/2 cdn.prplads.com/agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint1D:DC:5D:E3:C9:52:D6:68:A1:9C:80:1E:CF:12:47:DA:C4:CF:72:EF
ValidityFri, 13 Oct 2023 12:28:33 GMT - Thu, 11 Jan 2024 12:28:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64d9569deb156256a1c7a4d2f1b1fed9"
last-modified: Thu, 30 Nov 2023 15:57:22 GMT
x-amz-id-2: xOqw5rAPwlukfCBVUGVeBgSe+P/lWJSKskjJTdc29hp76i5das+RdRxgPZOdq7QiC6qDB6C0nZs=
x-amz-request-id: NNBS93W01SHTAJ22
cache-control: max-age=86400
cf-cache-status: HIT
age: 4132
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltb6WCSLGegWBrEkRh0dqKzelRygYVBPrhDMdH6nTy4%2F9HXxmerHSQd0jL61BoSRqRtEDa1O9BH4gYtTOJwOR%2FFKcEiQ5jTlwGsxeTwYYQz1dnyxPXdpRD532HyYD9LMhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831bf6221c8a5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
c3.a-mo.net/b?uid=b1055a4c-556a-4030-aa63-37c6124780ae&sh=id.a-mx.com&?us_privacy=null&gdpr_consent=CP2b_3mP2b_3mBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&gdpr=1
0 B URL GET c3.a-mo.net/b?uid=b1055a4c-556a-4030-aa63-37c6124780ae&sh=id.a-mx.com&?us_privacy=null&gdpr_consent=CP2b_3mP2b_3mBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&gdpr=1
IP
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subjectid.a-mx.com
FingerprintE1:1E:89:FE:28:E7:84:69:37:FD:D0:2F:18:B1:BB:F3:45:1E:1C:E9
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?uid=b1055a4c-556a-4030-aa63-37c6124780ae&sh=id.a-mx.com&?us_privacy=null&gdpr_consent=CP2b_3mP2b_3mBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: c3.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Content-Type: text/plain
Referer: https://good12345.tripod.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
imp9.bidgear.com/rec?t=1&z=7638&uuid=7a53f68144d14eb59de350ee29b84eb4&p=61&g=NO&token=4a44335432&tbg=1701943644
200 OK 599 B URL GET HTTP/2 imp9.bidgear.com/rec?t=1&z=7638&uuid=7a53f68144d14eb59de350ee29b84eb4&p=61&g=NO&token=4a44335432&tbg=1701943644
IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=7638&uuid=7a53f68144d14eb59de350ee29b84eb4&p=61&g=NO&token=4a44335432&tbg=1701943644 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaz58XyXMZ78Z1w5ZlxfC3YvHAyrlYdRcfKgsiLHa%2Ba%2BNMrxMK5TNzTxVpRwyzTdGCYCS7DblNcka7jTEjTptbUuf2Dz%2FvoRKMUGDvYCfmxZ5PErhqZ39WWWvO17uBDbx%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831bf622e886569d-OSL
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?gdpr=1&gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACF4A0%26sp%3D519590%26pb%3D306874%26c%3D632122%26a%3D556847%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F
0 B URL GET vid.vidoomy.com/sync?gdpr=1&gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACF4A0%26sp%3D519590%26pb%3D306874%26c%3D632122%26a%3D556847%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F
IP
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subject*.vidoomy.com
Fingerprint18:AF:A3:4C:BA:C9:5B:1A:FC:8B:1D:B0:76:50:FE:2F:8A:44:59:F3
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sun, 06 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?gdpr=1&gdpr_consent=CP2b_3oP2b_3oBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACF4A0%26sp%3D519590%26pb%3D306874%26c%3D632122%26a%3D556847%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Mon, 10 Jul 2023 08:04:06 GMT
etag: W/"64abbb76-c2af"
access-control-allow-origin: *
x-77-nzt: EwgBuUwJFAFBCAG5TAoBAUEIAdRmOBEBQQ
x-77-nzt-ray: af585630aed3ba355f997165f363bd2a
x-77-cache: MISS
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: MISS, MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
good12345.tripod.com/adm/zbl/js/published/module.js
200 OK 1.7 kB URL GET HTTP/2 good12345.tripod.com/adm/zbl/js/published/module.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
File type ASCII text, with very long lines (1706), with no line terminators
Hash aecbb37ae470bc9801a204bfc6ee05d7
c20e982c15028df5e50230e4b0e52b8d2f73f767
836ccf2d4bcaedcfaed491ff5d93c4212289f6f0c124d6f32e1df1bd6cd61028
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /adm/zbl/js/published/module.js HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: CookieStatus=COOKIE_OK; MEMBER_PAGE=good12345/index.html; REFERRER=(null)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 07 Dec 2023 10:07:23 GMT
content-type: application/x-javascript
x-server-ip: 209.202.244.212
accept-ranges: bytes
vary: Accept-Encoding
x-ua-compatible: IE=edge
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
x-cache: MISS from good12345.tripod.com
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
ly.lygo.net/ly/zeeblio/advanced/images/114x114.jpg
200 OK 5.1 kB URL GET HTTP/1.1 ly.lygo.net/ly/zeeblio/advanced/images/114x114.jpg
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectlygo.net
Fingerprint8F:AF:4C:41:14:9B:73:8E:DF:22:1B:3E:86:76:48:6C:43:E4:4B:72
ValidityFri, 10 Nov 2023 00:22:18 GMT - Thu, 08 Feb 2024 00:22:17 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 114x114, components 3\012- data
Hash 2e7539c493f0d8fe4b94261514044f8a
2220b38c7d2671c519101407e898179c824366f4
eade4840d72c569f961838367dee462eb3a6b2dd42a3d283851dc1d8ee4e101e
GET /ly/zeeblio/advanced/images/114x114.jpg HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:25 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2016 19:43:06 GMT
ETag: "141a"
Accept-Ranges: bytes
Content-Length: 5146
Cache-Control: max-age=43200
Expires: Thu, 07 Dec 2023 22:07:25 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
imp9.bidgear.com/rec?t=1&z=7361&uuid=ab08368adf9745de84f705f75c72ffad&p=136&g=NO&token=4a44335432&tbg=1701943644
200 OK 599 B URL GET HTTP/2 imp9.bidgear.com/rec?t=1&z=7361&uuid=ab08368adf9745de84f705f75c72ffad&p=136&g=NO&token=4a44335432&tbg=1701943644
IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=7361&uuid=ab08368adf9745de84f705f75c72ffad&p=136&g=NO&token=4a44335432&tbg=1701943644 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7Lhr89E88RU5Gz8xq%2B9yUUqYQZQxmmxp1f6%2BrO2nqJoW54HBhfuMO44MiU4uVhcrZxatiyMLMo93Q3TllLhGY4uxKRHlg7szLsRW6wCMTAgv1yK8nUGwntJqXN1gKqsT5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831bf621ff96569d-OSL
X-Firefox-Spdy: h2
ly.lygo.net/ly/zeeblio/images/trans/w70.png
200 OK 1.1 kB URL GET HTTP/1.1 ly.lygo.net/ly/zeeblio/images/trans/w70.png
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjectlygo.net
Fingerprint8F:AF:4C:41:14:9B:73:8E:DF:22:1B:3E:86:76:48:6C:43:E4:4B:72
ValidityFri, 10 Nov 2023 00:22:18 GMT - Thu, 08 Feb 2024 00:22:17 GMT
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 39284b1d0acfbd2a93963d8ee36ac585
7ad879e23f7c378223bd0cd9e2f6e7502729fa8e
e590e7095ea2db5b2b1f50ccf7f7658243b55b43db04305e4c547c23d1d4eb57
GET /ly/zeeblio/images/trans/w70.png HTTP/1.1
Host: ly.lygo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 10:07:24 GMT
Server: Apache
Last-Modified: Thu, 13 Oct 2016 19:43:16 GMT
ETag: "42c"
Accept-Ranges: bytes
Content-Length: 1068
Cache-Control: max-age=43200
Expires: Thu, 07 Dec 2023 22:07:24 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
bs.yandex.ru/ssp_notifications/1N4zy8_e0Ka200000000U9nJZ6jCJCm8DserP9DR-t7VNFPKoxYPXQaCGE094majlCWS6sjpMPaXbH4ediacT_SXIBmKnAkz2YHQ6Sk1v4n6DmO8MCYe0cMjPEI4ilOoBdh0n72KaHN8lie8qdgNaK72W64k4uYzbEaKCmF3MgOe8FiiqtyWUCh4eid0y8f9O6VNbijiSemClkALYrvmip7yPM81MSaCCgYNMH58JcK66J6NcGra8JCJWmB4GkOjF0SPJpB7VJoSkN_IHP6hO5LtmUHJPjER7xX-CZiuyKCSp1BlgWMIO5Z1uhQ1vJyCCEv0OXz0OjzaENa619xOFsJPVU7tnGQp6_PlMK1EQc8LIS_FJp4qCZOnrIifoYp8Jz5BpizTmCfxadNVDrwmTHTO6q20wIihoB1Vh9o65iQcfcOc1gODR5it7GxlO6jWcS5svN3m0hOV_pQ-RfuoPwVOIZQOFGVOF4wmCJzYuoqATBEo2FBpIq_po3D_oGO9vm_sF-6iYUmlZrInARgyiz_0phI3dV44k-G3zadN7vxuT_FIEvSVx3mBEDnMSAXiuE3SmS5uYmCZg9zoC30qsFToWlmrbHCKx0iu6vXNS1Pku8mzmSbuWPFn1YVh1qx67voC06zCnZK0?ssp-notification-type=1&ssp-request-id=85d7a6400b577e&ssp-cur-price=0.0001&ssp-cur=USD
200 OK 0 B URL GET HTTP/2 bs.yandex.ru/ssp_notifications/1N4zy8_e0Ka200000000U9nJZ6jCJCm8DserP9DR-t7VNFPKoxYPXQaCGE094majlCWS6sjpMPaXbH4ediacT_SXIBmKnAkz2YHQ6Sk1v4n6DmO8MCYe0cMjPEI4ilOoBdh0n72KaHN8lie8qdgNaK72W64k4uYzbEaKCmF3MgOe8FiiqtyWUCh4eid0y8f9O6VNbijiSemClkALYrvmip7yPM81MSaCCgYNMH58JcK66J6NcGra8JCJWmB4GkOjF0SPJpB7VJoSkN_IHP6hO5LtmUHJPjER7xX-CZiuyKCSp1BlgWMIO5Z1uhQ1vJyCCEv0OXz0OjzaENa619xOFsJPVU7tnGQp6_PlMK1EQc8LIS_FJp4qCZOnrIifoYp8Jz5BpizTmCfxadNVDrwmTHTO6q20wIihoB1Vh9o65iQcfcOc1gODR5it7GxlO6jWcS5svN3m0hOV_pQ-RfuoPwVOIZQOFGVOF4wmCJzYuoqATBEo2FBpIq_po3D_oGO9vm_sF-6iYUmlZrInARgyiz_0phI3dV44k-G3zadN7vxuT_FIEvSVx3mBEDnMSAXiuE3SmS5uYmCZg9zoC30qsFToWlmrbHCKx0iu6vXNS1Pku8mzmSbuWPFn1YVh1qx67voC06zCnZK0?ssp-notification-type=1&ssp-request-id=85d7a6400b577e&ssp-cur-price=0.0001&ssp-cur=USD
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subjectbs.yandex.ru
Fingerprint2D:C7:B4:EE:E5:27:AC:B2:A3:3B:D7:05:03:6E:54:31:5E:D2:25:AB
ValiditySun, 24 Sep 2023 21:01:39 GMT - Sun, 24 Mar 2024 20:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ssp_notifications/1N4zy8_e0Ka200000000U9nJZ6jCJCm8DserP9DR-t7VNFPKoxYPXQaCGE094majlCWS6sjpMPaXbH4ediacT_SXIBmKnAkz2YHQ6Sk1v4n6DmO8MCYe0cMjPEI4ilOoBdh0n72KaHN8lie8qdgNaK72W64k4uYzbEaKCmF3MgOe8FiiqtyWUCh4eid0y8f9O6VNbijiSemClkALYrvmip7yPM81MSaCCgYNMH58JcK66J6NcGra8JCJWmB4GkOjF0SPJpB7VJoSkN_IHP6hO5LtmUHJPjER7xX-CZiuyKCSp1BlgWMIO5Z1uhQ1vJyCCEv0OXz0OjzaENa619xOFsJPVU7tnGQp6_PlMK1EQc8LIS_FJp4qCZOnrIifoYp8Jz5BpizTmCfxadNVDrwmTHTO6q20wIihoB1Vh9o65iQcfcOc1gODR5it7GxlO6jWcS5svN3m0hOV_pQ-RfuoPwVOIZQOFGVOF4wmCJzYuoqATBEo2FBpIq_po3D_oGO9vm_sF-6iYUmlZrInARgyiz_0phI3dV44k-G3zadN7vxuT_FIEvSVx3mBEDnMSAXiuE3SmS5uYmCZg9zoC30qsFToWlmrbHCKx0iu6vXNS1Pku8mzmSbuWPFn1YVh1qx67voC06zCnZK0?ssp-notification-type=1&ssp-request-id=85d7a6400b577e&ssp-cur-price=0.0001&ssp-cur=USD HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 07 Dec 2023 10:07:26 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 10:07:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 07 Dec 2023 10:07:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
bidder.h12-media.com/prebid/default.asp?payload=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN_ck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa_O1ugFq810ZENvppYF5-Uw5OP8ygQ4Mz20LwHimopIdPmqQYJrDpvR_7ZiW3dE_FBKha6hACvkl7Y9VmGZvjUI9oI0uBmCDWclI3T1C2RWFYnQ7fdRlRdCw5Id6wDy25bOBP1z8Gj-elh7AcugvVPRn419h_R3LJKXakArHPoWXwV1Nbx5p8zoRLJvxzCNCHMGAUFezXc904ODboAfvmDgdt-SFy-HvyRZHsR5tIM7VWeZvrJ7otzkKc76GTMD4uIv4gn9fd-juBw0szkhdPsJRw6gQcrR0v2uIKGVJ5gS8R7ntgKRigTtZ3y_RFUz3QKTJC_RnpDBlx7OtYG89xJZF4EZqTgFxp8Q2lGbOe4nYsfTc7A52
200 OK 3.1 kB URL POST HTTP/2 bidder.h12-media.com/prebid/default.asp?payload=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN_ck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa_O1ugFq810ZENvppYF5-Uw5OP8ygQ4Mz20LwHimopIdPmqQYJrDpvR_7ZiW3dE_FBKha6hACvkl7Y9VmGZvjUI9oI0uBmCDWclI3T1C2RWFYnQ7fdRlRdCw5Id6wDy25bOBP1z8Gj-elh7AcugvVPRn419h_R3LJKXakArHPoWXwV1Nbx5p8zoRLJvxzCNCHMGAUFezXc904ODboAfvmDgdt-SFy-HvyRZHsR5tIM7VWeZvrJ7otzkKc76GTMD4uIv4gn9fd-juBw0szkhdPsJRw6gQcrR0v2uIKGVJ5gS8R7ntgKRigTtZ3y_RFUz3QKTJC_RnpDBlx7OtYG89xJZF4EZqTgFxp8Q2lGbOe4nYsfTc7A52
IP
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subject*.h12-media.com
Fingerprint82:5A:A3:DD:A2:D3:8C:13:85:81:F5:96:29:70:B0:AE:4E:0C:F7:42
ValidityTue, 05 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (3251), with no line terminators
Hash 90e22d20fee9eb6da4fd3e050147f1cd
241fba01bbc60e3f8ddd785271e463c4fcd16eb7
3aafe2bd2e4ecff2b6e6688d18683066a63806eab355c5751b1c5a6e589d39ca
POST /prebid/default.asp?payload=0IgaDUUdQWHYSGBNhrnrXQJTgWQtDG1HuldisfMzeqFBZbbYSkw946d4S9c58EoN_ck8vtCHrFdHRz13CWa70eVmwdFZSEPbenHAOa_O1ugFq810ZENvppYF5-Uw5OP8ygQ4Mz20LwHimopIdPmqQYJrDpvR_7ZiW3dE_FBKha6hACvkl7Y9VmGZvjUI9oI0uBmCDWclI3T1C2RWFYnQ7fdRlRdCw5Id6wDy25bOBP1z8Gj-elh7AcugvVPRn419h_R3LJKXakArHPoWXwV1Nbx5p8zoRLJvxzCNCHMGAUFezXc904ODboAfvmDgdt-SFy-HvyRZHsR5tIM7VWeZvrJ7otzkKc76GTMD4uIv4gn9fd-juBw0szkhdPsJRw6gQcrR0v2uIKGVJ5gS8R7ntgKRigTtZ3y_RFUz3QKTJC_RnpDBlx7OtYG89xJZF4EZqTgFxp8Q2lGbOe4nYsfTc7A52 HTTP/1.1
Host: bidder.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1226
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: 7thMile=e4cac2f7%2D630e%2D4350%2D9ee1%2Dfe0ee9a9b81e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/json; Charset=UTF-8
server: Microsoft-IIS/10.0
set-cookie: 7thMile=e067cb46%2Daac8%2D4233%2D9fa6%2Dfc0a9cfc6fab; Max-Age=5000000; Domain=.h12-media.com; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: https://good12345.tripod.com
srg-x: x-.163
procadsent: 0.0469
x-powered-by: ARR/3.0
date: Thu, 07 Dec 2023 10:07:24 GMT
content-length: 3095
X-Firefox-Spdy: h2
good12345.tripod.com/adm/zbl/js/addons/Form.js
200 OK 2.8 kB URL GET HTTP/2 good12345.tripod.com/adm/zbl/js/addons/Form.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
File type ASCII text, with very long lines (2916), with no line terminators
Hash 7ce42b45e6619ca86d9076971ae6d916
72ffec9b75c0410324bec78adc5d25b454910872
eb46d579b89da4e7f42fb2942abc2b436aaa02d4690e480eb9167a7b5ad51545
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /adm/zbl/js/addons/Form.js HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: CookieStatus=COOKIE_OK; MEMBER_PAGE=good12345/index.html; REFERRER=(null)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 07 Dec 2023 10:07:20 GMT
content-type: application/x-javascript
x-server-ip: 209.202.244.206
accept-ranges: bytes
vary: Accept-Encoding
x-ua-compatible: IE=edge
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
x-cache: MISS from good12345.tripod.com
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
good12345.tripod.com/favicon.ico?t=1502784249
404 Not Found 5.2 kB URL GET HTTP/2 good12345.tripod.com/favicon.ico?t=1502784249
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecttripod.com
Fingerprint11:84:B6:17:BA:2A:AD:F7:D7:81:AD:68:E5:A8:C1:8E:BE:9F:95:88
ValiditySun, 05 Nov 2023 13:07:04 GMT - Sat, 03 Feb 2024 13:07:03 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5566), with no line terminators
Hash 7ca9c4aa50e35eade2b0e1ad839824bf
428b47e1728712825ecb6fbbb2954e249f13ec33
ac1cd2290a0d592f6b764a7f47ecf0d6be59a1aeb0b7d3b997fa84fdf9c6d094
GET /favicon.ico?t=1502784249 HTTP/1.1
Host: good12345.tripod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Cookie: CookieStatus=COOKIE_OK; MEMBER_PAGE=good12345/index.html; REFERRER=(null)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Thu, 07 Dec 2023 10:07:25 GMT
content-type: text/html
vary: *
x-server-ip: 209.202.244.205
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?gdpr=1&gdpr_consent=CP2b_3mP2b_3mBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACE2DB%26sp%3D519590%26pb%3D306874%26c%3D632122%26a%3D556847%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F
0 B URL GET vid.vidoomy.com/sync?gdpr=1&gdpr_consent=CP2b_3mP2b_3mBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACE2DB%26sp%3D519590%26pb%3D306874%26c%3D632122%26a%3D556847%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F
IP
Requested by https://good12345.tripod.com/
Certificate IssuerSectigo Limited
Subject*.vidoomy.com
Fingerprint18:AF:A3:4C:BA:C9:5B:1A:FC:8B:1D:B0:76:50:FE:2F:8A:44:59:F3
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sun, 06 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?gdpr=1&gdpr_consent=CP2b_3mP2b_3mBBACBENDbCsAP_AAH_AACiQJtNV_H__bW9r8X7_aft0eY1P9_j77uQxBhfJE-4F3LvW_JwXx2E5NF36tqoKmRoEu3ZBIUNlHJHUTVmwaogVryHsakWcpTNKJ6BkkFMRM2dYCF5vm4tjeQKY5_p_d3fx2D-t_dv839zzz8VHn3c5f--0-PCdU5-9Dfn9fRfb-9IP9_78v8v8_l_rk2_eT13_pcvr_D--f_87_XW-9wTYAJMNC4gC7AgJCbQMIoEAIwrCAigUAAAAkDRAQAuDAp2BgEusBEAIEUABwQAhABRkACAAACABCIAJAigQAAQCAQAAgAQCAQAEDAAKACwEAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsqEEoKhBXCAIssAKARGwUACAAARWAAICxeAwBICVCQQJdQbQAAEACAUUoVCCT0wADgkbLUHgiAAAAA.YAAAAAAAAAAA&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D%26traffic_source%3Dsnippet%26session%3D369CBC6C0AACE2DB%26sp%3D519590%26pb%3D306874%26c%3D632122%26a%3D556847%26domain%3Dhttps%3A%2F%2Fgood12345.tripod.com%2F HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:27 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Mon, 10 Jul 2023 08:04:06 GMT
etag: W/"64abbb76-c2af"
access-control-allow-origin: *
x-77-nzt: EwgBuUwJFAFBCAG5TAoJAUEIAdRmOAkBQQ
x-77-nzt-ray: af585630aed3ba355f9971650f82e72a
x-77-cache: MISS
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: MISS, MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
cdn.prplads.com/agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
200 OK 77 kB URL GET HTTP/2 cdn.prplads.com/agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint1D:DC:5D:E3:C9:52:D6:68:A1:9C:80:1E:CF:12:47:DA:C4:CF:72:EF
ValidityFri, 13 Oct 2023 12:28:33 GMT - Thu, 11 Jan 2024 12:28:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:25 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64d9569deb156256a1c7a4d2f1b1fed9"
last-modified: Thu, 30 Nov 2023 15:57:22 GMT
x-amz-id-2: xOqw5rAPwlukfCBVUGVeBgSe+P/lWJSKskjJTdc29hp76i5das+RdRxgPZOdq7QiC6qDB6C0nZs=
x-amz-request-id: NNBS93W01SHTAJ22
cache-control: max-age=86400
cf-cache-status: HIT
age: 4133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoyJe0eEEOPjZ%2F8Ece6YhqhnLuEs2gmtTHoId8MWMCNKUOptE6TWNSPEyj4mdP%2B5kEBUxneJKS%2B1jo%2FN4I%2B%2FYOnx19GaPHYnKG%2B6loIsxXcmTaQWp8dhEoA8m7JL5w66dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831bf62608ba5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
f.h12-media.com/?init=1&rnd=0.3891933143677835&h12_autoplaced_enable=1&h12_autoplaced_pub=f21629f80d751907d93079a5076d4249&h12_autoplaced_adunit=30113
200 OK 864 B URL GET HTTP/2 f.h12-media.com/?init=1&rnd=0.3891933143677835&h12_autoplaced_enable=1&h12_autoplaced_pub=f21629f80d751907d93079a5076d4249&h12_autoplaced_adunit=30113
IP
Requested by https://good12345.tripod.com/
Certificate IssuerLet's Encrypt
Subjecth12-media.com
FingerprintCF:FA:F4:37:56:D2:93:B9:F2:F4:ED:2B:0D:D4:70:F8:63:EB:D3:14
ValiditySat, 21 Oct 2023 08:17:43 GMT - Fri, 19 Jan 2024 08:17:42 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1008), with no line terminators
Hash 594ff247f6bb91c2d06d53d186cd00d4
e28644831e3026ffd2885e574eb5c547871e8c3f
14806abd6f7cd5f109ec181366f122c49655b830f99587fc270ce19c09c911d0
GET /?init=1&rnd=0.3891933143677835&h12_autoplaced_enable=1&h12_autoplaced_pub=f21629f80d751907d93079a5076d4249&h12_autoplaced_adunit=30113 HTTP/1.1
Host: f.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://good12345.tripod.com
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
content-type: application/json; Charset=UTF-8
cache-control: max-age=3600,private
access-control-allow-origin: *
x-powered-by: ARR/3.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FPoA90RfqgR%2FQRKqoMNAaCasU8IF6uFsXCQIHueXrE1Kcjne1sZyx0%2BjIXl%2FescKN1zoer1fovs9stvR8KtNz2Mt8Tyk%2FZ%2FUMT5tk65t2ZJp%2FZ8%2BdVknyPgfl9Wj%2Bg02Sw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831bf623cf51b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=6586&sizeid=2&zoneid=7638
200 OK 845 B URL GET HTTP/2 platform.bidgear.com/ads.php?domainid=6586&sizeid=2&zoneid=7638
IP
Requested by https://good12345.tripod.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (867), with no line terminators
Hash b79baf9360ad8c6e88c9150e0f2565b0
cb01c5e04d6c64aab524afe8bd294ee5611f71ea
a4d400e3bf996482bee32e8b88508c87774abaeedca2d50e4412784caf2b05c9
GET /ads.php?domainid=6586&sizeid=2&zoneid=7638 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 10:07:24 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BTCeNuyI55IGN1pmXFPOq8E%2Bi9WZPNZkmmeNWiYyAPKhYtsxrceOI4qeIiCDhRx8GmBR1Bniiw6RXHAnYH%2BsqsxV3zST99VUt3TTseWmhy5YqEXIorTYOgi1k6FGsQMYinvU50o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831bf6220fa0569d-OSL
content-encoding: br
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/923722/loaders/context.js
200 OK 323 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/923722/loaders/context.js
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (65492)
Size 323 kB (322750 bytes)
Hash 5ff4570cee30e284f8b879e26c45c535
e23e95eb480ea3ef129d9ab0706a39d16c8a59f7
6fc8d0cce3ead44c2f4bc3e9144c25d22b0b613787344d25da9e0d03f88b3d2c
GET /partner-code-bundles/923722/loaders/context.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 07 Dec 2023 10:07:26 GMT
content-type: text/javascript; charset=utf-8
content-length: 73983
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "d3039983ec36e1243f003278a8409737"
expires: Sat, 06 Dec 2053 16:42:58 GMT
last-modified: Wed, 06 Dec 2023 15:48:36 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
bs.yandex.ru/rtbcount/1OrqDaVg0Ky200000000U9nJZ6jCJCm8DserP9DR-t7VNFPKoxYPXQaCGE094majlCWS6sjpMPaXbH4ediacT_SXIBmKnAkz2YHQ6Sk1v4n6DmO8MCYe0cMjPEI4ilOoBdh0n72KaHN8Fii8qdeLJDvbP90mO9ZB168lPJh5pC2mbYaAf8RfFn0yPMBHP61unIImislBPJOvHWPVySf5BxZP6FuoiO0iPWOPryki22IdCeECcClC1hAMcOb10M8jynQUWumdcUC-7ixSF-cYo5MmghjWyYcpwSqFN3-P7Ppu8SvcYNVL0aamh61nsy3o7mOOTo2n3o2nRxASF0C2J-mViko-yFjYWzaD-xSi82SriOgav-Ud61ePcvZgbHHb5kIdw2NdvovWvJt9kkyRBzYw2wmD8C3qbHLas2zMJaCBOrDJCnC3qmQshPiEXtUmDR3COBjoE7W1suz_6rytJvcpKsmb6yoU0smU9zYO7x7n5WMwMLa4-VcbftdacRzaWuJs1_kVSDP4zfT7gjWKNTxPRs1dsi7EU89TyW7xfEiFJ_oxUUcTomzsdWKSRYiuL3PmSExWOBp5WH7KJpaO61hiUpb1_fhA2Ghs1PmDp2iu2pTmnfxWPBp0oNY3a_K39-CFJaO0cvR71000?confirmTime=-1&confirmRatio=1000000&test-tag=40681930232834&actual-format=10&rnd=9726329522908&pcode-active-testids=905418%2C0%2C62%3B910216%2C0%2C3&pcode-test-ids-from-count=913082%2C0%2C75%3B918135%2C0%2C56%3B909919%2C0%2C41%3B901183%2C0%2C83%3B917808%2C0%2C70%3B919402%2C0%2C81%3B917139%2C0%2C61%3B882595%2C0%2C79%3B892905%2C0%2C40%3B906702%2C0%2C31%3B910216%2C0%2C3%3B910552%2C0%2C18%3B914206%2C0%2C78%3B905418%2C0%2C62%3B923722%2C0%2C68&banner-sizes=eyI3MjA1NzYwNzU3NzEwNzQyNiI6Ijk3MHg5MCJ9&width=970&height=90
0 B URL GET bs.yandex.ru/rtbcount/1OrqDaVg0Ky200000000U9nJZ6jCJCm8DserP9DR-t7VNFPKoxYPXQaCGE094majlCWS6sjpMPaXbH4ediacT_SXIBmKnAkz2YHQ6Sk1v4n6DmO8MCYe0cMjPEI4ilOoBdh0n72KaHN8Fii8qdeLJDvbP90mO9ZB168lPJh5pC2mbYaAf8RfFn0yPMBHP61unIImislBPJOvHWPVySf5BxZP6FuoiO0iPWOPryki22IdCeECcClC1hAMcOb10M8jynQUWumdcUC-7ixSF-cYo5MmghjWyYcpwSqFN3-P7Ppu8SvcYNVL0aamh61nsy3o7mOOTo2n3o2nRxASF0C2J-mViko-yFjYWzaD-xSi82SriOgav-Ud61ePcvZgbHHb5kIdw2NdvovWvJt9kkyRBzYw2wmD8C3qbHLas2zMJaCBOrDJCnC3qmQshPiEXtUmDR3COBjoE7W1suz_6rytJvcpKsmb6yoU0smU9zYO7x7n5WMwMLa4-VcbftdacRzaWuJs1_kVSDP4zfT7gjWKNTxPRs1dsi7EU89TyW7xfEiFJ_oxUUcTomzsdWKSRYiuL3PmSExWOBp5WH7KJpaO61hiUpb1_fhA2Ghs1PmDp2iu2pTmnfxWPBp0oNY3a_K39-CFJaO0cvR71000?confirmTime=-1&confirmRatio=1000000&test-tag=40681930232834&actual-format=10&rnd=9726329522908&pcode-active-testids=905418%2C0%2C62%3B910216%2C0%2C3&pcode-test-ids-from-count=913082%2C0%2C75%3B918135%2C0%2C56%3B909919%2C0%2C41%3B901183%2C0%2C83%3B917808%2C0%2C70%3B919402%2C0%2C81%3B917139%2C0%2C61%3B882595%2C0%2C79%3B892905%2C0%2C40%3B906702%2C0%2C31%3B910216%2C0%2C3%3B910552%2C0%2C18%3B914206%2C0%2C78%3B905418%2C0%2C62%3B923722%2C0%2C68&banner-sizes=eyI3MjA1NzYwNzU3NzEwNzQyNiI6Ijk3MHg5MCJ9&width=970&height=90
IP
Requested by https://good12345.tripod.com/
Certificate IssuerGlobalSign nv-sa
Subjectbs.yandex.ru
Fingerprint2D:C7:B4:EE:E5:27:AC:B2:A3:3B:D7:05:03:6E:54:31:5E:D2:25:AB
ValiditySun, 24 Sep 2023 21:01:39 GMT - Sun, 24 Mar 2024 20:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtbcount/1OrqDaVg0Ky200000000U9nJZ6jCJCm8DserP9DR-t7VNFPKoxYPXQaCGE094majlCWS6sjpMPaXbH4ediacT_SXIBmKnAkz2YHQ6Sk1v4n6DmO8MCYe0cMjPEI4ilOoBdh0n72KaHN8Fii8qdeLJDvbP90mO9ZB168lPJh5pC2mbYaAf8RfFn0yPMBHP61unIImislBPJOvHWPVySf5BxZP6FuoiO0iPWOPryki22IdCeECcClC1hAMcOb10M8jynQUWumdcUC-7ixSF-cYo5MmghjWyYcpwSqFN3-P7Ppu8SvcYNVL0aamh61nsy3o7mOOTo2n3o2nRxASF0C2J-mViko-yFjYWzaD-xSi82SriOgav-Ud61ePcvZgbHHb5kIdw2NdvovWvJt9kkyRBzYw2wmD8C3qbHLas2zMJaCBOrDJCnC3qmQshPiEXtUmDR3COBjoE7W1suz_6rytJvcpKsmb6yoU0smU9zYO7x7n5WMwMLa4-VcbftdacRzaWuJs1_kVSDP4zfT7gjWKNTxPRs1dsi7EU89TyW7xfEiFJ_oxUUcTomzsdWKSRYiuL3PmSExWOBp5WH7KJpaO61hiUpb1_fhA2Ghs1PmDp2iu2pTmnfxWPBp0oNY3a_K39-CFJaO0cvR71000?confirmTime=-1&confirmRatio=1000000&test-tag=40681930232834&actual-format=10&rnd=9726329522908&pcode-active-testids=905418%2C0%2C62%3B910216%2C0%2C3&pcode-test-ids-from-count=913082%2C0%2C75%3B918135%2C0%2C56%3B909919%2C0%2C41%3B901183%2C0%2C83%3B917808%2C0%2C70%3B919402%2C0%2C81%3B917139%2C0%2C61%3B882595%2C0%2C79%3B892905%2C0%2C40%3B906702%2C0%2C31%3B910216%2C0%2C3%3B910552%2C0%2C18%3B914206%2C0%2C78%3B905418%2C0%2C62%3B923722%2C0%2C68&banner-sizes=eyI3MjA1NzYwNzU3NzEwNzQyNiI6Ijk3MHg5MCJ9&width=970&height=90 HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://good12345.tripod.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 07 Dec 2023 10:07:27 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 10:07:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 07 Dec 2023 10:07:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
209.202.252.105
87.250.250.36
185.83.69.58
51.83.220.94
145.40.97.67
104.18.34.178
52.214.108.139
2.18.173.172
0.0.0.0